From d994eeedda788efc28b630e10a33548453293473 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= Date: Wed, 26 Aug 2015 09:25:17 +0000 Subject: [PATCH 001/154] Vendor import of OpenSSH 7.0p1 --- ChangeLog | 933 +++++++++++------- OVERVIEW | 6 +- PROTOCOL | 3 +- PROTOCOL.mux | 8 +- README | 2 +- addrmatch.c | 3 +- auth-options.c | 46 +- auth.c | 6 +- auth2-chall.c | 11 +- authfd.c | 4 +- authfile.c | 8 +- cipher.h | 5 +- clientloop.c | 10 +- compat.c | 8 +- config.h.in | 2 +- configure | 172 +++- configure.ac | 29 +- contrib/redhat/openssh.spec | 2 +- contrib/suse/openssh.spec | 2 +- kex.c | 93 +- kex.h | 5 +- key.c | 6 +- key.h | 5 +- krl.c | 10 +- log.c | 3 +- moduli | 513 +++++----- moduli.0 | 2 +- monitor.c | 6 +- monitor_wrap.c | 1 - myproposal.h | 11 +- openbsd-compat/openbsd-compat.h | 10 +- openbsd-compat/port-linux.c | 4 +- openbsd-compat/realpath.c | 7 +- packet.c | 13 +- readconf.c | 54 +- readconf.h | 5 +- regress/cert-hostkey.sh | 169 ++-- regress/cert-userkey.sh | 64 +- regress/hostkey-agent.sh | 7 +- regress/hostkey-rotate.sh | 8 +- regress/keygen-knownhosts.sh | 22 +- regress/keytype.sh | 14 +- regress/principals-command.sh | 200 ++-- regress/unittests/Makefile.inc | 2 +- regress/unittests/kex/test_kex.c | 7 +- regress/unittests/sshkey/mktestdata.sh | 6 +- regress/unittests/sshkey/test_file.c | 20 +- regress/unittests/sshkey/test_sshkey.c | 12 +- regress/unittests/sshkey/testdata/dsa_1 | 20 +- .../unittests/sshkey/testdata/dsa_1-cert.fp | 2 +- .../unittests/sshkey/testdata/dsa_1-cert.pub | 2 +- regress/unittests/sshkey/testdata/dsa_1.fp | 2 +- regress/unittests/sshkey/testdata/dsa_1.fp.bb | 2 +- .../unittests/sshkey/testdata/dsa_1.param.g | 2 +- .../sshkey/testdata/dsa_1.param.priv | 2 +- .../unittests/sshkey/testdata/dsa_1.param.pub | 2 +- regress/unittests/sshkey/testdata/dsa_1.pub | 2 +- regress/unittests/sshkey/testdata/dsa_1_pw | 22 +- regress/unittests/sshkey/testdata/dsa_2 | 20 +- regress/unittests/sshkey/testdata/dsa_2.fp | 2 +- regress/unittests/sshkey/testdata/dsa_2.fp.bb | 2 +- regress/unittests/sshkey/testdata/dsa_2.pub | 2 +- regress/unittests/sshkey/testdata/dsa_n | 20 +- regress/unittests/sshkey/testdata/dsa_n_pw | 39 +- regress/unittests/sshkey/testdata/ecdsa_1 | 6 +- .../unittests/sshkey/testdata/ecdsa_1-cert.fp | 2 +- .../sshkey/testdata/ecdsa_1-cert.pub | 2 +- regress/unittests/sshkey/testdata/ecdsa_1.fp | 2 +- .../unittests/sshkey/testdata/ecdsa_1.fp.bb | 2 +- .../sshkey/testdata/ecdsa_1.param.priv | 2 +- .../sshkey/testdata/ecdsa_1.param.pub | 2 +- regress/unittests/sshkey/testdata/ecdsa_1.pub | 2 +- regress/unittests/sshkey/testdata/ecdsa_1_pw | 8 +- regress/unittests/sshkey/testdata/ecdsa_2 | 10 +- regress/unittests/sshkey/testdata/ecdsa_2.fp | 2 +- .../unittests/sshkey/testdata/ecdsa_2.fp.bb | 2 +- .../sshkey/testdata/ecdsa_2.param.priv | 2 +- .../sshkey/testdata/ecdsa_2.param.pub | 2 +- regress/unittests/sshkey/testdata/ecdsa_2.pub | 2 +- regress/unittests/sshkey/testdata/ecdsa_n | 6 +- regress/unittests/sshkey/testdata/ecdsa_n_pw | 14 +- regress/unittests/sshkey/testdata/ed25519_1 | 8 +- .../sshkey/testdata/ed25519_1-cert.fp | 2 +- .../sshkey/testdata/ed25519_1-cert.pub | 2 +- .../unittests/sshkey/testdata/ed25519_1.fp | 2 +- .../unittests/sshkey/testdata/ed25519_1.fp.bb | 2 +- .../unittests/sshkey/testdata/ed25519_1.pub | 2 +- .../unittests/sshkey/testdata/ed25519_1_pw | 12 +- regress/unittests/sshkey/testdata/ed25519_2 | 8 +- .../unittests/sshkey/testdata/ed25519_2.fp | 2 +- .../unittests/sshkey/testdata/ed25519_2.fp.bb | 2 +- .../unittests/sshkey/testdata/ed25519_2.pub | 2 +- regress/unittests/sshkey/testdata/rsa1_1 | Bin 421 -> 533 bytes regress/unittests/sshkey/testdata/rsa1_1.fp | 2 +- .../unittests/sshkey/testdata/rsa1_1.fp.bb | 2 +- .../unittests/sshkey/testdata/rsa1_1.param.n | 2 +- regress/unittests/sshkey/testdata/rsa1_1.pub | 2 +- regress/unittests/sshkey/testdata/rsa1_1_pw | Bin 421 -> 533 bytes regress/unittests/sshkey/testdata/rsa1_2 | Bin 981 -> 981 bytes regress/unittests/sshkey/testdata/rsa1_2.fp | 2 +- .../unittests/sshkey/testdata/rsa1_2.fp.bb | 2 +- .../unittests/sshkey/testdata/rsa1_2.param.n | 2 +- regress/unittests/sshkey/testdata/rsa1_2.pub | 2 +- regress/unittests/sshkey/testdata/rsa_1 | 23 +- .../unittests/sshkey/testdata/rsa_1-cert.fp | 2 +- .../unittests/sshkey/testdata/rsa_1-cert.pub | 2 +- regress/unittests/sshkey/testdata/rsa_1.fp | 2 +- regress/unittests/sshkey/testdata/rsa_1.fp.bb | 2 +- .../unittests/sshkey/testdata/rsa_1.param.n | 2 +- .../unittests/sshkey/testdata/rsa_1.param.p | 2 +- .../unittests/sshkey/testdata/rsa_1.param.q | 2 +- regress/unittests/sshkey/testdata/rsa_1.pub | 2 +- regress/unittests/sshkey/testdata/rsa_1_pw | 25 +- regress/unittests/sshkey/testdata/rsa_2 | 50 +- regress/unittests/sshkey/testdata/rsa_2.fp | 2 +- regress/unittests/sshkey/testdata/rsa_2.fp.bb | 2 +- .../unittests/sshkey/testdata/rsa_2.param.n | 2 +- .../unittests/sshkey/testdata/rsa_2.param.p | 2 +- .../unittests/sshkey/testdata/rsa_2.param.q | 2 +- regress/unittests/sshkey/testdata/rsa_2.pub | 2 +- regress/unittests/sshkey/testdata/rsa_n | 23 +- regress/unittests/sshkey/testdata/rsa_n_pw | 27 +- sandbox-systrace.c | 5 +- scp.0 | 3 +- scp.1 | 5 +- servconf.c | 39 +- servconf.h | 3 +- sftp-server.0 | 2 +- sftp.0 | 2 +- ssh-add.0 | 2 +- ssh-add.c | 5 +- ssh-agent.0 | 2 +- ssh-agent.c | 5 +- ssh-keygen.0 | 4 +- ssh-keygen.1 | 6 +- ssh-keygen.c | 71 +- ssh-keyscan.0 | 2 +- ssh-keysign.0 | 2 +- ssh-keysign.c | 3 +- ssh-pkcs11-helper.0 | 2 +- ssh-pkcs11.c | 25 +- ssh.0 | 70 +- ssh.1 | 129 ++- ssh.c | 39 +- ssh.h | 2 +- ssh_config.0 | 81 +- ssh_config.5 | 72 +- sshconnect2.c | 70 +- sshd.0 | 15 +- sshd.8 | 17 +- sshd.c | 49 +- sshd_config | 4 +- sshd_config.0 | 113 ++- sshd_config.5 | 106 +- sshkey.c | 108 +- sshkey.h | 7 +- sshpty.c | 4 +- version.h | 4 +- 158 files changed, 2427 insertions(+), 1637 deletions(-) diff --git a/ChangeLog b/ChangeLog index c63681f16bd..ed050211565 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,575 @@ +commit 1dc8d93ce69d6565747eb44446ed117187621b26 +Author: deraadt@openbsd.org +Date: Thu Aug 6 14:53:21 2015 +0000 + + upstream commit + + add prohibit-password as a synonymn for without-password, + since the without-password is causing too many questions. Harden it to ban + all but pubkey, hostbased, and GSSAPI auth (when the latter is enabled) from + djm, ok markus + + Upstream-ID: d53317d7b28942153e6236d3fd6e12ceb482db7a + +commit 90a95a4745a531b62b81ce3b025e892bdc434de5 +Author: Damien Miller +Date: Tue Aug 11 13:53:41 2015 +1000 + + update version in README + +commit 318c37743534b58124f1bab37a8a0087a3a9bd2f +Author: Damien Miller +Date: Tue Aug 11 13:53:09 2015 +1000 + + update versions in *.spec + +commit 5e75f5198769056089fb06c4d738ab0e5abc66f7 +Author: Damien Miller +Date: Tue Aug 11 13:34:12 2015 +1000 + + set sshpam_ctxt to NULL after free + + Avoids use-after-free in monitor when privsep child is compromised. + Reported by Moritz Jodeit; ok dtucker@ + +commit d4697fe9a28dab7255c60433e4dd23cf7fce8a8b +Author: Damien Miller +Date: Tue Aug 11 13:33:24 2015 +1000 + + Don't resend username to PAM; it already has it. + + Pointed out by Moritz Jodeit; ok dtucker@ + +commit 88763a6c893bf3dfe951ba9271bf09715e8d91ca +Author: Darren Tucker +Date: Mon Jul 27 12:14:25 2015 +1000 + + Import updated moduli file from OpenBSD. + +commit 55b263fb7cfeacb81aaf1c2036e0394c881637da +Author: Damien Miller +Date: Mon Aug 10 11:13:44 2015 +1000 + + let principals-command.sh work for noexec /var/run + +commit 2651e34cd11b1aac3a0fe23b86d8c2ff35c07897 +Author: Damien Miller +Date: Thu Aug 6 11:43:42 2015 +1000 + + work around echo -n / sed behaviour in tests + +commit d85dad81778c1aa8106acd46930b25fdf0d15b2a +Author: djm@openbsd.org +Date: Wed Aug 5 05:27:33 2015 +0000 + + upstream commit + + adjust for RSA minimum modulus switch; ok deraadt@ + + Upstream-Regress-ID: 5a72c83431b96224d583c573ca281cd3a3ebfdae + +commit 57e8e229bad5fe6056b5f1199665f5f7008192c6 +Author: djm@openbsd.org +Date: Tue Aug 4 05:23:06 2015 +0000 + + upstream commit + + backout SSH_RSA_MINIMUM_MODULUS_SIZE increase for this + release; problems spotted by sthen@ ok deraadt@ markus@ + + Upstream-ID: d0bd60dde9e8c3cd7030007680371894c1499822 + +commit f097d0ea1e0889ca0fa2e53a00214e43ab7fa22a +Author: djm@openbsd.org +Date: Sun Aug 2 09:56:42 2015 +0000 + + upstream commit + + openssh 7.0; ok deraadt@ + + Upstream-ID: c63afdef537f57f28ae84145c5a8e29e9250221f + +commit 3d5728a0f6874ce4efb16913a12963595070f3a9 +Author: chris@openbsd.org +Date: Fri Jul 31 15:38:09 2015 +0000 + + upstream commit + + Allow PermitRootLogin to be overridden by config + + ok markus@ deeradt@ + + Upstream-ID: 5cf3e26ed702888de84e2dc9d0054ccf4d9125b4 + +commit 6f941396b6835ad18018845f515b0c4fe20be21a +Author: djm@openbsd.org +Date: Thu Jul 30 23:09:15 2015 +0000 + + upstream commit + + fix pty permissions; patch from Nikolay Edigaryev; ok + deraadt + + Upstream-ID: 40ff076d2878b916fbfd8e4f45dbe5bec019e550 + +commit f4373ed1e8fbc7c8ce3fc4ea97d0ba2e0c1d7ef0 +Author: deraadt@openbsd.org +Date: Thu Jul 30 19:23:02 2015 +0000 + + upstream commit + + change default: PermitRootLogin without-password matching + install script changes coming as well ok djm markus + + Upstream-ID: 0e2a6c4441daf5498b47a61767382bead5eb8ea6 + +commit 0c30ba91f87fcda7e975e6ff8a057f624e87ea1c +Author: Damien Miller +Date: Thu Jul 30 12:31:39 2015 +1000 + + downgrade OOM adjustment logging: verbose -> debug + +commit f9eca249d4961f28ae4b09186d7dc91de74b5895 +Author: djm@openbsd.org +Date: Thu Jul 30 00:01:34 2015 +0000 + + upstream commit + + Allow ssh_config and sshd_config kex parameters options be + prefixed by a '+' to indicate that the specified items be appended to the + default rather than replacing it. + + approach suggested by dtucker@, feedback dlg@, ok markus@ + + Upstream-ID: 0f901137298fc17095d5756ff1561a7028e8882a + +commit 5cefe769105a2a2e3ca7479d28d9a325d5ef0163 +Author: djm@openbsd.org +Date: Wed Jul 29 08:34:54 2015 +0000 + + upstream commit + + fix bug in previous; was printing incorrect string for + failed host key algorithms negotiation + + Upstream-ID: 22c0dc6bc61930513065d92e11f0753adc4c6e6e + +commit f319912b0d0e1675b8bb051ed8213792c788bcb2 +Author: djm@openbsd.org +Date: Wed Jul 29 04:43:06 2015 +0000 + + upstream commit + + include the peer's offer when logging a failure to + negotiate a mutual set of algorithms (kex, pubkey, ciphers, etc.) ok markus@ + + Upstream-ID: bbb8caabf5c01790bb845f5ce135565248d7c796 + +commit b6ea0e573042eb85d84defb19227c89eb74cf05a +Author: djm@openbsd.org +Date: Tue Jul 28 23:20:42 2015 +0000 + + upstream commit + + add Cisco to the list of clients that choke on the + hostkeys update extension. Pointed out by Howard Kash + + Upstream-ID: c9eadde28ecec056c73d09ee10ba4570dfba7e84 + +commit 3f628c7b537291c1019ce86af90756fb4e66d0fd +Author: guenther@openbsd.org +Date: Mon Jul 27 16:29:23 2015 +0000 + + upstream commit + + Permit kbind(2) use in the sandbox now, to ease testing + of ld.so work using it + + reminded by miod@, ok deraadt@ + + Upstream-ID: 523922e4d1ba7a091e3824e77a8a3c818ee97413 + +commit ebe27ebe520098bbc0fe58945a87ce8490121edb +Author: millert@openbsd.org +Date: Mon Jul 20 18:44:12 2015 +0000 + + upstream commit + + Move .Pp before .Bl, not after to quiet mandoc -Tlint. + Noticed by jmc@ + + Upstream-ID: 59fadbf8407cec4e6931e50c53cfa0214a848e23 + +commit d5d91d0da819611167782c66ab629159169d94d4 +Author: millert@openbsd.org +Date: Mon Jul 20 18:42:35 2015 +0000 + + upstream commit + + Sync usage with SYNOPSIS + + Upstream-ID: 7a321a170181a54f6450deabaccb6ef60cf3f0b7 + +commit 79ec2142fbc68dd2ed9688608da355fc0b1ed743 +Author: millert@openbsd.org +Date: Mon Jul 20 15:39:52 2015 +0000 + + upstream commit + + Better desciption of Unix domain socket forwarding. + bz#2423; ok jmc@ + + Upstream-ID: 85e28874726897e3f26ae50dfa2e8d2de683805d + +commit d56fd1828074a4031b18b8faa0bf949669eb18a0 +Author: Damien Miller +Date: Mon Jul 20 11:19:51 2015 +1000 + + make realpath.c compile -Wsign-compare clean + +commit c63c9a691dca26bb7648827f5a13668832948929 +Author: djm@openbsd.org +Date: Mon Jul 20 00:30:01 2015 +0000 + + upstream commit + + mention that the default of UseDNS=no implies that + hostnames cannot be used for host matching in sshd_config and + authorized_keys; bz#2045, ok dtucker@ + + Upstream-ID: 0812705d5f2dfa59aab01f2764ee800b1741c4e1 + +commit 63ebcd0005e9894fcd6871b7b80aeea1fec0ff76 +Author: djm@openbsd.org +Date: Sat Jul 18 08:02:17 2015 +0000 + + upstream commit + + don't ignore PKCS#11 hosted keys that return empty + CKA_ID; patch by Jakub Jelen via bz#2429; ok markus + + Upstream-ID: 2f7c94744eb0342f8ee8bf97b2351d4e00116485 + +commit b15fd989c8c62074397160147a8d5bc34b3f3c63 +Author: djm@openbsd.org +Date: Sat Jul 18 08:00:21 2015 +0000 + + upstream commit + + skip uninitialised PKCS#11 slots; patch from Jakub Jelen + in bz#2427 ok markus@ + + Upstream-ID: 744c1e7796e237ad32992d0d02148e8a18f27d29 + +commit 5b64f85bb811246c59ebab70aed331f26ba37b18 +Author: djm@openbsd.org +Date: Sat Jul 18 07:57:14 2015 +0000 + + upstream commit + + only query each keyboard-interactive device once per + authentication request regardless of how many times it is listed; ok markus@ + + Upstream-ID: d73fafba6e86030436ff673656ec1f33d9ffeda1 + +commit cd7324d0667794eb5c236d8a4e0f236251babc2d +Author: djm@openbsd.org +Date: Fri Jul 17 03:34:27 2015 +0000 + + upstream commit + + remove -u flag to diff (only used for error output) to make + things easier for -portable + + Upstream-Regress-ID: a5d6777d2909540d87afec3039d9bb2414ade548 + +commit deb8d99ecba70b67f4af7880b11ca8768df9ec3a +Author: djm@openbsd.org +Date: Fri Jul 17 03:09:19 2015 +0000 + + upstream commit + + direct-streamlocal@openssh.com Unix domain foward + messages do not contain a "reserved for future use" field and in fact, + serverloop.c checks that there isn't one. Remove erroneous mention from + PROTOCOL description. bz#2421 from Daniel Black + + Upstream-ID: 3d51a19e64f72f764682f1b08f35a8aa810a43ac + +commit 356b61f365405b5257f5b2ab446e5d7bd33a7b52 +Author: djm@openbsd.org +Date: Fri Jul 17 03:04:27 2015 +0000 + + upstream commit + + describe magic for setting up Unix domain socket fowards + via the mux channel; bz#2422 patch from Daniel Black + + Upstream-ID: 943080fe3864715c423bdeb7c920bb30c4eee861 + +commit d3e2aee41487d55b8d7d40f538b84ff1db7989bc +Author: Darren Tucker +Date: Fri Jul 17 12:52:34 2015 +1000 + + Check if realpath works on nonexistent files. + + On some platforms the native realpath doesn't work with non-existent + files (this is actually specified in some versions of POSIX), however + the sftp spec says its realpath with "canonicalize any given path name". + On those platforms, use realpath from the compat library. + + In addition, when compiling with -DFORTIFY_SOURCE, glibc redefines + the realpath symbol to the checked version, so redefine ours to + something else so we pick up the compat version we want. + + bz#2428, ok djm@ + +commit 25b14610dab655646a109db5ef8cb4c4bf2a48a0 +Author: djm@openbsd.org +Date: Fri Jul 17 02:47:45 2015 +0000 + + upstream commit + + fix incorrect test for SSH1 keys when compiled without SSH1 + support + + Upstream-ID: 6004d720345b8e481c405e8ad05ce2271726e451 + +commit df56a8035d429b2184ee94aaa7e580c1ff67f73a +Author: djm@openbsd.org +Date: Wed Jul 15 08:00:11 2015 +0000 + + upstream commit + + fix NULL-deref when SSH1 reenabled + + Upstream-ID: f22fd805288c92b3e9646782d15b48894b2d5295 + +commit 41e38c4d49dd60908484e6703316651333f16b93 +Author: djm@openbsd.org +Date: Wed Jul 15 07:19:50 2015 +0000 + + upstream commit + + regen RSA1 test keys; the last batch was missing their + private parts + + Upstream-Regress-ID: 7ccf437305dd63ff0b48dd50c5fd0f4d4230c10a + +commit 5bf0933184cb622ca3f96d224bf3299fd2285acc +Author: markus@openbsd.org +Date: Fri Jul 10 06:23:25 2015 +0000 + + upstream commit + + Adapt tests, now that DSA if off by default; use + PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA. + + Upstream-Regress-ID: 0ff2a3ff5ac1ce5f92321d27aa07b98656efcc5c + +commit 7a6e3fd7b41dbd3756b6bf9acd67954c0b1564cc +Author: markus@openbsd.org +Date: Tue Jul 7 14:54:16 2015 +0000 + + upstream commit + + regen test data after mktestdata.sh changes + + Upstream-Regress-ID: 3495ecb082b9a7c048a2d7c5c845d3bf181d25a4 + +commit 7c8c174c69f681d4910fa41c37646763692b28e2 +Author: markus@openbsd.org +Date: Tue Jul 7 14:53:30 2015 +0000 + + upstream commit + + adapt tests to new minimum RSA size and default FP format + + Upstream-Regress-ID: a4b30afd174ce82b96df14eb49fb0b81398ffd0e + +commit 6a977a4b68747ade189e43d302f33403fd4a47ac +Author: djm@openbsd.org +Date: Fri Jul 3 04:39:23 2015 +0000 + + upstream commit + + legacy v00 certificates are gone; adapt and don't try to + test them; "sure" markus@ dtucker@ + + Upstream-Regress-ID: c57321e69b3cd4a3b3396dfcc43f0803d047da12 + +commit 0c4123ad5e93fb90fee9c6635b13a6cdabaac385 +Author: djm@openbsd.org +Date: Wed Jul 1 23:11:18 2015 +0000 + + upstream commit + + don't expect SSH v.1 in unittests + + Upstream-Regress-ID: f8812b16668ba78e6a698646b2a652b90b653397 + +commit 3c099845798a817cdde513c39074ec2063781f18 +Author: djm@openbsd.org +Date: Mon Jun 15 06:38:50 2015 +0000 + + upstream commit + + turn SSH1 back on to match src/usr.bin/ssh being tested + + Upstream-Regress-ID: 6c4f763a2f0cc6893bf33983919e9030ae638333 + +commit b1dc2b33689668c75e95f873a42d5aea1f4af1db +Author: dtucker@openbsd.org +Date: Mon Jul 13 04:57:14 2015 +0000 + + upstream commit + + Add "PuTTY_Local:" to the clients to which we do not + offer DH-GEX. This was the string that was used for development versions + prior to September 2014 and they don't do RFC4419 DH-GEX, but unfortunately + there are some extant products based on those versions. bx2424 from Jay + Rouman, ok markus@ djm@ + + Upstream-ID: be34d41e18b966832fe09ca243d275b81882e1d5 + +commit 3a1638dda19bbc73d0ae02b4c251ce08e564b4b9 +Author: markus@openbsd.org +Date: Fri Jul 10 06:21:53 2015 +0000 + + upstream commit + + Turn off DSA by default; add HostKeyAlgorithms to the + server and PubkeyAcceptedKeyTypes to the client side, so it still can be + tested or turned back on; feedback and ok djm@ + + Upstream-ID: 8450a9e6d83f80c9bfed864ff061dfc9323cec21 + +commit 16db0a7ee9a87945cc594d13863cfcb86038db59 +Author: markus@openbsd.org +Date: Thu Jul 9 09:49:46 2015 +0000 + + upstream commit + + re-enable ed25519-certs if compiled w/o openssl; ok djm + + Upstream-ID: e10c90808b001fd2c7a93778418e9b318f5c4c49 + +commit c355bf306ac33de6545ce9dac22b84a194601e2f +Author: markus@openbsd.org +Date: Wed Jul 8 20:24:02 2015 +0000 + + upstream commit + + no need to include the old buffer/key API + + Upstream-ID: fb13c9f7c0bba2545f3eb0a0e69cb0030819f52b + +commit a3cc48cdf9853f1e832d78cb29bedfab7adce1ee +Author: markus@openbsd.org +Date: Wed Jul 8 19:09:25 2015 +0000 + + upstream commit + + typedefs for Cipher&CipherContext are unused + + Upstream-ID: 50e6a18ee92221d23ad173a96d5b6c42207cf9a7 + +commit a635bd06b5c427a57c3ae760d3a2730bb2c863c0 +Author: markus@openbsd.org +Date: Wed Jul 8 19:04:21 2015 +0000 + + upstream commit + + xmalloc.h is unused + + Upstream-ID: afb532355b7fa7135a60d944ca1e644d1d63cb58 + +commit 2521cf0e36c7f3f6b19f206da0af134f535e4a31 +Author: markus@openbsd.org +Date: Wed Jul 8 19:01:15 2015 +0000 + + upstream commit + + compress.c is gone + + Upstream-ID: 174fa7faa9b9643cba06164b5e498591356fbced + +commit c65a7aa6c43aa7a308ee1ab8a96f216169ae9615 +Author: djm@openbsd.org +Date: Fri Jul 3 04:05:54 2015 +0000 + + upstream commit + + another SSH_RSA_MINIMUM_MODULUS_SIZE that needed + cranking + + Upstream-ID: 9d8826cafe96aab4ae8e2f6fd22800874b7ffef1 + +commit b1f383da5cd3cb921fc7776f17a14f44b8a31757 +Author: djm@openbsd.org +Date: Fri Jul 3 03:56:25 2015 +0000 + + upstream commit + + add an XXX reminder for getting correct key paths from + sshd_config + + Upstream-ID: feae52b209d7782ad742df04a4260e9fe41741db + +commit 933935ce8d093996c34d7efa4d59113163080680 +Author: djm@openbsd.org +Date: Fri Jul 3 03:49:45 2015 +0000 + + upstream commit + + refuse to generate or accept RSA keys smaller than 1024 + bits; feedback and ok dtucker@ + + Upstream-ID: 7ea3d31271366ba264f06e34a3539bf1ac30f0ba + +commit bdfd29f60b74f3e678297269dc6247a5699583c1 +Author: djm@openbsd.org +Date: Fri Jul 3 03:47:00 2015 +0000 + + upstream commit + + turn off 1024 bit diffie-hellman-group1-sha1 key + exchange method (already off in server, this turns it off in the client by + default too) ok dtucker@ + + Upstream-ID: f59b88f449210ab7acf7d9d88f20f1daee97a4fa + +commit c28fc62d789d860c75e23a9fa9fb250eb2beca57 +Author: djm@openbsd.org +Date: Fri Jul 3 03:43:18 2015 +0000 + + upstream commit + + delete support for legacy v00 certificates; "sure" + markus@ dtucker@ + + Upstream-ID: b5b9bb5f9202d09e88f912989d74928601b6636f + +commit 564d63e1b4a9637a209d42a9d49646781fc9caef +Author: djm@openbsd.org +Date: Wed Jul 1 23:10:47 2015 +0000 + + upstream commit + + Compile-time disable SSH v.1 again + + Upstream-ID: 1d4b513a3a06232f02650b73bad25100d1b800af + +commit 868109b650504dd9bcccdb1f51d0906f967c20ff +Author: djm@openbsd.org +Date: Wed Jul 1 02:39:06 2015 +0000 + + upstream commit + + twiddle PermitRootLogin back + + Upstream-ID: 2bd23976305d0512e9f84d054e1fc23cd70b89f2 + commit 7de4b03a6e4071d454b72927ffaf52949fa34545 Author: djm@openbsd.org Date: Wed Jul 1 02:32:17 2015 +0000 @@ -8572,364 +9144,3 @@ Date: Wed Aug 21 02:38:51 2013 +1000 fix some whitespace at EOL make list of commands an enum rather than a long list of defines add -a to usage() - -commit acd2060f750c16d48b87b92a10b5a833227baf9d -Author: Darren Tucker -Date: Thu Aug 8 17:02:12 2013 +1000 - - - (dtucker) [regress/Makefile regress/test-exec.sh] Roll back the -nt - removal. The "make clean" removes modpipe which is built by the top-level - directory before running the tests. Spotted by tim@ - -commit 9542de4547beebf707f3640082d471f1a85534c9 -Author: Darren Tucker -Date: Thu Aug 8 12:50:06 2013 +1000 - - - (dtucker) [misc.c] Remove define added for fallback testing that was - mistakenly included in the previous commit. - -commit 94396b7f06f512a0acb230640d7f703fb802a9ee -Author: Darren Tucker -Date: Thu Aug 8 11:52:37 2013 +1000 - - - (dtucker) [misc.c] Fall back to time(2) at runtime if clock_gettime( - CLOCK_MONOTONIC...) fails. Some older versions of RHEL have the - CLOCK_MONOTONIC define but don't actually support it. Found and tested - by Kevin Brott, ok djm. - -commit a5a3cbfa0fb8ef011d3e7b38910a13f6ebbb8818 -Author: Darren Tucker -Date: Thu Aug 8 10:58:49 2013 +1000 - - - (dtucker) [regress/Makefile regress/test-exec.sh] Don't try to use test -nt - since some platforms (eg really old FreeBSD) don't have it. Instead, - run "make clean" before a complete regress run. ok djm. - -commit f3ab2c5f9cf4aed44971eded3ac9eeb1344b2be5 -Author: Darren Tucker -Date: Sun Aug 4 21:48:41 2013 +1000 - - - (dtucker) [auth-krb5.c configure.ac openbsd-compat/bsd-misc.h] Add support - for building with older Heimdal versions. ok djm. - -commit ab3575c055adfbce70fa7405345cf0f80b07c827 -Author: Damien Miller -Date: Thu Aug 1 14:34:16 2013 +1000 - - - (djm) [sshlogin.h] Fix prototype merge botch from 2006; bz#2134 - -commit c192a4c4f6da907dc0e67a3ca61d806f9a92c931 -Author: Damien Miller -Date: Thu Aug 1 14:29:20 2013 +1000 - - - (djm) [channels.c channels.h] bz#2135: On Solaris, isatty() on a non- - blocking connecting socket will clear any stored errno that might - otherwise have been retrievable via getsockopt(). A hack to limit writes - to TTYs on AIX was triggering this. Since only AIX needs the hack, wrap - it in an #ifdef. Diagnosis and patch from Ivo Raisr. - -commit 81f7cf1ec5bc2fd202eda05abc2e5361c54633c5 -Author: Tim Rice -Date: Thu Jul 25 18:41:40 2013 -0700 - - more correct comment for last commit - -commit 0553ad76ffdff35fb31b9e6df935a71a1cc6daa2 -Author: Tim Rice -Date: Thu Jul 25 16:03:16 2013 -0700 - - - (tim) [regress/forwarding.sh] Fix for building outside read only source tree. - -commit ed899eb597a8901ff7322cba809660515ec0d601 -Author: Tim Rice -Date: Thu Jul 25 15:40:00 2013 -0700 - - - (tim) [sftp-client.c] Use of a gcc extension trips up native compilers on - Solaris and UnixWare. Feedback and OK djm@ - -commit e9e936d33b4b1d77ffbaace9438cb2f1469c1dc7 -Author: Damien Miller -Date: Thu Jul 25 12:34:00 2013 +1000 - - - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] - [contrib/suse/openssh.spec] Update version numbers - -commit d1e26cf391de31128b4edde118bff5fed98a90ea -Author: Damien Miller -Date: Thu Jul 25 12:11:18 2013 +1000 - - - djm@cvs.openbsd.org 2013/06/21 02:26:26 - [regress/sftp-cmds.sh regress/test-exec.sh] - unbreak sftp-cmds for renamed test data (s/ls/data/) - -commit 78d47b7c5b182e44552913de2b4b7e0363c8e3cc -Author: Damien Miller -Date: Thu Jul 25 12:08:46 2013 +1000 - - - dtucker@cvs.openbsd.org 2013/06/10 21:56:43 - [regress/forwarding.sh] - Add test for forward config parsing - -commit fea440639e04cea9f2605375a41d654390369402 -Author: Damien Miller -Date: Thu Jul 25 12:08:07 2013 +1000 - - - dtucker@cvs.openbsd.org 2013/05/30 20:12:32 - [regress/test-exec.sh] - use ssh and sshd as testdata since it needs to be >256k for the rekey test - -commit 53435b2d8773a5d7c78359e9f7bf9df2d93b9ef5 -Author: Damien Miller -Date: Thu Jul 25 11:57:15 2013 +1000 - - - djm@cvs.openbsd.org 2013/07/25 00:57:37 - [version.h] - openssh-6.3 for release - -commit 0d032419ee6e1968fc1cb187af63bf3b77b506ea -Author: Damien Miller -Date: Thu Jul 25 11:56:52 2013 +1000 - - - djm@cvs.openbsd.org 2013/07/25 00:56:52 - [sftp-client.c sftp-client.h sftp.1 sftp.c] - sftp support for resuming partial downloads; patch mostly by Loganaden - Velvindron/AfriNIC with some tweaks by me; feedback and ok dtucker@ - -commit 98e27dcf581647b5bbe9780e8f59685d942d8ea3 -Author: Damien Miller -Date: Thu Jul 25 11:55:52 2013 +1000 - - - djm@cvs.openbsd.org 2013/07/25 00:29:10 - [ssh.c] - daemonise backgrounded (ControlPersist'ed) multiplexing master to ensure - it is fully detached from its controlling terminal. based on debugging - -commit 94c9cd34d1590ea1d4bf76919a15b5688fa90ed1 -Author: Damien Miller -Date: Thu Jul 25 11:55:39 2013 +1000 - - - djm@cvs.openbsd.org 2013/07/22 12:20:02 - [umac.h] - oops, forgot to commit corresponding header change; - spotted by jsg and jasper - -commit c331dbd22297ab9bf351abee659893d139c9f28a -Author: Damien Miller -Date: Thu Jul 25 11:55:20 2013 +1000 - - - djm@cvs.openbsd.org 2013/07/22 05:00:17 - [umac.c] - make MAC key, data to be hashed and nonce for final hash const; - checked with -Wcast-qual - -commit c8669a8cd24952b3f16a44eac63d2b6ce8a6343a -Author: Damien Miller -Date: Thu Jul 25 11:52:48 2013 +1000 - - - djm@cvs.openbsd.org 2013/07/20 22:20:42 - [krl.c] - fix verification error in (as-yet usused) KRL signature checking path - -commit 63ddc899d28cf60045b560891894b9fbf6f822e9 -Author: Damien Miller -Date: Sat Jul 20 13:35:45 2013 +1000 - - - djm@cvs.openbsd.org 2013/07/20 01:55:13 - [auth-krb5.c gss-serv-krb5.c gss-serv.c] - fix kerberos/GSSAPI deprecation warnings and linking; "looks okay" millert@ - -commit 1f0e86f23fcebb026371c0888402a981df2a61c4 -Author: Damien Miller -Date: Sat Jul 20 13:22:49 2013 +1000 - - - djm@cvs.openbsd.org 2013/07/20 01:50:20 - [ssh-agent.c] - call cleanup_handler on SIGINT when in debug mode to ensure sockets - are cleaned up on manual exit; bz#2120 - -commit 3009d3cbb89316b1294fb5cedb54770b5d114d04 -Author: Damien Miller -Date: Sat Jul 20 13:22:31 2013 +1000 - - - djm@cvs.openbsd.org 2013/07/20 01:44:37 - [ssh-keygen.c ssh.c] - More useful error message on missing current user in /etc/passwd - -commit 32ecfa0f7920db31471ca8c1f4adc20ae38ed9d6 -Author: Damien Miller -Date: Sat Jul 20 13:22:13 2013 +1000 - - - djm@cvs.openbsd.org 2013/07/20 01:43:46 - [umac.c] - use a union to ensure correct alignment; ok deraadt - -commit 85b45e09188e7a7fc8f0a900a4c6a0f04a5720a7 -Author: Damien Miller -Date: Sat Jul 20 13:21:52 2013 +1000 - - - markus@cvs.openbsd.org 2013/07/19 07:37:48 - [auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c] - [servconf.h session.c sshd.c sshd_config.5] - add ssh-agent(1) support to sshd(8); allows encrypted hostkeys, - or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974 - ok djm@ - -commit d93340cbb6bc0fc0dbd4427e0cec6d994a494dd9 -Author: Damien Miller -Date: Thu Jul 18 16:14:34 2013 +1000 - - - djm@cvs.openbsd.org 2013/07/18 01:12:26 - [ssh.1] - be more exact wrt perms for ~/.ssh/config; bz#2078 - -commit bf836e535dc3a8050c1756423539bac127ee5098 -Author: Damien Miller -Date: Thu Jul 18 16:14:13 2013 +1000 - - - schwarze@cvs.openbsd.org 2013/07/16 00:07:52 - [scp.1 sftp-server.8 ssh-keyscan.1 ssh-keysign.8 ssh-pkcs11-helper.8] - use .Mt for email addresses; from Jan Stary ; ok jmc@ - -commit 649fe025a409d0ce88c60a068f3f211193c35873 -Author: Damien Miller -Date: Thu Jul 18 16:13:55 2013 +1000 - - - djm@cvs.openbsd.org 2013/07/12 05:48:55 - [ssh.c] - set TCP nodelay for connections started with -N; bz#2124 ok dtucker@ - -commit 5bb8833e809d827496dffca0dc2c223052c93931 -Author: Damien Miller -Date: Thu Jul 18 16:13:37 2013 +1000 - - - djm@cvs.openbsd.org 2013/07/12 05:42:03 - [ssh-keygen.c] - do_print_resource_record() can never be called with a NULL filename, so - don't attempt (and bungle) asking for one if it has not been specified - bz#2127 ok dtucker@ - -commit 7313fc9222785d0c54a7ffcaf2067f4db02c8d72 -Author: Damien Miller -Date: Thu Jul 18 16:13:19 2013 +1000 - - - djm@cvs.openbsd.org 2013/07/12 00:43:50 - [misc.c] - in ssh_gai_strerror() don't fallback to strerror for EAI_SYSTEM when - errno == 0. Avoids confusing error message in some broken resolver - cases. bz#2122 patch from plautrba AT redhat.com; ok dtucker - -commit 746d1a6c524d2e90ebe98cc29e42573a3e1c3c1b -Author: Damien Miller -Date: Thu Jul 18 16:13:02 2013 +1000 - - - djm@cvs.openbsd.org 2013/07/12 00:20:00 - [sftp.c ssh-keygen.c ssh-pkcs11.c] - fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@ - -commit ce98654674648fb7d58f73edf6aa398656a2dba4 -Author: Damien Miller -Date: Thu Jul 18 16:12:44 2013 +1000 - - - djm@cvs.openbsd.org 2013/07/12 00:19:59 - [auth-options.c auth-rsa.c bufaux.c buffer.h channels.c hostfile.c] - [hostfile.h mux.c packet.c packet.h roaming_common.c serverloop.c] - fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@ - -commit 0d02c3e10e1ed16d6396748375a133d348127a2a -Author: Damien Miller -Date: Thu Jul 18 16:12:06 2013 +1000 - - - markus@cvs.openbsd.org 2013/07/02 12:31:43 - [dh.c] - remove extra whitespace - -commit fecfd118d6c90df4fcd3cec7b14e4d3ce69a41d5 -Author: Damien Miller -Date: Thu Jul 18 16:11:50 2013 +1000 - - - jmc@cvs.openbsd.org 2013/06/27 14:05:37 - [ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5] - do not use Sx for sections outwith the man page - ingo informs me that - stuff like html will render with broken links; - - issue reported by Eric S. Raymond, via djm - -commit bc35d92e78fd53c3f32cbdbdf89d8b1919788c50 -Author: Damien Miller -Date: Thu Jul 18 16:11:25 2013 +1000 - - - djm@cvs.openbsd.org 2013/06/22 06:31:57 - [scp.c] - improved time_t overflow check suggested by guenther@ - -commit 8158441d01ab84f33a7e70e27f87c02cbf67e709 -Author: Damien Miller -Date: Thu Jul 18 16:11:07 2013 +1000 - - - djm@cvs.openbsd.org 2013/06/21 05:43:10 - [scp.c] - make this -Wsign-compare clean after time_t conversion - -commit bbeb1dac550bad8e6aff9bd27113c6bd5ebb7413 -Author: Damien Miller -Date: Thu Jul 18 16:10:49 2013 +1000 - - - djm@cvs.openbsd.org 2013/06/21 05:42:32 - [dh.c] - sprinkle in some error() to explain moduli(5) parse failures - -commit 7f2b438ca0b7c3b9684a03d7bf3eaf379da16de9 -Author: Damien Miller -Date: Thu Jul 18 16:10:29 2013 +1000 - - - djm@cvs.openbsd.org 2013/06/21 00:37:49 - [ssh_config.5] - explicitly mention that IdentitiesOnly can be used with IdentityFile - to control which keys are offered from an agent. - -commit 20bdcd72365e8b3d51261993928cc47c5f0d7c8a -Author: Damien Miller -Date: Thu Jul 18 16:10:09 2013 +1000 - - - djm@cvs.openbsd.org 2013/06/21 00:34:49 - [auth-rsa.c auth.h auth2-hostbased.c auth2-pubkey.c monitor.c] - for hostbased authentication, print the client host and user on - the auth success/failure line; bz#2064, ok dtucker@ - -commit 3071070b39e6d1722151c754cdc2b26640eaf45e -Author: Damien Miller -Date: Thu Jul 18 16:09:44 2013 +1000 - - - markus@cvs.openbsd.org 2013/06/20 19:15:06 - [krl.c] - don't leak the rdata blob on errors; ok djm@ - -commit 044bd2a7ddb0b6f6b716c87e57261572e2b89028 -Author: Damien Miller -Date: Thu Jul 18 16:09:25 2013 +1000 - - - guenther@cvs.openbsd.org 2013/06/17 04:48:42 - [scp.c] - Handle time_t values as long long's when formatting them and when - parsing them from remote servers. - Improve error checking in parsing of 'T' lines. - - ok dtucker@ deraadt@ - -commit 9a6615542108118582f64b7161ca0e12176e3712 -Author: Damien Miller -Date: Thu Jul 18 16:09:04 2013 +1000 - - - dtucker@cvs.openbsd.org 2013/06/10 19:19:44 - [readconf.c] - revert 1.203 while we investigate crashes reported by okan@ - -commit b7482cff46e7e76bfb3cda86c365a08f58d4fca0 -Author: Darren Tucker -Date: Tue Jul 2 20:06:46 2013 +1000 - - - (dtucker) [contrib/cygwin/README contrib/cygwin/ssh-host-config - contrib/cygwin/ssh-user-config] Modernizes and improve readability of - the Cygwin README file (which hasn't been updated for ages), drop - unsupported OSes from the ssh-host-config help text, and drop an - unneeded option from ssh-user-config. Patch from vinschen at redhat com. diff --git a/OVERVIEW b/OVERVIEW index 2e1cc0ba3bb..fde72c8e090 100644 --- a/OVERVIEW +++ b/OVERVIEW @@ -65,8 +65,8 @@ these programs. packets. CRC code comes from crc32.c. - The code in packet.c calls the buffer manipulation routines - (buffer.c, bufaux.c), compression routines (compress.c, zlib), - and the encryption routines. + (buffer.c, bufaux.c), compression routines (zlib), and the + encryption routines. X11, TCP/IP, and Agent forwarding @@ -165,4 +165,4 @@ these programs. uidswap.c uid-swapping xmalloc.c "safe" malloc routines -$OpenBSD: OVERVIEW,v 1.11 2006/08/03 03:34:41 deraadt Exp $ +$OpenBSD: OVERVIEW,v 1.12 2015/07/08 19:01:15 markus Exp $ diff --git a/PROTOCOL b/PROTOCOL index 85641e65070..131adfefea6 100644 --- a/PROTOCOL +++ b/PROTOCOL @@ -247,7 +247,6 @@ to request that the server make a connection to a Unix domain socket. uint32 initial window size uint32 maximum packet size string socket path - string reserved for future use Similar to forwarded-tcpip, forwarded-streamlocal is sent by the server when the client has previously send the server a streamlocal-forward @@ -453,4 +452,4 @@ respond with a SSH_FXP_STATUS message. This extension is advertised in the SSH_FXP_VERSION hello with version "1". -$OpenBSD: PROTOCOL,v 1.28 2015/05/08 03:56:51 djm Exp $ +$OpenBSD: PROTOCOL,v 1.29 2015/07/17 03:09:19 djm Exp $ diff --git a/PROTOCOL.mux b/PROTOCOL.mux index b5832561c0e..f042961f117 100644 --- a/PROTOCOL.mux +++ b/PROTOCOL.mux @@ -116,6 +116,12 @@ A client may request the master to establish a port forward: forwarding type may be MUX_FWD_LOCAL, MUX_FWD_REMOTE, MUX_FWD_DYNAMIC. +If listen port is (unsigned int) -2, then the listen host is treated as +a unix socket path name. + +If connect port is (unsigned int) -2, then the connect host is treated +as a unix socket path name. + A server may reply with a MUX_S_OK, a MUX_S_REMOTE_PORT, a MUX_S_PERMISSION_DENIED or a MUX_S_FAILURE. @@ -219,4 +225,4 @@ XXX inject packet (what about replies) XXX server->client error/warning notifications XXX send signals via mux -$OpenBSD: PROTOCOL.mux,v 1.9 2012/06/01 00:49:35 djm Exp $ +$OpenBSD: PROTOCOL.mux,v 1.10 2015/07/17 03:04:27 djm Exp $ diff --git a/README b/README index 0401d85ac1b..c566f7b1bd8 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -See http://www.openssh.com/txt/release-6.9 for the release notes. +See http://www.openssh.com/txt/release-7.0 for the release notes. - A Japanese translation of this document and of the OpenSSH FAQ is - available at http://www.unixuser.org/~haruyama/security/openssh/index.html diff --git a/addrmatch.c b/addrmatch.c index c443146323d..70b050e050f 100644 --- a/addrmatch.c +++ b/addrmatch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: addrmatch.c,v 1.9 2014/01/19 11:21:51 dtucker Exp $ */ +/* $OpenBSD: addrmatch.c,v 1.10 2015/07/08 19:04:21 markus Exp $ */ /* * Copyright (c) 2004-2008 Damien Miller @@ -31,7 +31,6 @@ #include "match.h" #include "log.h" -#include "xmalloc.h" struct xaddr { sa_family_t af; diff --git a/auth-options.c b/auth-options.c index facfc025b6c..e387697d36d 100644 --- a/auth-options.c +++ b/auth-options.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-options.c,v 1.67 2015/05/01 03:20:54 djm Exp $ */ +/* $OpenBSD: auth-options.c,v 1.68 2015/07/03 03:43:18 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -588,35 +588,21 @@ auth_cert_options(struct sshkey *k, struct passwd *pw) char *cert_forced_command = NULL; int cert_source_address_done = 0; - if (sshkey_cert_is_legacy(k)) { - /* All options are in the one field for v00 certs */ - if (parse_option_list(k->cert->critical, pw, - OPTIONS_CRITICAL|OPTIONS_EXTENSIONS, 1, - &cert_no_port_forwarding_flag, - &cert_no_agent_forwarding_flag, - &cert_no_x11_forwarding_flag, - &cert_no_pty_flag, - &cert_no_user_rc, - &cert_forced_command, - &cert_source_address_done) == -1) - return -1; - } else { - /* Separate options and extensions for v01 certs */ - if (parse_option_list(k->cert->critical, pw, - OPTIONS_CRITICAL, 1, NULL, NULL, NULL, NULL, NULL, - &cert_forced_command, - &cert_source_address_done) == -1) - return -1; - if (parse_option_list(k->cert->extensions, pw, - OPTIONS_EXTENSIONS, 0, - &cert_no_port_forwarding_flag, - &cert_no_agent_forwarding_flag, - &cert_no_x11_forwarding_flag, - &cert_no_pty_flag, - &cert_no_user_rc, - NULL, NULL) == -1) - return -1; - } + /* Separate options and extensions for v01 certs */ + if (parse_option_list(k->cert->critical, pw, + OPTIONS_CRITICAL, 1, NULL, NULL, NULL, NULL, NULL, + &cert_forced_command, + &cert_source_address_done) == -1) + return -1; + if (parse_option_list(k->cert->extensions, pw, + OPTIONS_EXTENSIONS, 0, + &cert_no_port_forwarding_flag, + &cert_no_agent_forwarding_flag, + &cert_no_x11_forwarding_flag, + &cert_no_pty_flag, + &cert_no_user_rc, + NULL, NULL) == -1) + return -1; no_port_forwarding_flag |= cert_no_port_forwarding_flag; no_agent_forwarding_flag |= cert_no_agent_forwarding_flag; diff --git a/auth.c b/auth.c index e6c094d1f16..fc32f6c4bbc 100644 --- a/auth.c +++ b/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.111 2015/05/01 04:17:51 djm Exp $ */ +/* $OpenBSD: auth.c,v 1.112 2015/08/06 14:53:21 deraadt Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -352,7 +352,9 @@ auth_root_allowed(const char *method) case PERMIT_YES: return 1; case PERMIT_NO_PASSWD: - if (strcmp(method, "password") != 0) + if (strcmp(method, "publickey") == 0 || + strcmp(method, "hostbased") == 0 || + strcmp(method, "gssapi-with-mic")) return 1; break; case PERMIT_FORCED_ONLY: diff --git a/auth2-chall.c b/auth2-chall.c index ddabe1a9071..4aff09d8059 100644 --- a/auth2-chall.c +++ b/auth2-chall.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-chall.c,v 1.42 2015/01/19 20:07:45 markus Exp $ */ +/* $OpenBSD: auth2-chall.c,v 1.43 2015/07/18 07:57:14 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Per Allansson. All rights reserved. @@ -83,6 +83,7 @@ struct KbdintAuthctxt void *ctxt; KbdintDevice *device; u_int nreq; + u_int devices_done; }; #ifdef USE_PAM @@ -169,11 +170,15 @@ kbdint_next_device(Authctxt *authctxt, KbdintAuthctxt *kbdintctxt) if (len == 0) break; for (i = 0; devices[i]; i++) { - if (!auth2_method_allowed(authctxt, + if ((kbdintctxt->devices_done & (1 << i)) != 0 || + !auth2_method_allowed(authctxt, "keyboard-interactive", devices[i]->name)) continue; - if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0) + if (strncmp(kbdintctxt->devices, devices[i]->name, + len) == 0) { kbdintctxt->device = devices[i]; + kbdintctxt->devices_done |= 1 << i; + } } t = kbdintctxt->devices; kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL; diff --git a/authfd.c b/authfd.c index 82915a43d63..eaa1426485d 100644 --- a/authfd.c +++ b/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.97 2015/03/26 19:32:19 markus Exp $ */ +/* $OpenBSD: authfd.c,v 1.98 2015/07/03 03:43:18 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -560,10 +560,8 @@ ssh_add_identity_constrained(int sock, struct sshkey *key, const char *comment, #ifdef WITH_OPENSSL case KEY_RSA: case KEY_RSA_CERT: - case KEY_RSA_CERT_V00: case KEY_DSA: case KEY_DSA_CERT: - case KEY_DSA_CERT_V00: case KEY_ECDSA: case KEY_ECDSA_CERT: #endif diff --git a/authfile.c b/authfile.c index 728b136a77b..58f589a4745 100644 --- a/authfile.c +++ b/authfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.114 2015/04/17 13:32:09 djm Exp $ */ +/* $OpenBSD: authfile.c,v 1.116 2015/07/09 09:49:46 markus Exp $ */ /* * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. * @@ -39,13 +39,13 @@ #include #include "cipher.h" -#include "key.h" #include "ssh.h" #include "log.h" #include "authfile.h" #include "rsa.h" #include "misc.h" #include "atomicio.h" +#include "sshkey.h" #include "sshbuf.h" #include "ssherr.h" #include "krl.h" @@ -448,8 +448,8 @@ sshkey_load_private_cert(int type, const char *filename, const char *passphrase, case KEY_RSA: case KEY_DSA: case KEY_ECDSA: - case KEY_ED25519: #endif /* WITH_OPENSSL */ + case KEY_ED25519: case KEY_UNSPEC: break; default: @@ -467,7 +467,7 @@ sshkey_load_private_cert(int type, const char *filename, const char *passphrase, goto out; } - if ((r = sshkey_to_certified(key, sshkey_cert_is_legacy(cert))) != 0 || + if ((r = sshkey_to_certified(key)) != 0 || (r = sshkey_cert_copy(cert, key)) != 0) goto out; r = 0; diff --git a/cipher.h b/cipher.h index 62a88b42e64..06d4be4d75e 100644 --- a/cipher.h +++ b/cipher.h @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher.h,v 1.47 2015/01/14 10:24:42 markus Exp $ */ +/* $OpenBSD: cipher.h,v 1.48 2015/07/08 19:09:25 markus Exp $ */ /* * Author: Tatu Ylonen @@ -72,9 +72,6 @@ struct sshcipher_ctx { const struct sshcipher *cipher; }; -typedef struct sshcipher Cipher; -typedef struct sshcipher_ctx CipherContext; - u_int cipher_mask_ssh1(int); const struct sshcipher *cipher_by_name(const char *); const struct sshcipher *cipher_by_number(int); diff --git a/clientloop.c b/clientloop.c index dc0e557ad67..87ceb3dab9e 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.274 2015/07/01 02:26:31 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.275 2015/07/10 06:21:53 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -100,6 +100,7 @@ #include "key.h" #include "cipher.h" #include "kex.h" +#include "myproposal.h" #include "log.h" #include "misc.h" #include "readconf.h" @@ -2362,10 +2363,11 @@ client_input_hostkeys(void) debug3("%s: received %s key %s", __func__, sshkey_type(key), fp); free(fp); + /* Check that the key is accepted in HostkeyAlgorithms */ - if (options.hostkeyalgorithms != NULL && - match_pattern_list(sshkey_ssh_name(key), - options.hostkeyalgorithms, 0) != 1) { + if (match_pattern_list(sshkey_ssh_name(key), + options.hostkeyalgorithms ? options.hostkeyalgorithms : + KEX_DEFAULT_PK_ALG, 0) != 1) { debug3("%s: %s key not permitted by HostkeyAlgorithms", __func__, sshkey_ssh_name(key)); continue; diff --git a/compat.c b/compat.c index 0631024f08e..eef5fbba5b6 100644 --- a/compat.c +++ b/compat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: compat.c,v 1.94 2015/05/26 23:23:40 dtucker Exp $ */ +/* $OpenBSD: compat.c,v 1.96 2015/07/28 23:20:42 djm Exp $ */ /* * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. * @@ -152,7 +152,8 @@ compat_datafellows(const char *version) "1.2.22*", SSH_BUG_IGNOREMSG }, { "1.3.2*", /* F-Secure */ SSH_BUG_IGNOREMSG }, - { "Cisco-1.*", SSH_BUG_DHGEX_LARGE }, + { "Cisco-1.*", SSH_BUG_DHGEX_LARGE| + SSH_BUG_HOSTKEYS }, { "*SSH Compatible Server*", /* Netscreen */ SSH_BUG_PASSWORDPAD }, { "*OSU_0*," @@ -166,7 +167,8 @@ compat_datafellows(const char *version) "OSU_1.5alpha3*", SSH_BUG_PASSWORDPAD }, { "*SSH_Version_Mapper*", SSH_BUG_SCANNER }, - { "PuTTY-Release-0.5*," /* 0.50-0.57, DH-GEX in >=0.52 */ + { "PuTTY_Local:*," /* dev versions < Sep 2014 */ + "PuTTY-Release-0.5*," /* 0.50-0.57, DH-GEX in >=0.52 */ "PuTTY_Release_0.5*," /* 0.58-0.59 */ "PuTTY_Release_0.60*," "PuTTY_Release_0.61*," diff --git a/config.h.in b/config.h.in index 7e7e38ec20a..7500df53261 100644 --- a/config.h.in +++ b/config.h.in @@ -48,7 +48,7 @@ against it */ #undef BROKEN_READ_COMPARISON -/* Define if you have a broken realpath. */ +/* realpath does not work with nonexistent files */ #undef BROKEN_REALPATH /* Needed for NeXT */ diff --git a/configure b/configure index 803c5bcde9c..0d7a5b97eaa 100755 --- a/configure +++ b/configure @@ -5771,7 +5771,7 @@ fi openssl=yes -ssh1=yes +ssh1=no # Check whether --with-openssl was given. if test "${with_openssl+set}" = set; then @@ -16522,7 +16522,6 @@ fi - for ac_func in \ @@ -16585,7 +16584,6 @@ for ac_func in \ pstat \ readpassphrase \ reallocarray \ - realpath \ recvmsg \ rresvport_af \ sendmsg \ @@ -18682,6 +18680,174 @@ done +for ac_func in realpath +do +as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` +{ echo "$as_me:$LINENO: checking for $ac_func" >&5 +echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } +if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +/* Define $ac_func to an innocuous variant, in case declares $ac_func. + For example, HP-UX 11i declares gettimeofday. */ +#define $ac_func innocuous_$ac_func + +/* System header to define __stub macros and hopefully few prototypes, + which can conflict with char $ac_func (); below. + Prefer to if __STDC__ is defined, since + exists even on freestanding compilers. */ + +#ifdef __STDC__ +# include +#else +# include +#endif + +#undef $ac_func + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char $ac_func (); +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined __stub_$ac_func || defined __stub___$ac_func +choke me +#endif + +int +main () +{ +return $ac_func (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then + eval "$as_ac_var=yes" +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + eval "$as_ac_var=no" +fi + +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ + conftest$ac_exeext conftest.$ac_ext +fi +ac_res=`eval echo '${'$as_ac_var'}'` + { echo "$as_me:$LINENO: result: $ac_res" >&5 +echo "${ECHO_T}$ac_res" >&6; } +if test `eval echo '${'$as_ac_var'}'` = yes; then + cat >>confdefs.h <<_ACEOF +#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + + { echo "$as_me:$LINENO: checking if realpath works with non-existent files" >&5 +echo $ECHO_N "checking if realpath works with non-existent files... $ECHO_C" >&6; } + if test "$cross_compiling" = yes; then + { echo "$as_me:$LINENO: WARNING: cross compiling: assuming working" >&5 +echo "$as_me: WARNING: cross compiling: assuming working" >&2;} + +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +#include +#include +#include + +int +main () +{ + + char buf[PATH_MAX]; + if (realpath("/opensshnonexistentfilename1234", buf) == NULL) + if (errno == ENOENT) + exit(1); + exit(0); + + ; + return 0; +} +_ACEOF +rm -f conftest$ac_exeext +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { ac_try='./conftest$ac_exeext' + { (case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + { echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6; } +else + echo "$as_me: program exited with status $ac_status" >&5 +echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +( exit $ac_status ) + +cat >>confdefs.h <<\_ACEOF +#define BROKEN_REALPATH 1 +_ACEOF + + { echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6; } +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +fi + + + +fi +done + + + for ac_func in gettimeofday time do diff --git a/configure.ac b/configure.ac index bb0095f645d..9b05c30f897 100644 --- a/configure.ac +++ b/configure.ac @@ -122,7 +122,7 @@ AC_CHECK_DECL([PR_SET_NO_NEW_PRIVS], [have_linux_no_new_privs=1], , [ ]) openssl=yes -ssh1=yes +ssh1=no AC_ARG_WITH([openssl], [ --without-openssl Disable use of OpenSSL; use only limited internal crypto **EXPERIMENTAL** ], [ if test "x$withval" = "xno" ; then @@ -1674,7 +1674,6 @@ AC_CHECK_FUNCS([ \ pstat \ readpassphrase \ reallocarray \ - realpath \ recvmsg \ rresvport_af \ sendmsg \ @@ -1891,6 +1890,32 @@ AC_CHECK_FUNCS([setresgid], [ ) ]) +AC_CHECK_FUNCS([realpath], [ + dnl the sftp v3 spec says SSH_FXP_REALPATH will "canonicalize any given + dnl path name", however some implementations of realpath (and some + dnl versions of the POSIX spec) do not work on non-existent files, + dnl so we use the OpenBSD implementation on those platforms. + AC_MSG_CHECKING([if realpath works with non-existent files]) + AC_RUN_IFELSE( + [AC_LANG_PROGRAM([[ +#include +#include +#include + ]], [[ + char buf[PATH_MAX]; + if (realpath("/opensshnonexistentfilename1234", buf) == NULL) + if (errno == ENOENT) + exit(1); + exit(0); + ]])], + [AC_MSG_RESULT([yes])], + [AC_DEFINE([BROKEN_REALPATH], [1], + [realpath does not work with nonexistent files]) + AC_MSG_RESULT([no])], + [AC_MSG_WARN([cross compiling: assuming working])] + ) +]) + dnl Checks for time functions AC_CHECK_FUNCS([gettimeofday time]) dnl Checks for utmp functions diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index b9aaca5b67a..5de78755505 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec @@ -1,4 +1,4 @@ -%define ver 6.9p1 +%define ver 7.0p1 %define rel 1 # OpenSSH privilege separation requires a user & group ID diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index c29c3f71ba1..dd9692da145 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec @@ -13,7 +13,7 @@ Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation Name: openssh -Version: 6.9p1 +Version: 7.0p1 URL: http://www.openssh.com/ Release: 1 Source0: openssh-%{version}.tar.gz diff --git a/kex.c b/kex.c index dbc55ef7ee0..5100c661d79 100644 --- a/kex.c +++ b/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.106 2015/04/17 13:25:52 djm Exp $ */ +/* $OpenBSD: kex.c,v 1.109 2015/07/30 00:01:34 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -155,6 +155,68 @@ kex_names_valid(const char *names) return 1; } +/* + * Concatenate algorithm names, avoiding duplicates in the process. + * Caller must free returned string. + */ +char * +kex_names_cat(const char *a, const char *b) +{ + char *ret = NULL, *tmp = NULL, *cp, *p; + size_t len; + + if (a == NULL || *a == '\0') + return NULL; + if (b == NULL || *b == '\0') + return strdup(a); + if (strlen(b) > 1024*1024) + return NULL; + len = strlen(a) + strlen(b) + 2; + if ((tmp = cp = strdup(b)) == NULL || + (ret = calloc(1, len)) == NULL) { + free(tmp); + return NULL; + } + strlcpy(ret, a, len); + for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) { + if (match_list(ret, p, NULL) != NULL) + continue; /* Algorithm already present */ + if (strlcat(ret, ",", len) >= len || + strlcat(ret, p, len) >= len) { + free(tmp); + free(ret); + return NULL; /* Shouldn't happen */ + } + } + free(tmp); + return ret; +} + +/* + * Assemble a list of algorithms from a default list and a string from a + * configuration file. The user-provided string may begin with '+' to + * indicate that it should be appended to the default. + */ +int +kex_assemble_names(const char *def, char **list) +{ + char *ret; + + if (list == NULL || *list == NULL || **list == '\0') { + *list = strdup(def); + return 0; + } + if (**list != '+') { + return 0; + } + + if ((ret = kex_names_cat(def, *list + 1)) == NULL) + return SSH_ERR_ALLOC_FAIL; + free(*list); + *list = ret; + return 0; +} + /* put algorithm proposal into buffer */ int kex_prop2buf(struct sshbuf *b, char *proposal[PROPOSAL_MAX]) @@ -448,6 +510,7 @@ kex_free(struct kex *kex) free(kex->session_id); free(kex->client_version_string); free(kex->server_version_string); + free(kex->failed_choice); free(kex); } @@ -626,17 +689,26 @@ kex_choose_conf(struct ssh *ssh) nmac = ctos ? PROPOSAL_MAC_ALGS_CTOS : PROPOSAL_MAC_ALGS_STOC; ncomp = ctos ? PROPOSAL_COMP_ALGS_CTOS : PROPOSAL_COMP_ALGS_STOC; if ((r = choose_enc(&newkeys->enc, cprop[nenc], - sprop[nenc])) != 0) + sprop[nenc])) != 0) { + kex->failed_choice = peer[nenc]; + peer[nenc] = NULL; goto out; + } authlen = cipher_authlen(newkeys->enc.cipher); /* ignore mac for authenticated encryption */ if (authlen == 0 && (r = choose_mac(ssh, &newkeys->mac, cprop[nmac], - sprop[nmac])) != 0) + sprop[nmac])) != 0) { + kex->failed_choice = peer[nmac]; + peer[nmac] = NULL; goto out; + } if ((r = choose_comp(&newkeys->comp, cprop[ncomp], - sprop[ncomp])) != 0) + sprop[ncomp])) != 0) { + kex->failed_choice = peer[ncomp]; + peer[ncomp] = NULL; goto out; + } debug("kex: %s %s %s %s", ctos ? "client->server" : "server->client", newkeys->enc.name, @@ -644,10 +716,17 @@ kex_choose_conf(struct ssh *ssh) newkeys->comp.name); } if ((r = choose_kex(kex, cprop[PROPOSAL_KEX_ALGS], - sprop[PROPOSAL_KEX_ALGS])) != 0 || - (r = choose_hostkeyalg(kex, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS], - sprop[PROPOSAL_SERVER_HOST_KEY_ALGS])) != 0) + sprop[PROPOSAL_KEX_ALGS])) != 0) { + kex->failed_choice = peer[PROPOSAL_KEX_ALGS]; + peer[PROPOSAL_KEX_ALGS] = NULL; goto out; + } + if ((r = choose_hostkeyalg(kex, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS], + sprop[PROPOSAL_SERVER_HOST_KEY_ALGS])) != 0) { + kex->failed_choice = peer[PROPOSAL_SERVER_HOST_KEY_ALGS]; + peer[PROPOSAL_SERVER_HOST_KEY_ALGS] = NULL; + goto out; + } need = dh_need = 0; for (mode = 0; mode < MODE_MAX; mode++) { newkeys = kex->newkeys[mode]; diff --git a/kex.h b/kex.h index f70b81fc143..d71b53293d8 100644 --- a/kex.h +++ b/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.71 2015/02/16 22:13:32 djm Exp $ */ +/* $OpenBSD: kex.h,v 1.73 2015/07/30 00:01:34 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -141,6 +141,7 @@ struct kex { int ec_nid; char *client_version_string; char *server_version_string; + char *failed_choice; int (*verify_host_key)(struct sshkey *, struct ssh *); struct sshkey *(*load_host_public_key)(int, int, struct ssh *); struct sshkey *(*load_host_private_key)(int, int, struct ssh *); @@ -159,6 +160,8 @@ struct kex { int kex_names_valid(const char *); char *kex_alg_list(char); +char *kex_names_cat(const char *, const char *); +int kex_assemble_names(const char *, char **); int kex_new(struct ssh *, char *[PROPOSAL_MAX], struct kex **); int kex_setup(struct ssh *, char *[PROPOSAL_MAX]); diff --git a/key.c b/key.c index bbe027b6685..0ba98b6f35b 100644 --- a/key.c +++ b/key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: key.c,v 1.127 2015/01/28 22:36:00 djm Exp $ */ +/* $OpenBSD: key.c,v 1.128 2015/07/03 03:43:18 djm Exp $ */ /* * placed in the public domain */ @@ -184,11 +184,11 @@ key_demote(const Key *k) } int -key_to_certified(Key *k, int legacy) +key_to_certified(Key *k) { int r; - if ((r = sshkey_to_certified(k, legacy)) != 0) { + if ((r = sshkey_to_certified(k)) != 0) { fatal_on_fatal_errors(r, __func__, 0); error("%s: %s", __func__, ssh_err(r)); return -1; diff --git a/key.h b/key.h index 89fd5cfdf54..903bdf6730d 100644 --- a/key.h +++ b/key.h @@ -1,4 +1,4 @@ -/* $OpenBSD: key.h,v 1.47 2015/01/28 22:36:00 djm Exp $ */ +/* $OpenBSD: key.h,v 1.48 2015/07/03 03:43:18 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -51,7 +51,6 @@ typedef struct sshkey Key; #define key_ecdsa_key_to_nid sshkey_ecdsa_key_to_nid #define key_is_cert sshkey_is_cert #define key_type_plain sshkey_type_plain -#define key_cert_is_legacy sshkey_cert_is_legacy #define key_curve_name_to_nid sshkey_curve_name_to_nid #define key_curve_nid_to_bits sshkey_curve_nid_to_bits #define key_curve_nid_to_name sshkey_curve_nid_to_name @@ -69,7 +68,7 @@ int key_read(Key *, char **); Key *key_generate(int, u_int); Key *key_from_private(const Key *); -int key_to_certified(Key *, int); +int key_to_certified(Key *); int key_drop_cert(Key *); int key_certify(Key *, Key *); void key_cert_copy(const Key *, Key *); diff --git a/krl.c b/krl.c index a98252ef868..4075df853ff 100644 --- a/krl.c +++ b/krl.c @@ -14,7 +14,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: krl.c,v 1.32 2015/06/24 23:47:23 djm Exp $ */ +/* $OpenBSD: krl.c,v 1.33 2015/07/03 03:43:18 djm Exp $ */ #include "includes.h" @@ -429,7 +429,7 @@ ssh_krl_revoke_key(struct ssh_krl *krl, const struct sshkey *key) if (!sshkey_is_cert(key)) return ssh_krl_revoke_key_sha1(krl, key); - if (sshkey_cert_is_legacy(key) || key->cert->serial == 0) { + if (key->cert->serial == 0) { return ssh_krl_revoke_cert_by_key_id(krl, key->cert->signature_key, key->cert->key_id); @@ -1180,10 +1180,10 @@ is_cert_revoked(const struct sshkey *key, struct revoked_certs *rc) } /* - * Legacy cert formats lack serial numbers. Zero serials numbers - * are ignored (it's the default when the CA doesn't specify one). + * Zero serials numbers are ignored (it's the default when the + * CA doesn't specify one). */ - if (sshkey_cert_is_legacy(key) || key->cert->serial == 0) + if (key->cert->serial == 0) return 0; memset(&rs, 0, sizeof(rs)); diff --git a/log.c b/log.c index 32e1d2e4512..ad12930e1a4 100644 --- a/log.c +++ b/log.c @@ -1,4 +1,4 @@ -/* $OpenBSD: log.c,v 1.45 2013/05/16 09:08:41 dtucker Exp $ */ +/* $OpenBSD: log.c,v 1.46 2015/07/08 19:04:21 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -50,7 +50,6 @@ # include #endif -#include "xmalloc.h" #include "log.h" static LogLevel log_level = SYSLOG_LEVEL_INFO; diff --git a/moduli b/moduli index 6bb25c9bff4..426a58f4f74 100644 --- a/moduli +++ b/moduli @@ -1,247 +1,268 @@ -# $OpenBSD: moduli,v 1.13 2015/05/28 00:03:06 dtucker Exp $ +# $OpenBSD: moduli,v 1.14 2015/07/22 02:34:59 dtucker Exp $ # Time Type Tests Tries Size Generator Modulus -20150520234251 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A740BE2123 -20150520234255 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A740D85877 -20150520234257 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A740E6494B -20150520234301 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A741120F9B -20150520234303 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7411EAC5B -20150520234304 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7412579DB -20150520234311 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A74167053B -20150520234312 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A74169B303 -20150520234318 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A741A3D69F -20150520234322 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A741C07E23 -20150520234330 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7420B48E3 -20150520234331 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A74215059B -20150520234336 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A74240BD03 -20150520234338 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7424D70BB -20150520234341 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7425C6CE3 -20150520234342 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A74264FA9B -20150520234343 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7426BB34B -20150520234346 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A74285D9E3 -20150520234347 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A742878293 -20150520234348 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A74288D143 -20150520234356 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A742D55BF3 -20150520234401 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A742FC8227 -20150520234410 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7436032EB -20150520234411 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A74361377F -20150520234415 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7437CCCFB -20150520234418 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A743902C1F -20150520234420 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7439EE5DB -20150520234422 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A743AE19BF -20150520234430 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7440152AB -20150520234432 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7440C2F63 -20150520234434 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7441FBDEB -20150520234436 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7442C98DF -20150520234437 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A744319703 -20150520234438 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A74433E927 -20150520234444 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7446DF46F -20150520234450 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A744A3488B -20150520234455 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A744CDAACB -20150520234459 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A744E9D8FF -20150520234504 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A745196237 -20150520235007 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031E9A9C5F7 -20150520235015 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031E9CBB21F -20150520235039 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EA2E9623 -20150520235043 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EA33E3DF -20150520235057 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EA68038B -20150520235114 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EAAB0717 -20150520235122 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EAC2A7FB -20150520235125 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EAC82DD3 -20150520235154 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EB40583F -20150520235214 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EB94F247 -20150520235218 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EB9DF49F -20150520235239 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EBF7BE27 -20150520235244 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EC0B4F4F -20150520235250 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EC21070F -20150520235256 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EC36541F -20150520235307 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EC5FE22B -20150520235322 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ECA1FB57 -20150520235331 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ECC3C823 -20150520235349 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ED035187 -20150520235400 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ED2F07DB -20150520235407 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ED4620CF -20150520235422 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ED86D39F -20150520235424 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ED86E683 -20150520235427 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ED8C3073 -20150520235443 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EDCB1F63 -20150520235450 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EDE00B77 -20150520235452 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EDE42247 -20150520235458 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EDF8F493 -20150520235503 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EE04D69F -20150520235508 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EE14B92B -20150520235510 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EE167933 -20150520235517 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EE2DC63B -20150520235527 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EE52259F -20150520235539 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EE829247 -20150520235557 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EED044BF -20150520235608 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EEFD34CF -20150520235614 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EF0F709F -20150520235616 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EF12110B -20150520235622 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EF25FE1F -20150520235637 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EF6BF4D3 -20150520235654 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EFAF28BF -20150520235701 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EFBFB8BB -20150520235704 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EFC7A62F -20150520235710 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EFD79323 -20150520235725 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F0158F1F -20150520235728 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F01A9E6B -20150520235743 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F055798B -20150520235752 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F0730BC3 -20150520235757 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F08283FF -20150520235825 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F0F451E3 -20150520235830 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F0FDEFB7 -20150520235901 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F1828ECF -20150521000008 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F185D7BF -20150521000011 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F18C58FB -20150521000014 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F191F757 -20150521000841 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CC7F06BB -20150521001025 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CD1057AB -20150521001131 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CD717D6F -20150521001248 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CDDA85F7 -20150521001453 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CE8959BF -20150521001510 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CE98227B -20150521001623 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CEF967BF -20150521001651 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CF18156B -20150521001758 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CF717197 -20150521001924 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CFE1507B -20150521002244 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D0F75427 -20150521002509 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D1BD2823 -20150521002808 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D2B4950F -20150521002846 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D2E6D6D7 -20150521003203 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D3F5D0D3 -20150521003322 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D45851E3 -20150521003430 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D4AEE517 -20150521003629 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D5538E0B -20150521003714 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D58BAFCF -20150521003722 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D5916FC7 -20150521003739 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D5A378F7 -20150521004506 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D82B5113 -20150521004613 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D880CB43 -20150521004753 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D909305B -20150521004802 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D90DBDC3 -20150521005025 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D9CBF44F -20150521005051 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D9E89DA7 -20150521005252 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622DA8BA403 -20150521005347 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622DAD07F73 -20150521005825 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622DC5CE5A3 -20150521005858 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622DC84A597 -20150521010014 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622DCE62957 -20150521010219 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622DD9517D7 -20150521011229 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F951FEB83 -20150521011834 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F960399B7 -20150521012438 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F96EE7973 -20150521014010 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F99453213 -20150521015607 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F9B549727 -20150521015640 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F9B600A7B -20150521020946 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F9D5299DF -20150521021536 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F9E2793D3 -20150521022706 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F9FE131CB -20150521023922 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA1BAC073 -20150521025234 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA3BC9483 -20150521025424 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA3FB3513 -20150521032445 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA87E0FAB -20150521032932 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA929F00F -20150521032947 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA92B272B -20150521033245 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA9953D0B -20150521034828 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FABDD4AEF -20150521035044 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FAC298C7F -20150521035111 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FAC31F17B -20150521035749 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FAD250357 -20150521040009 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FAD788A73 -20150521040220 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FADC5F173 -20150521040316 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FADDFFC03 -20150521041042 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FAEEBDEB3 -20150521041443 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FAF7AD7BB -20150521041831 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB007D653 -20150521041928 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB025C91B -20150521042301 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB0A4C143 -20150521042631 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB12009F7 -20150521042740 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB145360F -20150521043358 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB22FAE93 -20150521044013 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB31527AF -20150521044543 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB3DDFBB7 -20150521004745 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F52665F2B -20150521003352 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F57C7B577 -20150521005557 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F591BBC57 -20150521014228 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F5BDF5CE7 -20150521015455 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F5C9CFD1F -20150521001701 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F5CF6FF9B -20150521002558 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F5D7C4FE3 -20150521003319 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F5DE41DFB -20150521003721 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F5E1B5FAF -20150521010943 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F600B866F -20150521014141 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F61F01EC3 -20150521010312 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F65EAB753 -20150521002914 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F69FD9357 -20150521011058 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F6C6B8513 -20150521013628 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F6DE7D9EF -20150521015040 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F6EB0C897 -20150521001307 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F6F15473B -20150521012712 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F7377044B -20150521005218 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F7767DEA3 -20150521003512 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F7C5546F7 -20150521005420 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F7D68EDC3 -20150521011347 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F7E859CF3 -20150521002429 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F819A93E7 -20150521004826 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F88D91A57 -20150521010541 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F89D29B9F -20150521012418 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F8ADC38F7 -20150521015506 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F8C91980B -20150521004000 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F8E369B97 -20150521005659 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F8F2B1BEB -20150521010328 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F8F7DD1D3 -20150521011152 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F8FF052BB -20150521001457 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F92940463 -20150521011129 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F95C47DCB -20150521013515 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F9710A103 -20150521013841 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F9733A497 -20150521041810 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7BE934407F -20150521070624 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7BEEB1E407 -20150521051555 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7BF50EEEC3 -20150521061258 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C00AF225F -20150521034225 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C058D5963 -20150521035956 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C0616723F -20150521054248 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C12F16C3F -20150521060112 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C1379EA23 -20150521023340 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C165F2773 -20150521043505 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C1A3EC717 -20150521024626 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C202ABED3 -20150521064303 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C27790087 -20150521060604 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C2F9DF583 -20150521062143 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C3003EEAB -20150521044311 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C363D0A77 -20150521053731 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C37D6EFCF -20150521065640 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C3A20A2DF -20150521044717 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C3F622E8B -20150521065426 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C430ED7CB -20150521023632 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C445E575B -20150521032945 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C45EEE643 -20150521054538 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C49FB77CB -20150521024620 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C4D86D0FB -20150521042108 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C505E524B -20150521041835 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CD3703FA7 -20150521051726 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CD4CEF96F -20150521074626 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CD86439C3 -20150521082439 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CD947F7F3 -20150521012012 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CE0694343 -20150521073153 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CE93D436F -20150521094433 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CEC4EE993 -20150521074128 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CFA190CE3 -20150521014004 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D0235296F -20150521014736 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D025961EB -20150521065737 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D0961218F -20150521043653 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D163706C7 -20150521085322 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D1BC6858F -20150521093922 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D1CC27FE3 -20150521120407 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D1FE2874F -20150521124157 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D20A8A19B -20150521035417 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D24E0665B -20150521062806 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D2828F7AB -20150521074218 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D29B42017 -20150521114937 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D2F027D3F -20150521073847 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D3905A9FF -20150521024512 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D41DB2FFB -20150521024827 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D41E2852F -20150521042402 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D43D9B0E3 -20150521083756 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D491D852F -20150521113241 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D4CAD7D8B +20150522025931 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAD18DA1F +20150522025936 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAD3763B3 +20150522025942 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAD702B8B +20150522025943 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAD77C283 +20150522025947 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAD96C25B +20150522025953 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DADD9B3DB +20150522025956 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DADE84F07 +20150522025957 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DADEC1DB3 +20150522030001 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE0E297F +20150522030004 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE2A1E23 +20150522030005 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE2ADE53 +20150522030008 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE47B9F7 +20150522030009 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE4E1343 +20150522030014 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE715CBB +20150522030016 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE7BC9EF +20150522030018 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE84579B +20150522030019 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE8A564B +20150522030023 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAEAF7AD7 +20150522030025 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAEB9DC53 +20150522030027 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAECD976F +20150522030034 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF07F063 +20150522030034 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF08ACBB +20150522030037 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF192C07 +20150522030039 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF241333 +20150522030040 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF255B3B +20150522030044 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF3DEC37 +20150522030048 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF60F05B +20150522030049 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF6255DF +20150522030055 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF8EE01F +20150522030059 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAFAD237B +20150522030104 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAFD13587 +20150522030105 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAFD2BE6F +20150522030108 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAFECF32F +20150522030112 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAFFDEED7 +20150522030115 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB01CAA63 +20150522030116 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB01F3647 +20150522030119 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB034B30F +20150522030122 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB04822EF +20150522030124 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB0528867 +20150522030131 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB08D3CAB +20150522030136 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB0B10C6F +20150522030138 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB0C688A7 +20150522030140 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB0CCDF9B +20150522030141 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB0CFD81B +20150522030145 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB0F59763 +20150522030148 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB10339FB +20150522030149 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB10E3ACB +20150522030150 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB11127F3 +20150522030159 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB15B8BDB +20150522030634 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8ADB54257 +20150522030715 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8AE6EF847 +20150522030737 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8AEC5D76B +20150522030739 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8AECB604F +20150522030742 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8AECF538B +20150522030756 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8AF04851B +20150522030828 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8AF867683 +20150522030905 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B01F7E27 +20150522030909 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B02AFB8F +20150522030918 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B048739F +20150522030930 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B07661CB +20150522030938 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B091EC43 +20150522030955 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B0D50D0F +20150522031007 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B1023673 +20150522031015 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B119500F +20150522031036 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B177EE9F +20150522031056 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B1D0030B +20150522031103 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B1ECC193 +20150522031125 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B24C9CF7 +20150522031136 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B2774773 +20150522031208 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B2FC9617 +20150522031220 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B32FE6CF +20150522031228 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B345AC93 +20150522031248 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B392E18F +20150522031256 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B3B32FCF +20150522031300 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B3BF5B2B +20150522031311 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B3E840CB +20150522031316 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B3F5F9D7 +20150522031334 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B439F28B +20150522031337 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B44025D3 +20150522031339 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B442AC0B +20150522031353 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B4788613 +20150522031356 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B47F8FDB +20150522031401 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B48EAEFB +20150522031407 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B4A1CE0B +20150522031420 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B4D73D93 +20150522031425 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B4E9937F +20150522031428 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B4EFD4BF +20150522031436 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B507149B +20150522031452 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B54A3243 +20150522032348 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF98368C951B +20150522033023 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9838C4B4F7 +20150522033224 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9839729F67 +20150522033330 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9839CF938B +20150522033506 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983A5AA27B +20150522033539 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983A849987 +20150522033610 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983AAC8A5F +20150522033839 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983B7F9067 +20150522033952 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983BE385D7 +20150522034001 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983BEA4367 +20150522034055 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983C305BC3 +20150522034123 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983C516EB3 +20150522034146 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983C6D1017 +20150522034241 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983CB6A553 +20150522034528 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983DA8F54F +20150522034544 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983DB92AEB +20150522034719 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983E32A87B +20150522034748 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983E589F5B +20150522035227 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983FE4EA2B +20150522035328 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9840340683 +20150522035522 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9840D77183 +20150522035721 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF98417632BF +20150522035808 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9841B795AB +20150522035847 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9841E9F357 +20150522040046 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9842863803 +20150522040057 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF98428F98CF +20150522040128 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9842B68EA3 +20150522040136 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9842BA209B +20150522040232 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF984303E883 +20150522040546 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9844117EF3 +20150522040607 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9844276407 +20150522040733 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF984499981B +20150522040850 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF984502ECCF +20150522041059 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9845BB3AD7 +20150522041141 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9845F34747 +20150522041538 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF98473F522B +20150522041645 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF98479B35EB +20150522043157 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379177A90103 +20150522044043 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379178F7604B +20150522044434 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917986809B +20150522044641 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379179D34D9F +20150522045152 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917A93F48B +20150522045648 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917B4FEA03 +20150522051224 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917DA8111B +20150522051844 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917E9226DB +20150522052054 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917EDC16FB +20150522052204 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917F0058A7 +20150522052248 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917F16842F +20150522052650 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917FA2234F +20150522052821 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917FD2EA1B +20150522054416 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F3791823EE827 +20150522054652 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379182978693 +20150522054912 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379182E6E57B +20150522054941 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379182F0448B +20150522055008 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379182FA0E27 +20150522060835 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379185801F93 +20150522062202 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379187943813 +20150522062512 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F3791880945B7 +20150522063933 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918A32FF83 +20150522064222 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918A910AB3 +20150522064452 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918AE83E73 +20150522065035 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918BBA1623 +20150522065634 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918C920633 +20150522070134 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918D471AAB +20150522070306 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918D7B1063 +20150522070332 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918D838D0B +20150522070807 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918E2B8B67 +20150522071420 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918F0C3653 +20150522071508 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918F1EFFFB +20150522071555 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918F35E697 +20150522071903 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918FA47DEB +20150522074443 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37919363872B +20150522075339 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379194BA4383 +20150522080128 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379195DB3C5F +20150522080506 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F3791965094C7 +20150522083733 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C514C4F88F +20150522093608 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C517A26827 +20150522094040 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C517D03757 +20150522095314 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C518686A8B +20150522101845 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C519A641F3 +20150522103233 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C51A4A87B7 +20150522111208 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C51C3A7B9B +20150522120305 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C51EB16CF7 +20150522122813 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C51FE5C353 +20150522132032 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5226F04CB +20150522141054 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C524EBC207 +20150522153656 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C529553A9F +20150522154114 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5298632F7 +20150522154826 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C529DCC5D7 +20150522163842 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C52C78C8C3 +20150522165625 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C52D5A1C27 +20150522172408 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C52EBD88E3 +20150522173745 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C52F69630B +20150522184340 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5327AFF1B +20150522190348 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5336CDC63 +20150522200705 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5366C1207 +20150522201200 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5369D0A6B +20150522202855 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5375B287F +20150522204401 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5380EDB4B +20150522205115 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5385D084B +20150522210056 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C538CEBB3B +20150522212110 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C539B27FE3 +20150522215602 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C53B4E825B +20150522222840 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C53CD37713 +20150522224719 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C53DAAAE07 +20150523005800 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C543D2802B +20150523110456 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C549CAF02F +20150523111755 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C54A5BCB0B +20150523135850 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C551C0E2B7 +20150523140345 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C551F4D6B3 +20150523153045 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5561141EB +20150523170349 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C55A59DCDF +20150523191201 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB470CDA3203 +20150523215157 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4711A72AAB +20150523231527 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB47141BE273 +20150523235422 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB47153C4A8F +20150524010823 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB47174C4663 +20150524013736 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB471810100B +20150524040115 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB471BEA9823 +20150524051719 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB471DEF42C3 +20150524055417 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB471EE81B27 +20150524104925 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4726B43323 +20150524105636 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4726DBBBDF +20150524130121 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB472A1294AB +20150524163025 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB472FBAE453 +20150524163715 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB472FE1144B +20150524173410 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB47315B458F +20150524181655 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB473268D4BB +20150524223625 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB473917D17B +20150525001303 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB473B95BAC3 +20150525011252 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB473D16F0B3 +20150525020522 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB473E60DDB7 +20150525061910 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4744D20B9F +20150525092924 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB47499CAF77 +20150525124039 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB474E6A2CEB +20150525132602 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB474F854D7B +20150525170642 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4755495933 +20150525201019 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4759D07FB7 +20150525223942 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB475D6E1C07 +20150525230547 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB475E0B3487 +20150525234905 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB475F115D93 +20150526002510 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB475FE94D13 +20150526014857 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4761E82A83 +20150526045853 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB47667CBC4F +20150605090211 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB476DA5F0B7 +20150605145212 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4776229827 +20150605174343 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB477A770453 +20150605182015 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB477B32F0B3 +20150526114135 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE95C238093 +20150526114600 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE95C32EEF7 +20150526134901 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE95F067BA3 +20150526153127 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE96179B9CB +20150526164245 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE96332D5AF +20150526174513 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9649A719B +20150527035812 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE97262B7F7 +20150527075726 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE977B43343 +20150527112120 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE97C1F6EA7 +20150528010450 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE98E4FBCCB +20150528020450 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE98F884B93 +20150528024708 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE990692277 +20150605205801 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE994DC793F +20150606012116 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE99A681C6B +20150606055158 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9A0264EE7 +20150606071549 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9A1DB0223 +20150606132241 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9A644DC6B +20150606164856 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9AAAAEE73 +20150606183208 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9ACEEACDB +20150607015742 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9B6ADF38F +20150607022317 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9B733A2AB +20150607051100 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9BAB79D47 +20150607064815 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9BCBC8A17 +20150607120629 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9C355FA5B +20150607121012 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9C3600A83 +20150607123508 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9C3DCB093 +20150607144400 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9C680E5AB +20150607145646 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9C6BC5BC3 +20150607201140 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9CD3C4A03 diff --git a/moduli.0 b/moduli.0 index 1c580d46c5d..087e5963e4d 100644 --- a/moduli.0 +++ b/moduli.0 @@ -71,4 +71,4 @@ STANDARDS the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006, 2006. -OpenBSD 5.7 September 26, 2012 OpenBSD 5.7 +OpenBSD 5.8 September 26, 2012 OpenBSD 5.8 diff --git a/monitor.c b/monitor.c index b4109657efd..a91420983ba 100644 --- a/monitor.c +++ b/monitor.c @@ -1084,9 +1084,7 @@ extern KbdintDevice sshpam_device; int mm_answer_pam_init_ctx(int sock, Buffer *m) { - debug3("%s", __func__); - authctxt->user = buffer_get_string(m, NULL); sshpam_ctxt = (sshpam_device.init_ctx)(authctxt); sshpam_authok = NULL; buffer_clear(m); @@ -1168,14 +1166,16 @@ mm_answer_pam_respond(int sock, Buffer *m) int mm_answer_pam_free_ctx(int sock, Buffer *m) { + int r = sshpam_authok != NULL && sshpam_authok == sshpam_ctxt; debug3("%s", __func__); (sshpam_device.free_ctx)(sshpam_ctxt); + sshpam_ctxt = sshpam_authok = NULL; buffer_clear(m); mm_request_send(sock, MONITOR_ANS_PAM_FREE_CTX, m); auth_method = "keyboard-interactive"; auth_submethod = "pam"; - return (sshpam_authok == sshpam_ctxt); + return r; } #endif diff --git a/monitor_wrap.c b/monitor_wrap.c index e6217b3d42f..eac421ba145 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -614,7 +614,6 @@ mm_sshpam_init_ctx(Authctxt *authctxt) debug3("%s", __func__); buffer_init(&m); - buffer_put_cstring(&m, authctxt->user); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_INIT_CTX, &m); debug3("%s: waiting for MONITOR_ANS_PAM_INIT_CTX", __func__); mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_INIT_CTX, &m); diff --git a/myproposal.h b/myproposal.h index 84b63bcd5bc..46e5b988d46 100644 --- a/myproposal.h +++ b/myproposal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: myproposal.h,v 1.44 2015/05/27 23:51:10 dtucker Exp $ */ +/* $OpenBSD: myproposal.h,v 1.47 2015/07/10 06:21:53 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -93,20 +93,15 @@ #define KEX_CLIENT_KEX KEX_COMMON_KEX \ "diffie-hellman-group-exchange-sha1," \ - "diffie-hellman-group14-sha1," \ - "diffie-hellman-group1-sha1" + "diffie-hellman-group14-sha1" #define KEX_DEFAULT_PK_ALG \ HOSTKEY_ECDSA_CERT_METHODS \ "ssh-ed25519-cert-v01@openssh.com," \ "ssh-rsa-cert-v01@openssh.com," \ - "ssh-dss-cert-v01@openssh.com," \ - "ssh-rsa-cert-v00@openssh.com," \ - "ssh-dss-cert-v00@openssh.com," \ HOSTKEY_ECDSA_METHODS \ "ssh-ed25519," \ - "ssh-rsa," \ - "ssh-dss" + "ssh-rsa" \ /* the actual algorithms */ diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h index cb59ccd5783..1ff7114ef3d 100644 --- a/openbsd-compat/openbsd-compat.h +++ b/openbsd-compat/openbsd-compat.h @@ -70,8 +70,16 @@ void *reallocarray(void *, size_t, size_t); #endif #if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH) +/* + * glibc's FORTIFY_SOURCE can redefine this and prevent us picking up the + * compat version. + */ +# ifdef BROKEN_REALPATH +# define realpath(x, y) _ssh_compat_realpath(x, y) +# endif + char *realpath(const char *path, char *resolved); -#endif +#endif #ifndef HAVE_RRESVPORT_AF int rresvport_af(int *alport, sa_family_t af); diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c index 4637a7a3e16..f36999d7acb 100644 --- a/openbsd-compat/port-linux.c +++ b/openbsd-compat/port-linux.c @@ -278,7 +278,7 @@ oom_adjust_setup(void) verbose("error writing %s: %s", oom_adj_path, strerror(errno)); else - verbose("Set %s from %d to %d", + debug("Set %s from %d to %d", oom_adj_path, oom_adj_save, value); } fclose(fp); @@ -302,7 +302,7 @@ oom_adjust_restore(void) if (fprintf(fp, "%d\n", oom_adj_save) <= 0) verbose("error writing %s: %s", oom_adj_path, strerror(errno)); else - verbose("Set %s to %d", oom_adj_path, oom_adj_save); + debug("Set %s to %d", oom_adj_path, oom_adj_save); fclose(fp); return; diff --git a/openbsd-compat/realpath.c b/openbsd-compat/realpath.c index b6120d034d5..ba4cea93894 100644 --- a/openbsd-compat/realpath.c +++ b/openbsd-compat/realpath.c @@ -33,11 +33,13 @@ #if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH) +#include #include #include #include #include +#include #include #include @@ -90,7 +92,7 @@ realpath(const char *path, char resolved[PATH_MAX]) */ p = strchr(left, '/'); s = p ? p : left + left_len; - if (s - left >= sizeof(next_token)) { + if (s - left >= (ptrdiff_t)sizeof(next_token)) { errno = ENAMETOOLONG; return (NULL); } @@ -169,7 +171,8 @@ realpath(const char *path, char resolved[PATH_MAX]) */ if (p != NULL) { if (symlink[slen - 1] != '/') { - if (slen + 1 >= sizeof(symlink)) { + if (slen + 1 >= + (ptrdiff_t)sizeof(symlink)) { errno = ENAMETOOLONG; return (NULL); } diff --git a/packet.c b/packet.c index a7727ef655c..6008c2d9465 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.212 2015/05/01 07:10:01 djm Exp $ */ +/* $OpenBSD: packet.c,v 1.213 2015/07/29 04:43:06 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1933,6 +1933,17 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r) cleanup_exit(255); } /* FALLTHROUGH */ + case SSH_ERR_NO_CIPHER_ALG_MATCH: + case SSH_ERR_NO_MAC_ALG_MATCH: + case SSH_ERR_NO_COMPRESS_ALG_MATCH: + case SSH_ERR_NO_KEX_ALG_MATCH: + case SSH_ERR_NO_HOSTKEY_ALG_MATCH: + if (ssh && ssh->kex && ssh->kex->failed_choice) { + fatal("Unable to negotiate with %.200s: %s. " + "Their offer: %s", ssh_remote_ipaddr(ssh), + ssh_err(r), ssh->kex->failed_choice); + } + /* FALLTHROUGH */ default: fatal("%s%sConnection to %.200s: %s", tag != NULL ? tag : "", tag != NULL ? ": " : "", diff --git a/readconf.c b/readconf.c index db7d0bbbfab..1d03bdf72d9 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.237 2015/06/26 05:13:20 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.239 2015/07/30 00:01:34 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -157,6 +157,7 @@ typedef enum { oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs, oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes, + oPubkeyAcceptedKeyTypes, oIgnoredUnknownOption, oDeprecated, oUnsupported } OpCodes; @@ -275,6 +276,7 @@ static struct { { "fingerprinthash", oFingerprintHash }, { "updatehostkeys", oUpdateHostkeys }, { "hostbasedkeytypes", oHostbasedKeyTypes }, + { "pubkeyacceptedkeytypes", oPubkeyAcceptedKeyTypes }, { "ignoreunknown", oIgnoreUnknown }, { NULL, oBadOption } @@ -1084,7 +1086,7 @@ process_config_line(Options *options, struct passwd *pw, const char *host, arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); - if (!ciphers_valid(arg)) + if (!ciphers_valid(*arg == '+' ? arg + 1 : arg)) fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.", filename, linenum, arg ? arg : ""); if (*activep && options->ciphers == NULL) @@ -1095,7 +1097,7 @@ process_config_line(Options *options, struct passwd *pw, const char *host, arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); - if (!mac_valid(arg)) + if (!mac_valid(*arg == '+' ? arg + 1 : arg)) fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.", filename, linenum, arg ? arg : ""); if (*activep && options->macs == NULL) @@ -1107,7 +1109,7 @@ process_config_line(Options *options, struct passwd *pw, const char *host, if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); - if (!kex_names_valid(arg)) + if (!kex_names_valid(*arg == '+' ? arg + 1 : arg)) fatal("%.200s line %d: Bad SSH2 KexAlgorithms '%s'.", filename, linenum, arg ? arg : ""); if (*activep && options->kex_algorithms == NULL) @@ -1115,14 +1117,17 @@ process_config_line(Options *options, struct passwd *pw, const char *host, break; case oHostKeyAlgorithms: + charptr = &options->hostkeyalgorithms; +parse_keytypes: arg = strdelim(&s); if (!arg || *arg == '\0') - fatal("%.200s line %d: Missing argument.", filename, linenum); - if (!sshkey_names_valid2(arg, 1)) - fatal("%.200s line %d: Bad protocol 2 host key algorithms '%s'.", - filename, linenum, arg ? arg : ""); - if (*activep && options->hostkeyalgorithms == NULL) - options->hostkeyalgorithms = xstrdup(arg); + fatal("%.200s line %d: Missing argument.", + filename, linenum); + if (!sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1)) + fatal("%s line %d: Bad key types '%s'.", + filename, linenum, arg ? arg : ""); + if (*activep && *charptr == NULL) + *charptr = xstrdup(arg); break; case oProtocol: @@ -1485,16 +1490,11 @@ process_config_line(Options *options, struct passwd *pw, const char *host, case oHostbasedKeyTypes: charptr = &options->hostbased_key_types; - arg = strdelim(&s); - if (!arg || *arg == '\0') - fatal("%.200s line %d: Missing argument.", - filename, linenum); - if (!sshkey_names_valid2(arg, 1)) - fatal("%s line %d: Bad key types '%s'.", - filename, linenum, arg ? arg : ""); - if (*activep && *charptr == NULL) - *charptr = xstrdup(arg); - break; + goto parse_keytypes; + + case oPubkeyAcceptedKeyTypes: + charptr = &options->pubkey_key_types; + goto parse_keytypes; case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", @@ -1676,6 +1676,7 @@ initialize_options(Options * options) options->fingerprint_hash = -1; options->update_hostkeys = -1; options->hostbased_key_types = NULL; + options->pubkey_key_types = NULL; } /* @@ -1761,9 +1762,6 @@ fill_default_options(Options * options) /* Selected in ssh_login(). */ if (options->cipher == -1) options->cipher = SSH_CIPHER_NOT_SET; - /* options->ciphers, default set in myproposals.h */ - /* options->macs, default set in myproposals.h */ - /* options->kex_algorithms, default set in myproposals.h */ /* options->hostkeyalgorithms, default set in myproposals.h */ if (options->protocol == SSH_PROTO_UNKNOWN) options->protocol = SSH_PROTO_2; @@ -1857,8 +1855,14 @@ fill_default_options(Options * options) options->fingerprint_hash = SSH_FP_HASH_DEFAULT; if (options->update_hostkeys == -1) options->update_hostkeys = 0; - if (options->hostbased_key_types == NULL) - options->hostbased_key_types = xstrdup("*"); + if (kex_assemble_names(KEX_CLIENT_ENCRYPT, &options->ciphers) != 0 || + kex_assemble_names(KEX_CLIENT_MAC, &options->macs) != 0 || + kex_assemble_names(KEX_CLIENT_KEX, &options->kex_algorithms) != 0 || + kex_assemble_names(KEX_DEFAULT_PK_ALG, + &options->hostbased_key_types) != 0 || + kex_assemble_names(KEX_DEFAULT_PK_ALG, + &options->pubkey_key_types) != 0) + fatal("%s: kex_assemble_names failed", __func__); #define CLEAR_ON_NONE(v) \ do { \ diff --git a/readconf.h b/readconf.h index 576b9e352d8..bb2d55283dd 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.109 2015/02/16 22:13:32 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.110 2015/07/10 06:21:53 markus Exp $ */ /* * Author: Tatu Ylonen @@ -150,7 +150,8 @@ typedef struct { int update_hostkeys; /* one of SSH_UPDATE_HOSTKEYS_* */ - char *hostbased_key_types; + char *hostbased_key_types; + char *pubkey_key_types; char *ignored_unknown; /* Pattern list of unknown tokens to ignore */ } Options; diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh index 51685dc2b54..3f53922c89e 100755 --- a/regress/cert-hostkey.sh +++ b/regress/cert-hostkey.sh @@ -1,11 +1,32 @@ -# $OpenBSD: cert-hostkey.sh,v 1.11 2015/01/19 06:01:32 djm Exp $ +# $OpenBSD: cert-hostkey.sh,v 1.13 2015/07/10 06:23:25 markus Exp $ # Placed in the Public Domain. tid="certified host keys" rm -f $OBJ/known_hosts-cert* $OBJ/host_ca_key* $OBJ/host_revoked_* rm -f $OBJ/cert_host_key* $OBJ/host_krl_* + +# Allow all hostkey/pubkey types, prefer certs for the client +types="" +for i in `$SSH -Q key`; do + if [ -z "$types" ]; then + types="$i" + continue + fi + case "$i" in + *cert*) types="$i,$types";; + *) types="$types,$i";; + esac +done +( + echo "HostKeyAlgorithms ${types}" + echo "PubkeyAcceptedKeyTypes *" +) >> $OBJ/ssh_proxy cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak +( + echo "HostKeyAlgorithms *" + echo "PubkeyAcceptedKeyTypes *" +) >> $OBJ/sshd_proxy_bak HOSTS='localhost-with-alias,127.0.0.1,::1' @@ -27,13 +48,6 @@ cp $OBJ/host_ca_key.pub $OBJ/host_revoked_ca PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'` -type_has_legacy() { - case $1 in - ed25519*|ecdsa*) return 1 ;; - esac - return 0 -} - # Prepare certificate, plain key and CA KRLs ${SSHKEYGEN} -kf $OBJ/host_krl_empty || fatal "KRL init failed" ${SSHKEYGEN} -kf $OBJ/host_krl_plain || fatal "KRL init failed" @@ -61,18 +75,6 @@ for ktype in $PLAIN_TYPES ; do fatal "KRL update failed" cat $OBJ/cert_host_key_${ktype}-cert.pub >> $OBJ/host_revoked_cert serial=`expr $serial + 1` - type_has_legacy $ktype || continue - cp $OBJ/cert_host_key_${ktype} $OBJ/cert_host_key_${ktype}_v00 - cp $OBJ/cert_host_key_${ktype}.pub $OBJ/cert_host_key_${ktype}_v00.pub - verbose "$tid: sign host ${ktype}_v00 cert" - ${SSHKEYGEN} -t v00 -h -q -s $OBJ/host_ca_key \ - -I "regress host key for $USER" \ - -n $HOSTS $OBJ/cert_host_key_${ktype}_v00 || - fatal "couldn't sign cert_host_key_${ktype}_v00" - ${SSHKEYGEN} -ukf $OBJ/host_krl_cert \ - $OBJ/cert_host_key_${ktype}_v00-cert.pub || \ - fatal "KRL update failed" - cat $OBJ/cert_host_key_${ktype}_v00-cert.pub >> $OBJ/host_revoked_cert done attempt_connect() { @@ -98,7 +100,7 @@ attempt_connect() { # Basic connect and revocation tests. for privsep in yes no ; do - for ktype in $PLAIN_TYPES rsa_v00 dsa_v00; do + for ktype in $PLAIN_TYPES ; do verbose "$tid: host ${ktype} cert connect privsep $privsep" ( cat $OBJ/sshd_proxy_bak @@ -133,14 +135,14 @@ done printf '@cert-authority ' printf "$HOSTS " cat $OBJ/host_ca_key.pub - for ktype in $PLAIN_TYPES rsa_v00 dsa_v00; do + for ktype in $PLAIN_TYPES ; do test -f "$OBJ/cert_host_key_${ktype}.pub" || fatal "no pubkey" printf "@revoked * `cat $OBJ/cert_host_key_${ktype}.pub`\n" done ) > $OBJ/known_hosts-cert.orig cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert for privsep in yes no ; do - for ktype in $PLAIN_TYPES rsa_v00 dsa_v00; do + for ktype in $PLAIN_TYPES ; do verbose "$tid: host ${ktype} revoked cert privsep $privsep" ( cat $OBJ/sshd_proxy_bak @@ -169,7 +171,7 @@ done cat $OBJ/host_ca_key.pub ) > $OBJ/known_hosts-cert.orig cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert -for ktype in $PLAIN_TYPES rsa_v00 dsa_v00 ; do +for ktype in $PLAIN_TYPES ; do verbose "$tid: host ${ktype} revoked cert" ( cat $OBJ/sshd_proxy_bak @@ -198,17 +200,10 @@ test_one() { result=$2 sign_opts=$3 - for kt in rsa rsa_v00 ; do - case $kt in - *_v00) args="-t v00" ;; - *) args="" ;; - esac - - verbose "$tid: host cert connect $ident $kt expect $result" + for kt in rsa ed25519 ; do ${SSHKEYGEN} -q -s $OBJ/host_ca_key \ -I "regress host key for $USER" \ - $sign_opts $args \ - $OBJ/cert_host_key_${kt} || + $sign_opts $OBJ/cert_host_key_${kt} || fail "couldn't sign cert_host_key_${kt}" ( cat $OBJ/sshd_proxy_bak @@ -242,36 +237,33 @@ test_one "cert valid interval" success "-h -V-1w:+2w" test_one "cert has constraints" failure "-h -Oforce-command=false" # Check downgrade of cert to raw key when no CA found -for v in v01 v00 ; do - for ktype in $PLAIN_TYPES ; do - type_has_legacy $ktype || continue - rm -f $OBJ/known_hosts-cert $OBJ/cert_host_key* - verbose "$tid: host ${ktype} ${v} cert downgrade to raw key" - # Generate and sign a host key - ${SSHKEYGEN} -q -N '' -t ${ktype} \ - -f $OBJ/cert_host_key_${ktype} || \ - fail "ssh-keygen of cert_host_key_${ktype} failed" - ${SSHKEYGEN} -t ${v} -h -q -s $OBJ/host_ca_key \ - -I "regress host key for $USER" \ - -n $HOSTS $OBJ/cert_host_key_${ktype} || - fail "couldn't sign cert_host_key_${ktype}" - ( - printf "$HOSTS " - cat $OBJ/cert_host_key_${ktype}.pub - ) > $OBJ/known_hosts-cert - ( - cat $OBJ/sshd_proxy_bak - echo HostKey $OBJ/cert_host_key_${ktype} - echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub - ) > $OBJ/sshd_proxy - - ${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \ - -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \ - -F $OBJ/ssh_proxy somehost true - if [ $? -ne 0 ]; then - fail "ssh cert connect failed" - fi - done +for ktype in $PLAIN_TYPES ; do + rm -f $OBJ/known_hosts-cert $OBJ/cert_host_key* + verbose "$tid: host ${ktype} ${v} cert downgrade to raw key" + # Generate and sign a host key + ${SSHKEYGEN} -q -N '' -t ${ktype} \ + -f $OBJ/cert_host_key_${ktype} || \ + fail "ssh-keygen of cert_host_key_${ktype} failed" + ${SSHKEYGEN} -t ${v} -h -q -s $OBJ/host_ca_key \ + -I "regress host key for $USER" \ + -n $HOSTS $OBJ/cert_host_key_${ktype} || + fail "couldn't sign cert_host_key_${ktype}" + ( + printf "$HOSTS " + cat $OBJ/cert_host_key_${ktype}.pub + ) > $OBJ/known_hosts-cert + ( + cat $OBJ/sshd_proxy_bak + echo HostKey $OBJ/cert_host_key_${ktype} + echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub + ) > $OBJ/sshd_proxy + + ${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \ + -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \ + -F $OBJ/ssh_proxy somehost true + if [ $? -ne 0 ]; then + fail "ssh cert connect failed" + fi done # Wrong certificate @@ -281,33 +273,30 @@ done cat $OBJ/host_ca_key.pub ) > $OBJ/known_hosts-cert.orig cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert -for v in v01 v00 ; do - for kt in $PLAIN_TYPES ; do - type_has_legacy $kt || continue - rm -f $OBJ/cert_host_key* - # Self-sign key - ${SSHKEYGEN} -q -N '' -t ${kt} \ - -f $OBJ/cert_host_key_${kt} || \ - fail "ssh-keygen of cert_host_key_${kt} failed" - ${SSHKEYGEN} -t ${v} -h -q -s $OBJ/cert_host_key_${kt} \ - -I "regress host key for $USER" \ - -n $HOSTS $OBJ/cert_host_key_${kt} || - fail "couldn't sign cert_host_key_${kt}" - verbose "$tid: host ${kt} connect wrong cert" - ( - cat $OBJ/sshd_proxy_bak - echo HostKey $OBJ/cert_host_key_${kt} - echo HostCertificate $OBJ/cert_host_key_${kt}-cert.pub - ) > $OBJ/sshd_proxy - - cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert - ${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \ - -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \ - -F $OBJ/ssh_proxy -q somehost true >/dev/null 2>&1 - if [ $? -eq 0 ]; then - fail "ssh cert connect $ident succeeded unexpectedly" - fi - done +for kt in $PLAIN_TYPES ; do + rm -f $OBJ/cert_host_key* + # Self-sign key + ${SSHKEYGEN} -q -N '' -t ${kt} \ + -f $OBJ/cert_host_key_${kt} || \ + fail "ssh-keygen of cert_host_key_${kt} failed" + ${SSHKEYGEN} -t ${v} -h -q -s $OBJ/cert_host_key_${kt} \ + -I "regress host key for $USER" \ + -n $HOSTS $OBJ/cert_host_key_${kt} || + fail "couldn't sign cert_host_key_${kt}" + verbose "$tid: host ${kt} connect wrong cert" + ( + cat $OBJ/sshd_proxy_bak + echo HostKey $OBJ/cert_host_key_${kt} + echo HostCertificate $OBJ/cert_host_key_${kt}-cert.pub + ) > $OBJ/sshd_proxy + + cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert + ${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \ + -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \ + -F $OBJ/ssh_proxy -q somehost true >/dev/null 2>&1 + if [ $? -eq 0 ]; then + fail "ssh cert connect $ident succeeded unexpectedly" + fi done rm -f $OBJ/known_hosts-cert* $OBJ/host_ca_key* $OBJ/cert_host_key* diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh index b093a919614..c38c00a0217 100755 --- a/regress/cert-userkey.sh +++ b/regress/cert-userkey.sh @@ -1,18 +1,17 @@ -# $OpenBSD: cert-userkey.sh,v 1.12 2013/12/06 13:52:46 markus Exp $ +# $OpenBSD: cert-userkey.sh,v 1.14 2015/07/10 06:23:25 markus Exp $ # Placed in the Public Domain. tid="certified user keys" rm -f $OBJ/authorized_keys_$USER $OBJ/user_ca_key* $OBJ/cert_user_key* cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak +cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'` -type_has_legacy() { - case $1 in - ed25519*|ecdsa*) return 1 ;; - esac - return 0 +kname() { + n=`echo "$1" | sed 's/^dsa/ssh-dss/;s/^rsa/ssh-rsa/;s/^ed/ssh-ed/'` + echo "$n*,ssh-rsa*,ssh-ed25519*" } # Create a CA key @@ -28,18 +27,11 @@ for ktype in $PLAIN_TYPES ; do ${SSHKEYGEN} -q -s $OBJ/user_ca_key -I "regress user key for $USER" \ -z $$ -n ${USER},mekmitasdigoat $OBJ/cert_user_key_${ktype} || fail "couldn't sign cert_user_key_${ktype}" - type_has_legacy $ktype || continue - cp $OBJ/cert_user_key_${ktype} $OBJ/cert_user_key_${ktype}_v00 - cp $OBJ/cert_user_key_${ktype}.pub $OBJ/cert_user_key_${ktype}_v00.pub - verbose "$tid: sign host ${ktype}_v00 cert" - ${SSHKEYGEN} -q -t v00 -s $OBJ/user_ca_key -I \ - "regress user key for $USER" \ - -n ${USER},mekmitasdigoat $OBJ/cert_user_key_${ktype}_v00 || - fatal "couldn't sign cert_user_key_${ktype}_v00" done # Test explicitly-specified principals -for ktype in $PLAIN_TYPES rsa_v00 dsa_v00 ; do +for ktype in $PLAIN_TYPES ; do + t=$(kname $ktype) for privsep in yes no ; do _prefix="${ktype} privsep $privsep" @@ -51,7 +43,12 @@ for ktype in $PLAIN_TYPES rsa_v00 dsa_v00 ; do echo "AuthorizedPrincipalsFile " \ "$OBJ/authorized_principals_%u" echo "TrustedUserCAKeys $OBJ/user_ca_key.pub" + echo "PubkeyAcceptedKeyTypes ${t}" ) > $OBJ/sshd_proxy + ( + cat $OBJ/ssh_proxy_bak + echo "PubkeyAcceptedKeyTypes ${t}" + ) > $OBJ/ssh_proxy # Missing authorized_principals verbose "$tid: ${_prefix} missing authorized_principals" @@ -124,7 +121,12 @@ for ktype in $PLAIN_TYPES rsa_v00 dsa_v00 ; do ( cat $OBJ/sshd_proxy_bak echo "UsePrivilegeSeparation $privsep" + echo "PubkeyAcceptedKeyTypes ${t}" ) > $OBJ/sshd_proxy + ( + cat $OBJ/ssh_proxy_bak + echo "PubkeyAcceptedKeyTypes ${t}" + ) > $OBJ/ssh_proxy # Wrong principals list verbose "$tid: ${_prefix} wrong principals key option" @@ -165,7 +167,8 @@ basic_tests() { extra_sshd="TrustedUserCAKeys $OBJ/user_ca_key.pub" fi - for ktype in $PLAIN_TYPES rsa_v00 dsa_v00 ; do + for ktype in $PLAIN_TYPES ; do + t=$(kname $ktype) for privsep in yes no ; do _prefix="${ktype} privsep $privsep $auth" # Simple connect @@ -173,8 +176,13 @@ basic_tests() { ( cat $OBJ/sshd_proxy_bak echo "UsePrivilegeSeparation $privsep" + echo "PubkeyAcceptedKeyTypes ${t}" echo "$extra_sshd" ) > $OBJ/sshd_proxy + ( + cat $OBJ/ssh_proxy_bak + echo "PubkeyAcceptedKeyTypes ${t}" + ) > $OBJ/ssh_proxy ${SSH} -2i $OBJ/cert_user_key_${ktype} \ -F $OBJ/ssh_proxy somehost true @@ -188,6 +196,7 @@ basic_tests() { cat $OBJ/sshd_proxy_bak echo "UsePrivilegeSeparation $privsep" echo "RevokedKeys $OBJ/cert_user_key_revoked" + echo "PubkeyAcceptedKeyTypes ${t}" echo "$extra_sshd" ) > $OBJ/sshd_proxy cp $OBJ/cert_user_key_${ktype}.pub \ @@ -220,6 +229,7 @@ basic_tests() { ( cat $OBJ/sshd_proxy_bak echo "RevokedKeys $OBJ/user_ca_key.pub" + echo "PubkeyAcceptedKeyTypes ${t}" echo "$extra_sshd" ) > $OBJ/sshd_proxy ${SSH} -2i $OBJ/cert_user_key_${ktype} -F $OBJ/ssh_proxy \ @@ -232,6 +242,7 @@ basic_tests() { verbose "$tid: $auth CA does not authenticate" ( cat $OBJ/sshd_proxy_bak + echo "PubkeyAcceptedKeyTypes ${t}" echo "$extra_sshd" ) > $OBJ/sshd_proxy verbose "$tid: ensure CA key does not authenticate user" @@ -257,12 +268,7 @@ test_one() { fi for auth in $auth_choice ; do - for ktype in rsa rsa_v00 ; do - case $ktype in - *_v00) keyv="-t v00" ;; - *) keyv="" ;; - esac - + for ktype in rsa ed25519 ; do cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy if test "x$auth" = "xauthorized_keys" ; then # Add CA to authorized_keys @@ -274,6 +280,8 @@ test_one() { echo > $OBJ/authorized_keys_$USER echo "TrustedUserCAKeys $OBJ/user_ca_key.pub" \ >> $OBJ/sshd_proxy + echo "PubkeyAcceptedKeyTypes ${t}*" \ + >> $OBJ/sshd_proxy if test "x$auth_opt" != "x" ; then echo $auth_opt >> $OBJ/sshd_proxy fi @@ -282,8 +290,7 @@ test_one() { verbose "$tid: $ident auth $auth expect $result $ktype" ${SSHKEYGEN} -q -s $OBJ/user_ca_key \ -I "regress user key for $USER" \ - $sign_opts $keyv \ - $OBJ/cert_user_key_${ktype} || + $sign_opts $OBJ/cert_user_key_${ktype} || fail "couldn't sign cert_user_key_${ktype}" ${SSH} -2i $OBJ/cert_user_key_${ktype} \ @@ -335,13 +342,10 @@ test_one "principals key option no principals" failure "" \ # Wrong certificate cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy -for ktype in $PLAIN_TYPES rsa_v00 dsa_v00 ; do - case $ktype in - *_v00) args="-t v00" ;; - *) args="" ;; - esac +for ktype in $PLAIN_TYPES ; do + t=$(kname $ktype) # Self-sign - ${SSHKEYGEN} $args -q -s $OBJ/cert_user_key_${ktype} -I \ + ${SSHKEYGEN} -q -s $OBJ/cert_user_key_${ktype} -I \ "regress user key for $USER" \ -n $USER $OBJ/cert_user_key_${ktype} || fail "couldn't sign cert_user_key_${ktype}" diff --git a/regress/hostkey-agent.sh b/regress/hostkey-agent.sh index a011ec83107..094700da62f 100755 --- a/regress/hostkey-agent.sh +++ b/regress/hostkey-agent.sh @@ -1,4 +1,4 @@ -# $OpenBSD: hostkey-agent.sh,v 1.5 2015/02/21 20:51:02 djm Exp $ +# $OpenBSD: hostkey-agent.sh,v 1.6 2015/07/10 06:23:25 markus Exp $ # Placed in the Public Domain. tid="hostkey agent" @@ -31,10 +31,11 @@ cp $OBJ/known_hosts.orig $OBJ/known_hosts unset SSH_AUTH_SOCK for ps in no yes; do - cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy - echo "UsePrivilegeSeparation $ps" >> $OBJ/sshd_proxy for k in `${SSH} -Q key-plain` ; do verbose "key type $k privsep=$ps" + cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy + echo "UsePrivilegeSeparation $ps" >> $OBJ/sshd_proxy + echo "HostKeyAlgorithms $k" >> $OBJ/sshd_proxy opts="-oHostKeyAlgorithms=$k -F $OBJ/ssh_proxy" cp $OBJ/known_hosts.orig $OBJ/known_hosts SSH_CONNECTION=`${SSH} $opts host 'echo $SSH_CONNECTION'` diff --git a/regress/hostkey-rotate.sh b/regress/hostkey-rotate.sh index cde6008f462..3aa8c40c0ad 100755 --- a/regress/hostkey-rotate.sh +++ b/regress/hostkey-rotate.sh @@ -1,4 +1,4 @@ -# $OpenBSD: hostkey-rotate.sh,v 1.3 2015/03/24 20:22:17 markus Exp $ +# $OpenBSD: hostkey-rotate.sh,v 1.4 2015/07/10 06:23:25 markus Exp $ # Placed in the Public Domain. tid="hostkey rotate" @@ -56,7 +56,7 @@ check_key_present ssh-ed25519 || fail "unstrict didn't learn key" # Connect to sshd as usual verbose "learn additional hostkeys" -dossh -oStrictHostKeyChecking=yes +dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=$all_algs # Check that other keys learned expect_nkeys $nkeys "learn hostkeys" check_key_present ssh-rsa || fail "didn't learn keys" @@ -74,7 +74,7 @@ verbose "learn changed non-primary hostkey" mv $OBJ/hkr.ssh-rsa.pub $OBJ/hkr.ssh-rsa.pub.old rm -f $OBJ/hkr.ssh-rsa ${SSHKEYGEN} -qt ssh-rsa -f $OBJ/hkr.ssh-rsa -N '' || fatal "ssh-keygen $k" -dossh -oStrictHostKeyChecking=yes +dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=$all_algs # Check that the key was replaced expect_nkeys $nkeys "learn hostkeys" check_key_present ssh-rsa $OBJ/hkr.ssh-rsa.pub.old && fail "old key present" @@ -109,7 +109,7 @@ dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=ssh-rsa expect_nkeys 1 "learn hostkeys" check_key_present ssh-rsa || fail "didn't learn changed key" -# $OpenBSD: hostkey-rotate.sh,v 1.3 2015/03/24 20:22:17 markus Exp $ +# $OpenBSD: hostkey-rotate.sh,v 1.4 2015/07/10 06:23:25 markus Exp $ # Placed in the Public Domain. tid="hostkey rotate" diff --git a/regress/keygen-knownhosts.sh b/regress/keygen-knownhosts.sh index 085aac650fa..693cd0e7543 100755 --- a/regress/keygen-knownhosts.sh +++ b/regress/keygen-knownhosts.sh @@ -1,4 +1,4 @@ -# $OpenBSD: keygen-knownhosts.sh,v 1.2 2015/01/27 12:01:36 djm Exp $ +# $OpenBSD: keygen-knownhosts.sh,v 1.3 2015/07/17 03:34:27 djm Exp $ # Placed in the Public Domain. tid="ssh-keygen known_hosts" @@ -57,7 +57,7 @@ check_find() { _name=$2 _keygenopt=$3 ${SSHKEYGEN} $_keygenopt -f $OBJ/kh.invalid -F $_host > $OBJ/kh.result - if ! diff -uw $OBJ/kh.expect $OBJ/kh.result ; then + if ! diff -w $OBJ/kh.expect $OBJ/kh.result ; then fail "didn't find $_name" fi } @@ -95,7 +95,7 @@ check_hashed_find() { test "x$_file" = "x" && _file=$OBJ/kh.invalid ${SSHKEYGEN} -f $_file -HF $_host | grep '|1|' | \ sed "s/^[^ ]*/$_host/" > $OBJ/kh.result - if ! diff -uw $OBJ/kh.expect $OBJ/kh.result ; then + if ! diff -w $OBJ/kh.expect $OBJ/kh.result ; then fail "didn't find $_name" fi } @@ -135,47 +135,47 @@ check_hashed_find host-h "find multiple hosts" # Attempt remove key on invalid file. cp $OBJ/kh.invalid.orig $OBJ/kh.invalid ${SSHKEYGEN} -qf $OBJ/kh.invalid -R host-a 2>/dev/null -diff -u $OBJ/kh.invalid $OBJ/kh.invalid.orig || fail "remove on invalid succeeded" +diff $OBJ/kh.invalid $OBJ/kh.invalid.orig || fail "remove on invalid succeeded" # Remove key cp $OBJ/kh.hosts.orig $OBJ/kh.hosts ${SSHKEYGEN} -qf $OBJ/kh.hosts -R host-a 2>/dev/null grep -v "^host-a " $OBJ/kh.hosts.orig > $OBJ/kh.expect -diff -u $OBJ/kh.hosts $OBJ/kh.expect || fail "remove simple" +diff $OBJ/kh.hosts $OBJ/kh.expect || fail "remove simple" # Remove CA key cp $OBJ/kh.hosts.orig $OBJ/kh.hosts ${SSHKEYGEN} -qf $OBJ/kh.hosts -R host-c 2>/dev/null # CA key should not be removed. -diff -u $OBJ/kh.hosts $OBJ/kh.hosts.orig || fail "remove CA" +diff $OBJ/kh.hosts $OBJ/kh.hosts.orig || fail "remove CA" # Remove revoked key cp $OBJ/kh.hosts.orig $OBJ/kh.hosts ${SSHKEYGEN} -qf $OBJ/kh.hosts -R host-d 2>/dev/null # revoked key should not be removed. -diff -u $OBJ/kh.hosts $OBJ/kh.hosts.orig || fail "remove revoked" +diff $OBJ/kh.hosts $OBJ/kh.hosts.orig || fail "remove revoked" # Remove wildcard cp $OBJ/kh.hosts.orig $OBJ/kh.hosts ${SSHKEYGEN} -qf $OBJ/kh.hosts -R host-e.blahblah 2>/dev/null grep -v "^host-e[*] " $OBJ/kh.hosts.orig > $OBJ/kh.expect -diff -u $OBJ/kh.hosts $OBJ/kh.expect || fail "remove wildcard" +diff $OBJ/kh.hosts $OBJ/kh.expect || fail "remove wildcard" # Remove multiple cp $OBJ/kh.hosts.orig $OBJ/kh.hosts ${SSHKEYGEN} -qf $OBJ/kh.hosts -R host-h 2>/dev/null grep -v "^host-f," $OBJ/kh.hosts.orig > $OBJ/kh.expect -diff -u $OBJ/kh.hosts $OBJ/kh.expect || fail "remove wildcard" +diff $OBJ/kh.hosts $OBJ/kh.expect || fail "remove wildcard" # Attempt hash on invalid file cp $OBJ/kh.invalid.orig $OBJ/kh.invalid ${SSHKEYGEN} -qf $OBJ/kh.invalid -H 2>/dev/null && fail "hash invalid succeeded" -diff -u $OBJ/kh.invalid $OBJ/kh.invalid.orig || fail "invalid file modified" +diff $OBJ/kh.invalid $OBJ/kh.invalid.orig || fail "invalid file modified" # Hash valid file cp $OBJ/kh.hosts.orig $OBJ/kh.hosts ${SSHKEYGEN} -qf $OBJ/kh.hosts -H 2>/dev/null || fail "hash failed" -diff -u $OBJ/kh.hosts.old $OBJ/kh.hosts.orig || fail "backup differs" +diff $OBJ/kh.hosts.old $OBJ/kh.hosts.orig || fail "backup differs" grep "^host-[abfgh]" $OBJ/kh.hosts && fail "original hostnames persist" cp $OBJ/kh.hosts $OBJ/kh.hashed.orig diff --git a/regress/keytype.sh b/regress/keytype.sh index 9752acb0a08..8f697788f86 100755 --- a/regress/keytype.sh +++ b/regress/keytype.sh @@ -1,4 +1,4 @@ -# $OpenBSD: keytype.sh,v 1.3 2013/12/06 13:52:46 markus Exp $ +# $OpenBSD: keytype.sh,v 1.4 2015/07/10 06:23:25 markus Exp $ # Placed in the Public Domain. tid="login with different key types" @@ -36,14 +36,26 @@ for ut in $ktypes; do htypes=$ut #htypes=$ktypes for ht in $htypes; do + case $ht in + dsa-1024) t=ssh-dss;; + ecdsa-256) t=ecdsa-sha2-nistp256;; + ecdsa-384) t=ecdsa-sha2-nistp384;; + ecdsa-521) t=ecdsa-sha2-nistp521;; + ed25519-512) t=ssh-ed25519;; + rsa-*) t=ssh-rsa;; + esac trace "ssh connect, userkey $ut, hostkey $ht" ( grep -v HostKey $OBJ/sshd_proxy_bak echo HostKey $OBJ/key.$ht + echo PubkeyAcceptedKeyTypes $t + echo HostKeyAlgorithms $t ) > $OBJ/sshd_proxy ( grep -v IdentityFile $OBJ/ssh_proxy_bak echo IdentityFile $OBJ/key.$ut + echo PubkeyAcceptedKeyTypes $t + echo HostKeyAlgorithms $t ) > $OBJ/ssh_proxy ( printf 'localhost-with-alias,127.0.0.1,::1 ' diff --git a/regress/principals-command.sh b/regress/principals-command.sh index 90064373d9c..b90a8cf2cb4 100755 --- a/regress/principals-command.sh +++ b/regress/principals-command.sh @@ -14,15 +14,15 @@ fi # Establish a AuthorizedPrincipalsCommand in /var/run where it will have # acceptable directory permissions. -PRINCIPALS_COMMAND="/var/run/principals_command_${LOGNAME}" -cat << _EOF | $SUDO sh -c "cat > '$PRINCIPALS_COMMAND'" +PRINCIPALS_CMD="/var/run/principals_command_${LOGNAME}" +cat << _EOF | $SUDO sh -c "cat > '$PRINCIPALS_CMD'" #!/bin/sh test "x\$1" != "x${LOGNAME}" && exit 1 test -f "$OBJ/authorized_principals_${LOGNAME}" && exec cat "$OBJ/authorized_principals_${LOGNAME}" _EOF test $? -eq 0 || fatal "couldn't prepare principals command" -$SUDO chmod 0755 "$PRINCIPALS_COMMAND" +$SUDO chmod 0755 "$PRINCIPALS_CMD" # Create a CA key and a user certificate. ${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key || \ @@ -33,109 +33,113 @@ ${SSHKEYGEN} -q -s $OBJ/user_ca_key -I "regress user key for $USER" \ -z $$ -n ${USER},mekmitasdigoat $OBJ/cert_user_key || \ fatal "couldn't sign cert_user_key" -# Test explicitly-specified principals -for privsep in yes no ; do - _prefix="privsep $privsep" +if [ -x $PRINCIPALS_CMD ]; then + # Test explicitly-specified principals + for privsep in yes no ; do + _prefix="privsep $privsep" - # Setup for AuthorizedPrincipalsCommand - rm -f $OBJ/authorized_keys_$USER - ( - cat $OBJ/sshd_proxy_bak - echo "UsePrivilegeSeparation $privsep" - echo "AuthorizedKeysFile none" - echo "AuthorizedPrincipalsCommand $PRINCIPALS_COMMAND %u" - echo "AuthorizedPrincipalsCommandUser ${LOGNAME}" - echo "TrustedUserCAKeys $OBJ/user_ca_key.pub" - ) > $OBJ/sshd_proxy + # Setup for AuthorizedPrincipalsCommand + rm -f $OBJ/authorized_keys_$USER + ( + cat $OBJ/sshd_proxy_bak + echo "UsePrivilegeSeparation $privsep" + echo "AuthorizedKeysFile none" + echo "AuthorizedPrincipalsCommand $PRINCIPALS_CMD %u" + echo "AuthorizedPrincipalsCommandUser ${LOGNAME}" + echo "TrustedUserCAKeys $OBJ/user_ca_key.pub" + ) > $OBJ/sshd_proxy - # XXX test missing command - # XXX test failing command + # XXX test missing command + # XXX test failing command - # Empty authorized_principals - verbose "$tid: ${_prefix} empty authorized_principals" - echo > $OBJ/authorized_principals_$USER - ${SSH} -2i $OBJ/cert_user_key \ - -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1 - if [ $? -eq 0 ]; then - fail "ssh cert connect succeeded unexpectedly" - fi + # Empty authorized_principals + verbose "$tid: ${_prefix} empty authorized_principals" + echo > $OBJ/authorized_principals_$USER + ${SSH} -2i $OBJ/cert_user_key \ + -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1 + if [ $? -eq 0 ]; then + fail "ssh cert connect succeeded unexpectedly" + fi - # Wrong authorized_principals - verbose "$tid: ${_prefix} wrong authorized_principals" - echo gregorsamsa > $OBJ/authorized_principals_$USER - ${SSH} -2i $OBJ/cert_user_key \ - -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1 - if [ $? -eq 0 ]; then - fail "ssh cert connect succeeded unexpectedly" - fi + # Wrong authorized_principals + verbose "$tid: ${_prefix} wrong authorized_principals" + echo gregorsamsa > $OBJ/authorized_principals_$USER + ${SSH} -2i $OBJ/cert_user_key \ + -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1 + if [ $? -eq 0 ]; then + fail "ssh cert connect succeeded unexpectedly" + fi - # Correct authorized_principals - verbose "$tid: ${_prefix} correct authorized_principals" - echo mekmitasdigoat > $OBJ/authorized_principals_$USER - ${SSH} -2i $OBJ/cert_user_key \ - -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1 - if [ $? -ne 0 ]; then - fail "ssh cert connect failed" - fi + # Correct authorized_principals + verbose "$tid: ${_prefix} correct authorized_principals" + echo mekmitasdigoat > $OBJ/authorized_principals_$USER + ${SSH} -2i $OBJ/cert_user_key \ + -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1 + if [ $? -ne 0 ]; then + fail "ssh cert connect failed" + fi - # authorized_principals with bad key option - verbose "$tid: ${_prefix} authorized_principals bad key opt" - echo 'blah mekmitasdigoat' > $OBJ/authorized_principals_$USER - ${SSH} -2i $OBJ/cert_user_key \ - -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1 - if [ $? -eq 0 ]; then - fail "ssh cert connect succeeded unexpectedly" - fi + # authorized_principals with bad key option + verbose "$tid: ${_prefix} authorized_principals bad key opt" + echo 'blah mekmitasdigoat' > $OBJ/authorized_principals_$USER + ${SSH} -2i $OBJ/cert_user_key \ + -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1 + if [ $? -eq 0 ]; then + fail "ssh cert connect succeeded unexpectedly" + fi - # authorized_principals with command=false - verbose "$tid: ${_prefix} authorized_principals command=false" - echo 'command="false" mekmitasdigoat' > \ - $OBJ/authorized_principals_$USER - ${SSH} -2i $OBJ/cert_user_key \ - -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1 - if [ $? -eq 0 ]; then - fail "ssh cert connect succeeded unexpectedly" - fi + # authorized_principals with command=false + verbose "$tid: ${_prefix} authorized_principals command=false" + echo 'command="false" mekmitasdigoat' > \ + $OBJ/authorized_principals_$USER + ${SSH} -2i $OBJ/cert_user_key \ + -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1 + if [ $? -eq 0 ]; then + fail "ssh cert connect succeeded unexpectedly" + fi + # authorized_principals with command=true + verbose "$tid: ${_prefix} authorized_principals command=true" + echo 'command="true" mekmitasdigoat' > \ + $OBJ/authorized_principals_$USER + ${SSH} -2i $OBJ/cert_user_key \ + -F $OBJ/ssh_proxy somehost false >/dev/null 2>&1 + if [ $? -ne 0 ]; then + fail "ssh cert connect failed" + fi - # authorized_principals with command=true - verbose "$tid: ${_prefix} authorized_principals command=true" - echo 'command="true" mekmitasdigoat' > \ - $OBJ/authorized_principals_$USER - ${SSH} -2i $OBJ/cert_user_key \ - -F $OBJ/ssh_proxy somehost false >/dev/null 2>&1 - if [ $? -ne 0 ]; then - fail "ssh cert connect failed" - fi + # Setup for principals= key option + rm -f $OBJ/authorized_principals_$USER + ( + cat $OBJ/sshd_proxy_bak + echo "UsePrivilegeSeparation $privsep" + ) > $OBJ/sshd_proxy - # Setup for principals= key option - rm -f $OBJ/authorized_principals_$USER - ( - cat $OBJ/sshd_proxy_bak - echo "UsePrivilegeSeparation $privsep" - ) > $OBJ/sshd_proxy + # Wrong principals list + verbose "$tid: ${_prefix} wrong principals key option" + ( + printf 'cert-authority,principals="gregorsamsa" ' + cat $OBJ/user_ca_key.pub + ) > $OBJ/authorized_keys_$USER + ${SSH} -2i $OBJ/cert_user_key \ + -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1 + if [ $? -eq 0 ]; then + fail "ssh cert connect succeeded unexpectedly" + fi - # Wrong principals list - verbose "$tid: ${_prefix} wrong principals key option" - ( - printf 'cert-authority,principals="gregorsamsa" ' - cat $OBJ/user_ca_key.pub - ) > $OBJ/authorized_keys_$USER - ${SSH} -2i $OBJ/cert_user_key \ - -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1 - if [ $? -eq 0 ]; then - fail "ssh cert connect succeeded unexpectedly" - fi - - # Correct principals list - verbose "$tid: ${_prefix} correct principals key option" - ( - printf 'cert-authority,principals="mekmitasdigoat" ' - cat $OBJ/user_ca_key.pub - ) > $OBJ/authorized_keys_$USER - ${SSH} -2i $OBJ/cert_user_key \ - -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1 - if [ $? -ne 0 ]; then - fail "ssh cert connect failed" - fi -done + # Correct principals list + verbose "$tid: ${_prefix} correct principals key option" + ( + printf 'cert-authority,principals="mekmitasdigoat" ' + cat $OBJ/user_ca_key.pub + ) > $OBJ/authorized_keys_$USER + ${SSH} -2i $OBJ/cert_user_key \ + -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1 + if [ $? -ne 0 ]; then + fail "ssh cert connect failed" + fi + done +else + echo "SKIPPED: $PRINCIPALS_COMMAND not executable " \ + "(/var/run mounted noexec?)" +fi diff --git a/regress/unittests/Makefile.inc b/regress/unittests/Makefile.inc index c55d00c61ca..7385e2ba380 100644 --- a/regress/unittests/Makefile.inc +++ b/regress/unittests/Makefile.inc @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile.inc,v 1.3 2015/01/23 21:21:23 miod Exp $ +# $OpenBSD: Makefile.inc,v 1.6 2015/07/01 23:11:18 djm Exp $ .include .include diff --git a/regress/unittests/kex/test_kex.c b/regress/unittests/kex/test_kex.c index c61e2bdbb27..6e5999bb9ed 100644 --- a/regress/unittests/kex/test_kex.c +++ b/regress/unittests/kex/test_kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_kex.c,v 1.1 2015/01/15 23:41:29 markus Exp $ */ +/* $OpenBSD: test_kex.c,v 1.2 2015/07/10 06:23:25 markus Exp $ */ /* * Regress test KEX * @@ -85,6 +85,7 @@ do_kex_with_key(char *kex, int keytype, int bits) struct sshbuf *state; struct kex_params kex_params; char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; + char *keyname = NULL; TEST_START("sshkey_generate"); ASSERT_INT_EQ(sshkey_generate(keytype, bits, &private), 0); @@ -98,6 +99,9 @@ do_kex_with_key(char *kex, int keytype, int bits) memcpy(kex_params.proposal, myproposal, sizeof(myproposal)); if (kex != NULL) kex_params.proposal[PROPOSAL_KEX_ALGS] = kex; + keyname = strdup(sshkey_ssh_name(private)); + ASSERT_PTR_NE(keyname, NULL); + kex_params.proposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = keyname; ASSERT_INT_EQ(ssh_init(&client, 0, &kex_params), 0); ASSERT_INT_EQ(ssh_init(&server, 1, &kex_params), 0); ASSERT_PTR_NE(client, NULL); @@ -167,6 +171,7 @@ do_kex_with_key(char *kex, int keytype, int bits) ssh_free(client); ssh_free(server); ssh_free(server2); + free(keyname); TEST_DONE(); } diff --git a/regress/unittests/sshkey/mktestdata.sh b/regress/unittests/sshkey/mktestdata.sh index 09165af02fd..e11100145d4 100755 --- a/regress/unittests/sshkey/mktestdata.sh +++ b/regress/unittests/sshkey/mktestdata.sh @@ -1,5 +1,5 @@ #!/bin/sh -# $OpenBSD: mktestdata.sh,v 1.4 2015/01/18 19:54:46 djm Exp $ +# $OpenBSD: mktestdata.sh,v 1.5 2015/07/07 14:53:30 markus Exp $ PW=mekmitasdigoat @@ -94,8 +94,8 @@ rm -f rsa1_1_pw rsa_1_pw dsa_1_pw ecdsa_1_pw ed25519_1_pw rm -f rsa_n_pw dsa_n_pw ecdsa_n_pw rm -f pw *.pub *.bn.* *.param.* *.fp *.fp.bb -ssh-keygen -t rsa1 -b 768 -C "RSA1 test key #1" -N "" -f rsa1_1 -ssh-keygen -t rsa -b 768 -C "RSA test key #1" -N "" -f rsa_1 +ssh-keygen -t rsa1 -b 1024 -C "RSA1 test key #1" -N "" -f rsa1_1 +ssh-keygen -t rsa -b 1024 -C "RSA test key #1" -N "" -f rsa_1 ssh-keygen -t dsa -b 1024 -C "DSA test key #1" -N "" -f dsa_1 ssh-keygen -t ecdsa -b 256 -C "ECDSA test key #1" -N "" -f ecdsa_1 ssh-keygen -t ed25519 -C "ED25519 test key #1" -N "" -f ed25519_1 diff --git a/regress/unittests/sshkey/test_file.c b/regress/unittests/sshkey/test_file.c index fa95212bfcb..c8a2369373b 100644 --- a/regress/unittests/sshkey/test_file.c +++ b/regress/unittests/sshkey/test_file.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_file.c,v 1.3 2015/03/04 23:22:35 djm Exp $ */ +/* $OpenBSD: test_file.c,v 1.4 2015/07/07 14:53:30 markus Exp $ */ /* * Regress test for sshkey.h key management API * @@ -83,7 +83,7 @@ sshkey_file_tests(void) TEST_START("RSA1 key hex fingerprint"); buf = load_text_file("rsa1_1.fp"); - cp = sshkey_fingerprint(k1, SSH_DIGEST_MD5, SSH_FP_HEX); + cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64); ASSERT_PTR_NE(cp, NULL); ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); sshbuf_free(buf); @@ -167,7 +167,7 @@ sshkey_file_tests(void) TEST_START("RSA key hex fingerprint"); buf = load_text_file("rsa_1.fp"); - cp = sshkey_fingerprint(k1, SSH_DIGEST_MD5, SSH_FP_HEX); + cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64); ASSERT_PTR_NE(cp, NULL); ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); sshbuf_free(buf); @@ -176,7 +176,7 @@ sshkey_file_tests(void) TEST_START("RSA cert hex fingerprint"); buf = load_text_file("rsa_1-cert.fp"); - cp = sshkey_fingerprint(k2, SSH_DIGEST_MD5, SSH_FP_HEX); + cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64); ASSERT_PTR_NE(cp, NULL); ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); sshbuf_free(buf); @@ -260,7 +260,7 @@ sshkey_file_tests(void) TEST_START("DSA key hex fingerprint"); buf = load_text_file("dsa_1.fp"); - cp = sshkey_fingerprint(k1, SSH_DIGEST_MD5, SSH_FP_HEX); + cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64); ASSERT_PTR_NE(cp, NULL); ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); sshbuf_free(buf); @@ -269,7 +269,7 @@ sshkey_file_tests(void) TEST_START("DSA cert hex fingerprint"); buf = load_text_file("dsa_1-cert.fp"); - cp = sshkey_fingerprint(k2, SSH_DIGEST_MD5, SSH_FP_HEX); + cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64); ASSERT_PTR_NE(cp, NULL); ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); sshbuf_free(buf); @@ -360,7 +360,7 @@ sshkey_file_tests(void) TEST_START("ECDSA key hex fingerprint"); buf = load_text_file("ecdsa_1.fp"); - cp = sshkey_fingerprint(k1, SSH_DIGEST_MD5, SSH_FP_HEX); + cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64); ASSERT_PTR_NE(cp, NULL); ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); sshbuf_free(buf); @@ -369,7 +369,7 @@ sshkey_file_tests(void) TEST_START("ECDSA cert hex fingerprint"); buf = load_text_file("ecdsa_1-cert.fp"); - cp = sshkey_fingerprint(k2, SSH_DIGEST_MD5, SSH_FP_HEX); + cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64); ASSERT_PTR_NE(cp, NULL); ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); sshbuf_free(buf); @@ -427,7 +427,7 @@ sshkey_file_tests(void) TEST_START("Ed25519 key hex fingerprint"); buf = load_text_file("ed25519_1.fp"); - cp = sshkey_fingerprint(k1, SSH_DIGEST_MD5, SSH_FP_HEX); + cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64); ASSERT_PTR_NE(cp, NULL); ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); sshbuf_free(buf); @@ -436,7 +436,7 @@ sshkey_file_tests(void) TEST_START("Ed25519 cert hex fingerprint"); buf = load_text_file("ed25519_1-cert.fp"); - cp = sshkey_fingerprint(k2, SSH_DIGEST_MD5, SSH_FP_HEX); + cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64); ASSERT_PTR_NE(cp, NULL); ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf)); sshbuf_free(buf); diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c index 4453a8599e0..9b3ce7ee43b 100644 --- a/regress/unittests/sshkey/test_sshkey.c +++ b/regress/unittests/sshkey/test_sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshkey.c,v 1.4 2015/04/22 01:38:36 djm Exp $ */ +/* $OpenBSD: test_sshkey.c,v 1.7 2015/08/05 05:27:33 djm Exp $ */ /* * Regress test for sshkey.h key management API * @@ -288,13 +288,15 @@ sshkey_tests(void) #endif TEST_START("generate KEY_RSA"); - ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 768, &kr), 0); + ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 767, &kr), + SSH_ERR_INVALID_ARGUMENT); + ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 1024, &kr), 0); ASSERT_PTR_NE(kr, NULL); ASSERT_PTR_NE(kr->rsa, NULL); ASSERT_PTR_NE(kr->rsa->n, NULL); ASSERT_PTR_NE(kr->rsa->e, NULL); ASSERT_PTR_NE(kr->rsa->p, NULL); - ASSERT_INT_EQ(BN_num_bits(kr->rsa->n), 768); + ASSERT_INT_EQ(BN_num_bits(kr->rsa->n), 1024); TEST_DONE(); TEST_START("generate KEY_DSA"); @@ -397,7 +399,7 @@ sshkey_tests(void) TEST_DONE(); TEST_START("equal different keys"); - ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 768, &k1), 0); + ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 1024, &k1), 0); ASSERT_INT_EQ(sshkey_equal(kr, k1), 0); sshkey_free(k1); ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 1024, &k1), 0); @@ -424,7 +426,7 @@ sshkey_tests(void) ASSERT_INT_EQ(sshkey_load_public(test_data_file("ed25519_1.pub"), &k1, NULL), 0); k2 = get_private("ed25519_2"); - ASSERT_INT_EQ(sshkey_to_certified(k1, 0), 0); + ASSERT_INT_EQ(sshkey_to_certified(k1), 0); ASSERT_PTR_NE(k1->cert, NULL); k1->cert->type = SSH2_CERT_TYPE_USER; k1->cert->serial = 1234; diff --git a/regress/unittests/sshkey/testdata/dsa_1 b/regress/unittests/sshkey/testdata/dsa_1 index 34346869f97..d3f24824f8d 100644 --- a/regress/unittests/sshkey/testdata/dsa_1 +++ b/regress/unittests/sshkey/testdata/dsa_1 @@ -1,12 +1,12 @@ -----BEGIN DSA PRIVATE KEY----- -MIIBuwIBAAKBgQCxBNwH8TmLXqiZa0b9pxC6W+zS4Voqp8S+QwecYpNPTmhjaUYI -E/aJWAzFVtdbysLM89ukvw/z8qBkbMSefdypKmjUtgv51ZD4nfV4Wxb+G+1QExHr -M+kowOOL3XbcsdbPLUt8vxDJbBlQRch4zyai7CWjQR3JFXpR8sevUFJxSQIVAIdE -oncp2DEY2U/ZZnIyGCwApCzfAoGARW+eewZTv1Eosxv3ANKx372pf5+fQKwnWizI -j5z/GY3w3xobRCP9FiL4K3Nip2FvHLTGpRrlfm19RWYAg77VsNgztC4V9C8QrKWc -WJdkUkoQpZ3VoO25rO13hmIelkal3omKCF4ZE/edeF3d2B8DlzYs0aBcjTCMDrub -/CJILcYCgYEAgJt9jefGQi4Sl5F8h3jYo52LygE8sNYyurElMKVmyhFSKJ1Ifi9j -4hNp2jZzu7jpZWhYndUoPaG6gbRB7fL3p5knlRo3P2Dznd6u6NAdhrADWW+JX9n1 -/EMKUv0h8rRFI/3b9RY1HVVzBQH7V3sNJ6iekH8JqOy1liCMaMylw4gCFBl7Lc6V -hmTiTuhLXjoRdCZS/p/m +MIIBvAIBAAKBgQD6kutNFRsHTwEAv6d39Lhsqy1apdHBZ9c2HfyRr7WmypyGIy2m +Ka43vzXI8CNwmRSYs+A6d0vJC7Pl+f9QzJ/04NWOA+MiwfurwrR3CRe61QRYb8Py +mcHOxueHs95IcjrbIPNn86cjnPP5qvv/guUzCjuww4zBdJOXpligrGt2XwIVAKMD +/50qQy7j8JaMk+1+Xtg1pK01AoGBAO7l9QVVbSSoy5lq6cOtvpf8UlwOa6+zBwbl +o4gmFd1RwX1yWkA8kQ7RrhCSg8Hc6mIGnKRgKRli/3LgbSfZ0obFJehkRtEWtN4P +h8fVUeS74iQbIwFQeKlYHIlNTRoGtAbdi3nHdV+BBkEQc1V3rjqYqhjOoz/yNsgz +LND26HrdAoGBAOdXpyfmobEBaOqZAuvgj1P0uhjG2P31Ufurv22FWPBU3A9qrkxb +OXwE0LwvjCvrsQV/lrYhJz/tiys40VeahulWZE5SAHMXGIf95LiLSgaXMjko7joo +t+LK84ltLymwZ4QMnYjnZSSclf1UuyQMcUtb34+I0u9Ycnyhp2mSFsQtAhRYIbQ5 +KfXsZuBPuWe5FJz3ldaEgw== -----END DSA PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/dsa_1-cert.fp b/regress/unittests/sshkey/testdata/dsa_1-cert.fp index b26145b24d5..75ff0e9cd9f 100644 --- a/regress/unittests/sshkey/testdata/dsa_1-cert.fp +++ b/regress/unittests/sshkey/testdata/dsa_1-cert.fp @@ -1 +1 @@ -MD5:5a:4a:41:8c:4e:fa:4c:52:19:f9:39:49:31:fb:fd:74 +SHA256:kOLgXSoAT8O5T6r36n5NJUYigbux1d7gdH/rmWiJm6s diff --git a/regress/unittests/sshkey/testdata/dsa_1-cert.pub b/regress/unittests/sshkey/testdata/dsa_1-cert.pub index 023edf136bf..e768db1e7ba 100644 --- a/regress/unittests/sshkey/testdata/dsa_1-cert.pub +++ b/regress/unittests/sshkey/testdata/dsa_1-cert.pub @@ -1 +1 @@ -ssh-dss-cert-v01@openssh.com AAAAHHNzaC1kc3MtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgj8zueN51MSQ7jW3fFwqyJWA3DycAAavQ8WgMHqcUG7YAAACBALEE3AfxOYteqJlrRv2nELpb7NLhWiqnxL5DB5xik09OaGNpRggT9olYDMVW11vKwszz26S/D/PyoGRsxJ593KkqaNS2C/nVkPid9XhbFv4b7VATEesz6SjA44vddtyx1s8tS3y/EMlsGVBFyHjPJqLsJaNBHckVelHyx69QUnFJAAAAFQCHRKJ3KdgxGNlP2WZyMhgsAKQs3wAAAIBFb557BlO/USizG/cA0rHfval/n59ArCdaLMiPnP8ZjfDfGhtEI/0WIvgrc2KnYW8ctMalGuV+bX1FZgCDvtWw2DO0LhX0LxCspZxYl2RSShClndWg7bms7XeGYh6WRqXeiYoIXhkT9514Xd3YHwOXNizRoFyNMIwOu5v8IkgtxgAAAIEAgJt9jefGQi4Sl5F8h3jYo52LygE8sNYyurElMKVmyhFSKJ1Ifi9j4hNp2jZzu7jpZWhYndUoPaG6gbRB7fL3p5knlRo3P2Dznd6u6NAdhrADWW+JX9n1/EMKUv0h8rRFI/3b9RY1HVVzBQH7V3sNJ6iekH8JqOy1liCMaMylw4gAAAAAAAAABgAAAAIAAAAGanVsaXVzAAAAEgAAAAVob3N0MQAAAAVob3N0MgAAAAA2i4NgAAAAAE0d4eAAAAAAAAAAAAAAAAAAAAAzAAAAC3NzaC1lZDI1NTE5AAAAILk95V5J3LKVx8bcLSB4073R7d0aAvR8gJrPvnV0D3MQAAAAUwAAAAtzc2gtZWQyNTUxOQAAAEA6qftqozw0ah9PG9obAg8iOPwQv6AsT9t/1G69eArSd9Am85OKIhAvYguI1Xtr9rw78X/Xk+6HtyAOF3QemaQD dsa_1.pub +ssh-dss-cert-v01@openssh.com AAAAHHNzaC1kc3MtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgdTlbNU9Hn9Qng3FHxwH971bxCIoq1ern/QWFFDWXgmYAAACBAPqS600VGwdPAQC/p3f0uGyrLVql0cFn1zYd/JGvtabKnIYjLaYprje/NcjwI3CZFJiz4Dp3S8kLs+X5/1DMn/Tg1Y4D4yLB+6vCtHcJF7rVBFhvw/KZwc7G54ez3khyOtsg82fzpyOc8/mq+/+C5TMKO7DDjMF0k5emWKCsa3ZfAAAAFQCjA/+dKkMu4/CWjJPtfl7YNaStNQAAAIEA7uX1BVVtJKjLmWrpw62+l/xSXA5rr7MHBuWjiCYV3VHBfXJaQDyRDtGuEJKDwdzqYgacpGApGWL/cuBtJ9nShsUl6GRG0Ra03g+Hx9VR5LviJBsjAVB4qVgciU1NGga0Bt2Lecd1X4EGQRBzVXeuOpiqGM6jP/I2yDMs0Pboet0AAACBAOdXpyfmobEBaOqZAuvgj1P0uhjG2P31Ufurv22FWPBU3A9qrkxbOXwE0LwvjCvrsQV/lrYhJz/tiys40VeahulWZE5SAHMXGIf95LiLSgaXMjko7joot+LK84ltLymwZ4QMnYjnZSSclf1UuyQMcUtb34+I0u9Ycnyhp2mSFsQtAAAAAAAAAAYAAAACAAAABmp1bGl1cwAAABIAAAAFaG9zdDEAAAAFaG9zdDIAAAAANowB8AAAAABNHmBwAAAAAAAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACBThupGO0X+FLQhbz8CoKPwc7V3JNsQuGtlsgN+F7SMGQAAAFMAAAALc3NoLWVkMjU1MTkAAABAh/z1LIdNL1b66tQ8t9DY9BTB3BQKpTKmc7ezyFKLwl96yaIniZwD9Ticdbe/8i/Li3uCFE3EAt8NAIv9zff8Bg== DSA test key #1 diff --git a/regress/unittests/sshkey/testdata/dsa_1.fp b/regress/unittests/sshkey/testdata/dsa_1.fp index b26145b24d5..75ff0e9cd9f 100644 --- a/regress/unittests/sshkey/testdata/dsa_1.fp +++ b/regress/unittests/sshkey/testdata/dsa_1.fp @@ -1 +1 @@ -MD5:5a:4a:41:8c:4e:fa:4c:52:19:f9:39:49:31:fb:fd:74 +SHA256:kOLgXSoAT8O5T6r36n5NJUYigbux1d7gdH/rmWiJm6s diff --git a/regress/unittests/sshkey/testdata/dsa_1.fp.bb b/regress/unittests/sshkey/testdata/dsa_1.fp.bb index 07dd9b4182b..ba37776ee30 100644 --- a/regress/unittests/sshkey/testdata/dsa_1.fp.bb +++ b/regress/unittests/sshkey/testdata/dsa_1.fp.bb @@ -1 +1 @@ -xosat-baneh-gocad-relek-kepur-mibip-motog-bykyb-hisug-mysus-tuxix +xetag-todiz-mifah-torec-mynyv-cyvit-gopon-pygag-rupic-cenav-bexax diff --git a/regress/unittests/sshkey/testdata/dsa_1.param.g b/regress/unittests/sshkey/testdata/dsa_1.param.g index 4b09f6d18d8..e51c3f9fd1b 100644 --- a/regress/unittests/sshkey/testdata/dsa_1.param.g +++ b/regress/unittests/sshkey/testdata/dsa_1.param.g @@ -1 +1 @@ -456f9e7b0653bf5128b31bf700d2b1dfbda97f9f9f40ac275a2cc88f9cff198df0df1a1b4423fd1622f82b7362a7616f1cb4c6a51ae57e6d7d45660083bed5b0d833b42e15f42f10aca59c589764524a10a59dd5a0edb9aced7786621e9646a5de898a085e1913f79d785dddd81f0397362cd1a05c8d308c0ebb9bfc22482dc6 +00eee5f505556d24a8cb996ae9c3adbe97fc525c0e6bafb30706e5a3882615dd51c17d725a403c910ed1ae109283c1dcea62069ca460291962ff72e06d27d9d286c525e86446d116b4de0f87c7d551e4bbe2241b23015078a9581c894d4d1a06b406dd8b79c7755f81064110735577ae3a98aa18cea33ff236c8332cd0f6e87add diff --git a/regress/unittests/sshkey/testdata/dsa_1.param.priv b/regress/unittests/sshkey/testdata/dsa_1.param.priv index 2dd737cbe5e..4f743314c76 100644 --- a/regress/unittests/sshkey/testdata/dsa_1.param.priv +++ b/regress/unittests/sshkey/testdata/dsa_1.param.priv @@ -1 +1 @@ -197b2dce958664e24ee84b5e3a11742652fe9fe6 +5821b43929f5ec66e04fb967b9149cf795d68483 diff --git a/regress/unittests/sshkey/testdata/dsa_1.param.pub b/regress/unittests/sshkey/testdata/dsa_1.param.pub index b23d7207f66..ba0313beec4 100644 --- a/regress/unittests/sshkey/testdata/dsa_1.param.pub +++ b/regress/unittests/sshkey/testdata/dsa_1.param.pub @@ -1 +1 @@ -00809b7d8de7c6422e1297917c8778d8a39d8bca013cb0d632bab12530a566ca1152289d487e2f63e21369da3673bbb8e96568589dd5283da1ba81b441edf2f7a79927951a373f60f39ddeaee8d01d86b003596f895fd9f5fc430a52fd21f2b44523fddbf516351d55730501fb577b0d27a89e907f09a8ecb596208c68cca5c388 +00e757a727e6a1b10168ea9902ebe08f53f4ba18c6d8fdf551fbabbf6d8558f054dc0f6aae4c5b397c04d0bc2f8c2bebb1057f96b621273fed8b2b38d1579a86e956644e520073171887fde4b88b4a0697323928ee3a28b7e2caf3896d2f29b067840c9d88e765249c95fd54bb240c714b5bdf8f88d2ef58727ca1a7699216c42d diff --git a/regress/unittests/sshkey/testdata/dsa_1.pub b/regress/unittests/sshkey/testdata/dsa_1.pub index 89681970cae..41cae2f69f5 100644 --- a/regress/unittests/sshkey/testdata/dsa_1.pub +++ b/regress/unittests/sshkey/testdata/dsa_1.pub @@ -1 +1 @@ -ssh-dss AAAAB3NzaC1kc3MAAACBALEE3AfxOYteqJlrRv2nELpb7NLhWiqnxL5DB5xik09OaGNpRggT9olYDMVW11vKwszz26S/D/PyoGRsxJ593KkqaNS2C/nVkPid9XhbFv4b7VATEesz6SjA44vddtyx1s8tS3y/EMlsGVBFyHjPJqLsJaNBHckVelHyx69QUnFJAAAAFQCHRKJ3KdgxGNlP2WZyMhgsAKQs3wAAAIBFb557BlO/USizG/cA0rHfval/n59ArCdaLMiPnP8ZjfDfGhtEI/0WIvgrc2KnYW8ctMalGuV+bX1FZgCDvtWw2DO0LhX0LxCspZxYl2RSShClndWg7bms7XeGYh6WRqXeiYoIXhkT9514Xd3YHwOXNizRoFyNMIwOu5v8IkgtxgAAAIEAgJt9jefGQi4Sl5F8h3jYo52LygE8sNYyurElMKVmyhFSKJ1Ifi9j4hNp2jZzu7jpZWhYndUoPaG6gbRB7fL3p5knlRo3P2Dznd6u6NAdhrADWW+JX9n1/EMKUv0h8rRFI/3b9RY1HVVzBQH7V3sNJ6iekH8JqOy1liCMaMylw4g= DSA test key #1 +ssh-dss AAAAB3NzaC1kc3MAAACBAPqS600VGwdPAQC/p3f0uGyrLVql0cFn1zYd/JGvtabKnIYjLaYprje/NcjwI3CZFJiz4Dp3S8kLs+X5/1DMn/Tg1Y4D4yLB+6vCtHcJF7rVBFhvw/KZwc7G54ez3khyOtsg82fzpyOc8/mq+/+C5TMKO7DDjMF0k5emWKCsa3ZfAAAAFQCjA/+dKkMu4/CWjJPtfl7YNaStNQAAAIEA7uX1BVVtJKjLmWrpw62+l/xSXA5rr7MHBuWjiCYV3VHBfXJaQDyRDtGuEJKDwdzqYgacpGApGWL/cuBtJ9nShsUl6GRG0Ra03g+Hx9VR5LviJBsjAVB4qVgciU1NGga0Bt2Lecd1X4EGQRBzVXeuOpiqGM6jP/I2yDMs0Pboet0AAACBAOdXpyfmobEBaOqZAuvgj1P0uhjG2P31Ufurv22FWPBU3A9qrkxbOXwE0LwvjCvrsQV/lrYhJz/tiys40VeahulWZE5SAHMXGIf95LiLSgaXMjko7joot+LK84ltLymwZ4QMnYjnZSSclf1UuyQMcUtb34+I0u9Ycnyhp2mSFsQt DSA test key #1 diff --git a/regress/unittests/sshkey/testdata/dsa_1_pw b/regress/unittests/sshkey/testdata/dsa_1_pw index 1402153a037..24c73039fe1 100644 --- a/regress/unittests/sshkey/testdata/dsa_1_pw +++ b/regress/unittests/sshkey/testdata/dsa_1_pw @@ -1,15 +1,15 @@ -----BEGIN DSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED -DEK-Info: AES-128-CBC,9E668E24E7B9D658E3E7D0446B32B376 +DEK-Info: AES-128-CBC,BC8386C373B22EB7F00ADC821D5D8BE9 -hDjDLbfCAQutblxLuyNzSLxISSgXTgyzq8St9GE0lUtEc7i0xGNWwoWpFSbtD9y1 -yTG5UkhATQt56SY1ABfXZ21wieYuEEQeSJi0gwUQNNt2SwwITx4EdzDedWiHjikt -jbzH3v33agp/odw2X9wY6zu75y9CeW9o7SszRl286DliWIHJmhMlbb8r7jRqu62H -s5YYxD0xS1ipWauxklmIXMWNZHcARo8ZiJOuNdLshrSrl8DUW9P6F89FvxclQzKr -44u3OBm7KbgPvPURDFLgNP6uCGBjzHvhHTpzVBxmQzCl3aGgsTKXiwJ1eupNjntB -ji0EnbznvoxR6qhXxw/WQ+MnWlWqTXka/2qaB6m3oJv+Zn7cPCJ5kvHnhr2JmNMl -igTh4Ov4LZLyNgO0Lbec4KyxW9QInRV5CY4Pu5lhqHteiPmOIGMWFtuh8Bb8Kg2q -VvXnPo5I3FjqV7UhDduO1Wn558sBZWQPqRbHVPN6wXJuM3HGkBl+aNjn0qddv9tr -VFJd/xdly2Ne81g3CB8jysE+3WEOrV9kdybocp/EhSOzP4i6pjWlyWdR5+CgbvRm -TUIeIaQbmPIB5251o5YK+Q== ++HDV2DQ09sxrIAeXTz9r3YFuPRa2hk1+NGcr3ETkXbC6KiZ14wpTnGTloKwaQjIW +eXTa9mpCOWAoohgvsVb+hOuOlP7AfeHu1IXV4EAS+GDpkiV5UxlCXXwqlD75Buu4 +wwDd/p4SWzILH3WGjDk5JIXoxWNY13LHwC7Q6gtGJx4AicUG7YBRTXMIBDa/Kh77 +6o2rFETKmp4VHBvHbakmiETfptdM8bbWxKWeY2vakThyESgeofsLoTOQCIwlEfJC +s2D/KYL65C8VbHYgIoSLTQnooO45DDyxIuhCqP+H23mhv9vB1Od3nc2atgHj/XFs +dcOPFkF/msDRYqxY3V0AS6+jpKwFodZ7g/hyGcyPxOkzlJVuKoKuH6P5PyQ69Gx0 +iqri0xEPyABr7kGlXNrjjctojX+B4WwSnjg/2euXXWFXCRalIdA7ErATTiQbGOx7 +Vd6Gn8PZbSy1MkqEDrZRip0pfAFJYI/8GXPC75BpnRsrVlfhtrngbW+kBP35LzaN +l2K+RQ3gSB3iFoqNb1Kuu6T5MZlyVl5H2dVlJSeb1euQ2OycXdDoFTyJ4AiyWS7w +Vlh8zeJnso5QRDjMwx99pZilbbuFGSLsahiGEveFc6o= -----END DSA PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/dsa_2 b/regress/unittests/sshkey/testdata/dsa_2 index b189dc821d0..3cc9631afa0 100644 --- a/regress/unittests/sshkey/testdata/dsa_2 +++ b/regress/unittests/sshkey/testdata/dsa_2 @@ -1,12 +1,12 @@ -----BEGIN DSA PRIVATE KEY----- -MIIBuwIBAAKBgQDoMxCTyBnLPSO7CRU3RyfJLANLKBZ3/LdcsyNaARctaRA5gzRb -XdTFFU+rWKfxv+otm0KyCOepLtWy8tjKRYb7Ni46USlGwtM0Adx/3vR4iWNfipDP -K2V4O97JyMe3wsbF7siC01U4b8Ki+J44iFG9nuRnOTHqUWI615mraQRwlQIVAMsX -nsPGH8QrU11F1ScAIfZC165dAoGACCXyOHFkxABpJDtJs6AE7Hl3XjI4dnlim/XH -Y60W6gcO7gHSE2r2ljCubJqoUXmxd5mLKgnu91jIG/4URwDM4V7pb2k99sXpAi8I -L52eQl88C0bRD9+lEJfR4PMT39EccDRPB4+E055RoYQZ/McIyad8sF3Qwt084Eq+ -IkUt2coCgYEAxZRpCY82sM9Mu4B0EcH6O8seRqIRScmelljhUtKxuvf2PChwIWkR -HK9lORHBE3iKyurC5Muf3abuHKwMFjrOjHKOTqXBRrDZ7RgLQA0aUAQD3lWc9OTP -NShjphpq5xr0HZB31eJg3/Mo6KxYlRpzMXbTyenZP0XLICSSAywvTDoCFG5whl2k -Y2FLGfi9V6ylUVH6jKgE +MIIBvQIBAAKBgQCbyPXNdHeLsjpobPVCMkfagBkt15Zsltqf/PGNP1y1cuz7rsTX +ZekQwUkSTNm5coqXe+ZOw2O4tjobJDd60I1/VPgaB0NYlQR9Hn87M284WD4f6VY+ +aunHmP134a8ybG5G4NqVNF3ihvxAR2pVITqb7kE46r2uYZNcNlHI8voRCwIVAMcP +bwqFNsQbH5pJyZW30wj4KVZ3AoGBAIK98BVeKQVf8qDFqx9ovMuNgVSxpd+N0Yta +5ZEy1OI2ziu5RhjueIM2K7Gq2Mnp38ob1AM53BUxqlcBJaHEDa6rj6yvuMgW9oCJ +dImBM8sIFxfBbXNbpJiMaDwa6WyT84OkpDE6uuAepTMnWOUWkUVkAiyokHDUGXkG +GyoQblbXAoGBAIsf7TaZ804sUWwRV0wI8DYx+hxD5QdrfYPYMtL2fHn3lICimGt0 +FTtUZ25jKg0E0DMBPdET6ZEHB3ZZkR8hFoUzZhdnyJMu3UjVtgaV88Ue3PrXxchk +0W2jHPaAgQU3JIWzo8HFIFqvC/HEL+EyW3rBTY2uXM3XGI+YcWSA4ZrZAhUAsY2f +bDFNzgZ4DaZ9wLRzTgOswPU= -----END DSA PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/dsa_2.fp b/regress/unittests/sshkey/testdata/dsa_2.fp index 8226574039d..51fbeb4d8ce 100644 --- a/regress/unittests/sshkey/testdata/dsa_2.fp +++ b/regress/unittests/sshkey/testdata/dsa_2.fp @@ -1 +1 @@ -MD5:72:5f:50:6b:e5:64:c5:62:21:92:3f:8b:10:9b:9f:1a +SHA256:ecwhWcXgpdBxZ2e+OjpRRY7dqXHHCD62BGtoVQQBwCk diff --git a/regress/unittests/sshkey/testdata/dsa_2.fp.bb b/regress/unittests/sshkey/testdata/dsa_2.fp.bb index 37a5221a764..4d908ee3097 100644 --- a/regress/unittests/sshkey/testdata/dsa_2.fp.bb +++ b/regress/unittests/sshkey/testdata/dsa_2.fp.bb @@ -1 +1 @@ -xesoh-mebaf-feced-lenuz-sicam-pevok-bosak-nogaz-ligen-fekef-fixex +xeser-megad-pocan-rozit-belup-tapoh-fapif-kyvit-vonav-cehab-naxax diff --git a/regress/unittests/sshkey/testdata/dsa_2.pub b/regress/unittests/sshkey/testdata/dsa_2.pub index 6ed2736b1b8..77bb555d595 100644 --- a/regress/unittests/sshkey/testdata/dsa_2.pub +++ b/regress/unittests/sshkey/testdata/dsa_2.pub @@ -1 +1 @@ -ssh-dss AAAAB3NzaC1kc3MAAACBAOgzEJPIGcs9I7sJFTdHJ8ksA0soFnf8t1yzI1oBFy1pEDmDNFtd1MUVT6tYp/G/6i2bQrII56ku1bLy2MpFhvs2LjpRKUbC0zQB3H/e9HiJY1+KkM8rZXg73snIx7fCxsXuyILTVThvwqL4njiIUb2e5Gc5MepRYjrXmatpBHCVAAAAFQDLF57Dxh/EK1NdRdUnACH2QteuXQAAAIAIJfI4cWTEAGkkO0mzoATseXdeMjh2eWKb9cdjrRbqBw7uAdITavaWMK5smqhRebF3mYsqCe73WMgb/hRHAMzhXulvaT32xekCLwgvnZ5CXzwLRtEP36UQl9Hg8xPf0RxwNE8Hj4TTnlGhhBn8xwjJp3ywXdDC3TzgSr4iRS3ZygAAAIEAxZRpCY82sM9Mu4B0EcH6O8seRqIRScmelljhUtKxuvf2PChwIWkRHK9lORHBE3iKyurC5Muf3abuHKwMFjrOjHKOTqXBRrDZ7RgLQA0aUAQD3lWc9OTPNShjphpq5xr0HZB31eJg3/Mo6KxYlRpzMXbTyenZP0XLICSSAywvTDo= DSA test key #2 +ssh-dss AAAAB3NzaC1kc3MAAACBAJvI9c10d4uyOmhs9UIyR9qAGS3XlmyW2p/88Y0/XLVy7PuuxNdl6RDBSRJM2blyipd75k7DY7i2OhskN3rQjX9U+BoHQ1iVBH0efzszbzhYPh/pVj5q6ceY/XfhrzJsbkbg2pU0XeKG/EBHalUhOpvuQTjqva5hk1w2Ucjy+hELAAAAFQDHD28KhTbEGx+aScmVt9MI+ClWdwAAAIEAgr3wFV4pBV/yoMWrH2i8y42BVLGl343Ri1rlkTLU4jbOK7lGGO54gzYrsarYyenfyhvUAzncFTGqVwElocQNrquPrK+4yBb2gIl0iYEzywgXF8Ftc1ukmIxoPBrpbJPzg6SkMTq64B6lMydY5RaRRWQCLKiQcNQZeQYbKhBuVtcAAACBAIsf7TaZ804sUWwRV0wI8DYx+hxD5QdrfYPYMtL2fHn3lICimGt0FTtUZ25jKg0E0DMBPdET6ZEHB3ZZkR8hFoUzZhdnyJMu3UjVtgaV88Ue3PrXxchk0W2jHPaAgQU3JIWzo8HFIFqvC/HEL+EyW3rBTY2uXM3XGI+YcWSA4ZrZ DSA test key #2 diff --git a/regress/unittests/sshkey/testdata/dsa_n b/regress/unittests/sshkey/testdata/dsa_n index 34346869f97..d3f24824f8d 100644 --- a/regress/unittests/sshkey/testdata/dsa_n +++ b/regress/unittests/sshkey/testdata/dsa_n @@ -1,12 +1,12 @@ -----BEGIN DSA PRIVATE KEY----- -MIIBuwIBAAKBgQCxBNwH8TmLXqiZa0b9pxC6W+zS4Voqp8S+QwecYpNPTmhjaUYI -E/aJWAzFVtdbysLM89ukvw/z8qBkbMSefdypKmjUtgv51ZD4nfV4Wxb+G+1QExHr -M+kowOOL3XbcsdbPLUt8vxDJbBlQRch4zyai7CWjQR3JFXpR8sevUFJxSQIVAIdE -oncp2DEY2U/ZZnIyGCwApCzfAoGARW+eewZTv1Eosxv3ANKx372pf5+fQKwnWizI -j5z/GY3w3xobRCP9FiL4K3Nip2FvHLTGpRrlfm19RWYAg77VsNgztC4V9C8QrKWc -WJdkUkoQpZ3VoO25rO13hmIelkal3omKCF4ZE/edeF3d2B8DlzYs0aBcjTCMDrub -/CJILcYCgYEAgJt9jefGQi4Sl5F8h3jYo52LygE8sNYyurElMKVmyhFSKJ1Ifi9j -4hNp2jZzu7jpZWhYndUoPaG6gbRB7fL3p5knlRo3P2Dznd6u6NAdhrADWW+JX9n1 -/EMKUv0h8rRFI/3b9RY1HVVzBQH7V3sNJ6iekH8JqOy1liCMaMylw4gCFBl7Lc6V -hmTiTuhLXjoRdCZS/p/m +MIIBvAIBAAKBgQD6kutNFRsHTwEAv6d39Lhsqy1apdHBZ9c2HfyRr7WmypyGIy2m +Ka43vzXI8CNwmRSYs+A6d0vJC7Pl+f9QzJ/04NWOA+MiwfurwrR3CRe61QRYb8Py +mcHOxueHs95IcjrbIPNn86cjnPP5qvv/guUzCjuww4zBdJOXpligrGt2XwIVAKMD +/50qQy7j8JaMk+1+Xtg1pK01AoGBAO7l9QVVbSSoy5lq6cOtvpf8UlwOa6+zBwbl +o4gmFd1RwX1yWkA8kQ7RrhCSg8Hc6mIGnKRgKRli/3LgbSfZ0obFJehkRtEWtN4P +h8fVUeS74iQbIwFQeKlYHIlNTRoGtAbdi3nHdV+BBkEQc1V3rjqYqhjOoz/yNsgz +LND26HrdAoGBAOdXpyfmobEBaOqZAuvgj1P0uhjG2P31Ufurv22FWPBU3A9qrkxb +OXwE0LwvjCvrsQV/lrYhJz/tiys40VeahulWZE5SAHMXGIf95LiLSgaXMjko7joo +t+LK84ltLymwZ4QMnYjnZSSclf1UuyQMcUtb34+I0u9Ycnyhp2mSFsQtAhRYIbQ5 +KfXsZuBPuWe5FJz3ldaEgw== -----END DSA PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/dsa_n_pw b/regress/unittests/sshkey/testdata/dsa_n_pw index 42f70dd230c..24ac299a482 100644 --- a/regress/unittests/sshkey/testdata/dsa_n_pw +++ b/regress/unittests/sshkey/testdata/dsa_n_pw @@ -1,22 +1,21 @@ -----BEGIN OPENSSH PRIVATE KEY----- -b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABD5nB+Nkw -LNoPtAG7C3IdXmAAAAEAAAAAEAAAGyAAAAB3NzaC1kc3MAAACBALEE3AfxOYteqJlrRv2n -ELpb7NLhWiqnxL5DB5xik09OaGNpRggT9olYDMVW11vKwszz26S/D/PyoGRsxJ593KkqaN -S2C/nVkPid9XhbFv4b7VATEesz6SjA44vddtyx1s8tS3y/EMlsGVBFyHjPJqLsJaNBHckV -elHyx69QUnFJAAAAFQCHRKJ3KdgxGNlP2WZyMhgsAKQs3wAAAIBFb557BlO/USizG/cA0r -Hfval/n59ArCdaLMiPnP8ZjfDfGhtEI/0WIvgrc2KnYW8ctMalGuV+bX1FZgCDvtWw2DO0 -LhX0LxCspZxYl2RSShClndWg7bms7XeGYh6WRqXeiYoIXhkT9514Xd3YHwOXNizRoFyNMI -wOu5v8IkgtxgAAAIEAgJt9jefGQi4Sl5F8h3jYo52LygE8sNYyurElMKVmyhFSKJ1Ifi9j -4hNp2jZzu7jpZWhYndUoPaG6gbRB7fL3p5knlRo3P2Dznd6u6NAdhrADWW+JX9n1/EMKUv -0h8rRFI/3b9RY1HVVzBQH7V3sNJ6iekH8JqOy1liCMaMylw4gAAAHw8P1DtkBulOGv85qf -P+md2+LL+NKufVzHl9k2UKQFjeqY6uqs4HSDqvhXe7oiXd5mz6I7orxjtKU9hGjNF4ABUD -OawVGe/GCRUQ4WgpAgDnqQLeFcdIwtMSIrRZU6xjs314EI7TM7IIiG26JEuXDfZI1e7C3y -Cc38ZsP3zmg/UjgcCQar5c4n++vhOmeO36+fcUyZ1QlR05SaEtFYJA+otP3RmKTiDwob8Q -zRMr8Y57i2NTTtFjkmnnnQCibP62yz7N22Dve7RTOH8jiaW7p02Vn/6WmCarevN1rxtLLR -lkuWtPoKY8z/Ktcev8YE9f2+9H2TfXDRKYqIEfxgZLCJ4yP2gxDe6zurabS0hAO1CP+ej5 -htdJM3/rTqHAIevXX5uhIDmMvRHnLGldaIX1xux8TIJvSfMkYNIwscIP4kx7BGMk04vXtW -5DLm6IZhzw9T3hjr8R0kBugmT6/h9vD5iN1D+wiHIhHYzQKMU9nOeFNsMBFWgJjU0l8VlF -gEjEMgAEfwynnmIoKB1iA/0em1tdU3naS59DBK+buE0trxUpTAAB5z8yPhAm6DdqrPE8cA -N3HlMoWrbCuak2A0uyOlEJjPg4UJUnv12ve2c9pAMsAu/4CAszCEM0prR+qd/RA4nn4M5u -Xrny2wNtt/DybCkA== +b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABCVs+LsMJ +wnB5zM9U9pTXrGAAAAEAAAAAEAAAGzAAAAB3NzaC1kc3MAAACBAPqS600VGwdPAQC/p3f0 +uGyrLVql0cFn1zYd/JGvtabKnIYjLaYprje/NcjwI3CZFJiz4Dp3S8kLs+X5/1DMn/Tg1Y +4D4yLB+6vCtHcJF7rVBFhvw/KZwc7G54ez3khyOtsg82fzpyOc8/mq+/+C5TMKO7DDjMF0 +k5emWKCsa3ZfAAAAFQCjA/+dKkMu4/CWjJPtfl7YNaStNQAAAIEA7uX1BVVtJKjLmWrpw6 +2+l/xSXA5rr7MHBuWjiCYV3VHBfXJaQDyRDtGuEJKDwdzqYgacpGApGWL/cuBtJ9nShsUl +6GRG0Ra03g+Hx9VR5LviJBsjAVB4qVgciU1NGga0Bt2Lecd1X4EGQRBzVXeuOpiqGM6jP/ +I2yDMs0Pboet0AAACBAOdXpyfmobEBaOqZAuvgj1P0uhjG2P31Ufurv22FWPBU3A9qrkxb +OXwE0LwvjCvrsQV/lrYhJz/tiys40VeahulWZE5SAHMXGIf95LiLSgaXMjko7joot+LK84 +ltLymwZ4QMnYjnZSSclf1UuyQMcUtb34+I0u9Ycnyhp2mSFsQtAAAB4HiOcRW4w+sIqBL0 +TPVbf0glN1hUi0rcE63Pqxmvxb8LkldC4IxAUagPrjhNAEW2AY42+CvPrtGB1z7gDADAIW +xZX6wKwIcXP0Qh+xHE12F4u6mwfasssnAp4t1Ki8uCjMjnimgb3KdWpp0kiUV0oR062TXV +PAdfrWjaq4fw0KOqbHIAG/v36AqzuqjSTfDbqvLZM3y0gp2Q1RxaQVJA5ZIKKyqRyFX7sr +BaEIyCgeE3hM0EB7BycY1oIcS/eNxrACBWVJCENl5N7LtEYXNX7TANFniztfXzwaqGTT6A +fCfbW4gz1UKldLUBzbIrPwMWlirAstbHvOf/2Iay2pNAs/SHhI0aF2jsGfvv5/D6N+r9dG +B2SgDKBg7pywMH1DTvg6YT3P4GjCx0GUHqRCFLvD1rDdk4KSjvaRMpVq1PJ0/Wv6UGtsMS +TR0PaEHDRNZqAX4YxqujnWrGKuRJhuz0eUvp7fZvbWHtiAMKV7368kkeUmkOHanb+TS+zs +KINX8ev8zJZ6WVr8Vl+IQavpv0i2bXwS6QqbEuifpv/+uBb7pqRiU4u8en0eMdX1bZoTPM +R6xHCnGD/Jpb3zS91Ya57T6CiXZ12KCaL6nWGnCkZVpzkfJ2HjFklWSWBQ6uyaosDQ== -----END OPENSSH PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/ecdsa_1 b/regress/unittests/sshkey/testdata/ecdsa_1 index aec73dd61f8..80382b62d2d 100644 --- a/regress/unittests/sshkey/testdata/ecdsa_1 +++ b/regress/unittests/sshkey/testdata/ecdsa_1 @@ -1,5 +1,5 @@ -----BEGIN EC PRIVATE KEY----- -MHcCAQEEIFghsFR1K95tz8qOl3+tX6fv8a/O6AfNbxOSFZX3ihxooAoGCCqGSM49 -AwEHoUQDQgAEalpgP0BOePHtTw0Pus4tdhTb8P9yWUZluvLf1D8vrHImT+G4vr/W -xo5iXGKQVEifuUVyLkAW2kDrq8J/szeRiQ== +MHcCAQEEIPPNyUAnjvFr+eT/7t/IyjuQQd/aLFiTY92LB9gIjyrMoAoGCCqGSM49 +AwEHoUQDQgAEDFlblkOrW9ydKVhtM+9AY3c9saBE7SG3lFx38nBavkADDaI9jh3/ +kvG/Jt9vpm22qwoklTCGDfzCkXkIKaWlBw== -----END EC PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/ecdsa_1-cert.fp b/regress/unittests/sshkey/testdata/ecdsa_1-cert.fp index c3d747affb6..e48304f6fce 100644 --- a/regress/unittests/sshkey/testdata/ecdsa_1-cert.fp +++ b/regress/unittests/sshkey/testdata/ecdsa_1-cert.fp @@ -1 +1 @@ -MD5:f7:be:4c:02:65:ed:4c:11:af:ab:a8:dd:0a:92:e7:44 +SHA256:8ty77fOpABat1y88aNdclQTfU+lVvWe7jYZGw8VYtfg diff --git a/regress/unittests/sshkey/testdata/ecdsa_1-cert.pub b/regress/unittests/sshkey/testdata/ecdsa_1-cert.pub index 29b06a4dd4a..55e2a2568c1 100644 --- a/regress/unittests/sshkey/testdata/ecdsa_1-cert.pub +++ b/regress/unittests/sshkey/testdata/ecdsa_1-cert.pub @@ -1 +1 @@ -ecdsa-sha2-nistp256-cert-v01@openssh.com AAAAKGVjZHNhLXNoYTItbmlzdHAyNTYtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgjpoHehzmM54xz776HOiTOLPhkOwSWyXOMYeqDhDEcLgAAAAIbmlzdHAyNTYAAABBBGpaYD9ATnjx7U8ND7rOLXYU2/D/cllGZbry39Q/L6xyJk/huL6/1saOYlxikFRIn7lFci5AFtpA66vCf7M3kYkAAAAAAAAABwAAAAIAAAAGanVsaXVzAAAAEgAAAAVob3N0MQAAAAVob3N0MgAAAAA2i4NgAAAAAE0d4eAAAAAAAAAAAAAAAAAAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGpaYD9ATnjx7U8ND7rOLXYU2/D/cllGZbry39Q/L6xyJk/huL6/1saOYlxikFRIn7lFci5AFtpA66vCf7M3kYkAAABjAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAABIAAAAIFZM1PXlXf0a3VuGs7MVdWSealDXprT1nN5hQTg+m+EYAAAAIGN1yNXWEY5V315NhOD3mBuh/xCpfDn5rZjF4YntA7du ecdsa_1.pub +ecdsa-sha2-nistp256-cert-v01@openssh.com AAAAKGVjZHNhLXNoYTItbmlzdHAyNTYtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgOtFRnMigkGliaYfPmX5IidVWfV3tRH6lqRXv0l8bvKoAAAAIbmlzdHAyNTYAAABBBAxZW5ZDq1vcnSlYbTPvQGN3PbGgRO0ht5Rcd/JwWr5AAw2iPY4d/5Lxvybfb6ZttqsKJJUwhg38wpF5CCmlpQcAAAAAAAAABwAAAAIAAAAGanVsaXVzAAAAEgAAAAVob3N0MQAAAAVob3N0MgAAAAA2jAHwAAAAAE0eYHAAAAAAAAAAAAAAAAAAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAxZW5ZDq1vcnSlYbTPvQGN3PbGgRO0ht5Rcd/JwWr5AAw2iPY4d/5Lxvybfb6ZttqsKJJUwhg38wpF5CCmlpQcAAABkAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAABJAAAAIHbxGwTnue7KxhHXGFvRcxBnekhQ3Qx84vV/Vs4oVCrpAAAAIQC7vk2+d14aS7td7kVXLQn392oALjEBzMZoDvT1vT/zOA== ECDSA test key #1 diff --git a/regress/unittests/sshkey/testdata/ecdsa_1.fp b/regress/unittests/sshkey/testdata/ecdsa_1.fp index c3d747affb6..e48304f6fce 100644 --- a/regress/unittests/sshkey/testdata/ecdsa_1.fp +++ b/regress/unittests/sshkey/testdata/ecdsa_1.fp @@ -1 +1 @@ -MD5:f7:be:4c:02:65:ed:4c:11:af:ab:a8:dd:0a:92:e7:44 +SHA256:8ty77fOpABat1y88aNdclQTfU+lVvWe7jYZGw8VYtfg diff --git a/regress/unittests/sshkey/testdata/ecdsa_1.fp.bb b/regress/unittests/sshkey/testdata/ecdsa_1.fp.bb index f01a5dd44ce..fa23c33c296 100644 --- a/regress/unittests/sshkey/testdata/ecdsa_1.fp.bb +++ b/regress/unittests/sshkey/testdata/ecdsa_1.fp.bb @@ -1 +1 @@ -xotah-hecal-zibyb-nadug-romuc-hator-venum-hobip-ruluh-ripus-naxix +xibah-vocun-sogyn-byhen-rivem-hegyh-luneh-dozyr-vatyf-dufid-myxyx diff --git a/regress/unittests/sshkey/testdata/ecdsa_1.param.priv b/regress/unittests/sshkey/testdata/ecdsa_1.param.priv index 3475f1fe906..dc908ad7197 100644 --- a/regress/unittests/sshkey/testdata/ecdsa_1.param.priv +++ b/regress/unittests/sshkey/testdata/ecdsa_1.param.priv @@ -1 +1 @@ -5821b054752bde6dcfca8e977fad5fa7eff1afcee807cd6f13921595f78a1c68 +00f3cdc940278ef16bf9e4ffeedfc8ca3b9041dfda2c589363dd8b07d8088f2acc diff --git a/regress/unittests/sshkey/testdata/ecdsa_1.param.pub b/regress/unittests/sshkey/testdata/ecdsa_1.param.pub index 11847a39422..71c9584d66f 100644 --- a/regress/unittests/sshkey/testdata/ecdsa_1.param.pub +++ b/regress/unittests/sshkey/testdata/ecdsa_1.param.pub @@ -1 +1 @@ -046a5a603f404e78f1ed4f0d0fbace2d7614dbf0ff72594665baf2dfd43f2fac72264fe1b8bebfd6c68e625c629054489fb945722e4016da40ebabc27fb3379189 +040c595b9643ab5bdc9d29586d33ef4063773db1a044ed21b7945c77f2705abe40030da23d8e1dff92f1bf26df6fa66db6ab0a249530860dfcc291790829a5a507 diff --git a/regress/unittests/sshkey/testdata/ecdsa_1.pub b/regress/unittests/sshkey/testdata/ecdsa_1.pub index eca1620bcc9..84a71f97656 100644 --- a/regress/unittests/sshkey/testdata/ecdsa_1.pub +++ b/regress/unittests/sshkey/testdata/ecdsa_1.pub @@ -1 +1 @@ -ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGpaYD9ATnjx7U8ND7rOLXYU2/D/cllGZbry39Q/L6xyJk/huL6/1saOYlxikFRIn7lFci5AFtpA66vCf7M3kYk= ECDSA test key #1 +ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAxZW5ZDq1vcnSlYbTPvQGN3PbGgRO0ht5Rcd/JwWr5AAw2iPY4d/5Lxvybfb6ZttqsKJJUwhg38wpF5CCmlpQc= ECDSA test key #1 diff --git a/regress/unittests/sshkey/testdata/ecdsa_1_pw b/regress/unittests/sshkey/testdata/ecdsa_1_pw index 071154ab2c7..5c83a658c2f 100644 --- a/regress/unittests/sshkey/testdata/ecdsa_1_pw +++ b/regress/unittests/sshkey/testdata/ecdsa_1_pw @@ -1,8 +1,8 @@ -----BEGIN EC PRIVATE KEY----- Proc-Type: 4,ENCRYPTED -DEK-Info: AES-128-CBC,74C8AEA5BFAFCC2B1C8B13DE671F5610 +DEK-Info: AES-128-CBC,7BA38DE00F67851E4207216809C3BB15 -vUsgOvCqezxPmcZcFqrSy9Y1MMlVguY0h9cfSPFC7gUrRr+45uCOYX5bOwEXecKn -/9uCXZtlBwwqDS9iK5IPoUrjEHvzI5rVbHWUxDrEOVbsfiDuCxrQM19It6QIqC1v -OSQEdXuBWR5WmhKNc3dqLbWsU8u2s60YwKQmZrj9nM4= +8QkFoZHQkj9a2mt032sp+WKaJ1fwteqWDd4RpAW9OzDgqzMx1QO43qJgBDTfhzjt +M2Q8YfiGjfBEYpg4kCbacfcV68DEV4z6Ll7rIzzzO7OfWUNL++brD64vKx4z6f46 ++sn4nbZTXilpkzi/nmPDVzrNmTSywA8T7Yf0QcBUxks= -----END EC PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/ecdsa_2 b/regress/unittests/sshkey/testdata/ecdsa_2 index 76ae07ad41d..0f4e844d1ea 100644 --- a/regress/unittests/sshkey/testdata/ecdsa_2 +++ b/regress/unittests/sshkey/testdata/ecdsa_2 @@ -1,7 +1,7 @@ -----BEGIN EC PRIVATE KEY----- -MIHcAgEBBEIBg4kVxUfoo/RE/78/QBRqG6PZuHZ82eLnhmZVzBa7XREUiYI/Jw7r -Qwp4FTBVfXL76Pt5AyBMf+52aVeOUlLRERSgBwYFK4EEACOhgYkDgYYABACNTJ5O -uNo5dNgIQRLHzKU91m7immKFiutJ6BlDbkRkKr+Envj13J6HOgYvOTm0n7SPlKHS -STZ4/T36d/rzQOAbIwEnbbwD9HMj6IzE4WH9lJzH7Zy7Tcyu6dOM8L7nOxCp3DUk -F3aAnPSFJhD7NN0jBWOFsD6uy1OmaTklPfRAnCt1MQ== +MIHcAgEBBEIBqBtN7e6Essd3dlsgISViPCXXC0atlNkGtoMgSQdBTKVUfeJOi4lc +RZaXJdXnqWUqI/KEsH8h8QN4YcB8ugmAcc+gBwYFK4EEACOhgYkDgYYABAHZ2VNy +oDedBwqsdzY+kkNptc9DrtRCVmO6cULLj+691MhItqVqTMJbTFlI4MnAg9PoGTF/ +0KmLJfy8vSffXGKqqwGKcFNtd1XCo+7Qu9tXbxron9g6Dmu7y8jaLkixcwZwnwLs +6GmA9qZGuiAfOGV0Gf9/u98sr+vikOa4Ow5JFDTw5g== -----END EC PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/ecdsa_2.fp b/regress/unittests/sshkey/testdata/ecdsa_2.fp index fe7526b9290..581e48aeca1 100644 --- a/regress/unittests/sshkey/testdata/ecdsa_2.fp +++ b/regress/unittests/sshkey/testdata/ecdsa_2.fp @@ -1 +1 @@ -MD5:51:bd:ff:2b:6d:26:9b:90:f9:e1:4a:ca:a0:29:8e:70 +SHA256:ed8YniRHA6qCrErCRnzrWxPHxYuA62a+CAFYUVxJgaI diff --git a/regress/unittests/sshkey/testdata/ecdsa_2.fp.bb b/regress/unittests/sshkey/testdata/ecdsa_2.fp.bb index 267bc63fdc2..e1cc664c2d6 100644 --- a/regress/unittests/sshkey/testdata/ecdsa_2.fp.bb +++ b/regress/unittests/sshkey/testdata/ecdsa_2.fp.bb @@ -1 +1 @@ -xuzaz-zuzuk-virop-vypah-zumel-gylak-selih-fevad-varag-zynif-haxox +xufag-danul-putub-mokin-pugaz-covid-dofag-nihuz-sysab-genar-zaxyx diff --git a/regress/unittests/sshkey/testdata/ecdsa_2.param.priv b/regress/unittests/sshkey/testdata/ecdsa_2.param.priv index 537cdaac36c..dd898d9ab9b 100644 --- a/regress/unittests/sshkey/testdata/ecdsa_2.param.priv +++ b/regress/unittests/sshkey/testdata/ecdsa_2.param.priv @@ -1 +1 @@ -01838915c547e8a3f444ffbf3f40146a1ba3d9b8767cd9e2e7866655cc16bb5d111489823f270eeb430a781530557d72fbe8fb7903204c7fee7669578e5252d11114 +01a81b4dedee84b2c777765b202125623c25d70b46ad94d906b683204907414ca5547de24e8b895c45969725d5e7a9652a23f284b07f21f1037861c07cba098071cf diff --git a/regress/unittests/sshkey/testdata/ecdsa_2.param.pub b/regress/unittests/sshkey/testdata/ecdsa_2.param.pub index 3352ac769fc..94301c9918e 100644 --- a/regress/unittests/sshkey/testdata/ecdsa_2.param.pub +++ b/regress/unittests/sshkey/testdata/ecdsa_2.param.pub @@ -1 +1 @@ -04008d4c9e4eb8da3974d8084112c7cca53dd66ee29a62858aeb49e819436e44642abf849ef8f5dc9e873a062f3939b49fb48f94a1d2493678fd3dfa77faf340e01b2301276dbc03f47323e88cc4e161fd949cc7ed9cbb4dccaee9d38cf0bee73b10a9dc35241776809cf4852610fb34dd23056385b03eaecb53a66939253df4409c2b7531 +0401d9d95372a0379d070aac77363e924369b5cf43aed4425663ba7142cb8feebdd4c848b6a56a4cc25b4c5948e0c9c083d3e819317fd0a98b25fcbcbd27df5c62aaab018a70536d7755c2a3eed0bbdb576f1ae89fd83a0e6bbbcbc8da2e48b17306709f02ece86980f6a646ba201f38657419ff7fbbdf2cafebe290e6b83b0e491434f0e6 diff --git a/regress/unittests/sshkey/testdata/ecdsa_2.pub b/regress/unittests/sshkey/testdata/ecdsa_2.pub index 34e1881dd86..be9d84bf521 100644 --- a/regress/unittests/sshkey/testdata/ecdsa_2.pub +++ b/regress/unittests/sshkey/testdata/ecdsa_2.pub @@ -1 +1 @@ -ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBACNTJ5OuNo5dNgIQRLHzKU91m7immKFiutJ6BlDbkRkKr+Envj13J6HOgYvOTm0n7SPlKHSSTZ4/T36d/rzQOAbIwEnbbwD9HMj6IzE4WH9lJzH7Zy7Tcyu6dOM8L7nOxCp3DUkF3aAnPSFJhD7NN0jBWOFsD6uy1OmaTklPfRAnCt1MQ== ECDSA test key #2 +ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAHZ2VNyoDedBwqsdzY+kkNptc9DrtRCVmO6cULLj+691MhItqVqTMJbTFlI4MnAg9PoGTF/0KmLJfy8vSffXGKqqwGKcFNtd1XCo+7Qu9tXbxron9g6Dmu7y8jaLkixcwZwnwLs6GmA9qZGuiAfOGV0Gf9/u98sr+vikOa4Ow5JFDTw5g== ECDSA test key #2 diff --git a/regress/unittests/sshkey/testdata/ecdsa_n b/regress/unittests/sshkey/testdata/ecdsa_n index aec73dd61f8..80382b62d2d 100644 --- a/regress/unittests/sshkey/testdata/ecdsa_n +++ b/regress/unittests/sshkey/testdata/ecdsa_n @@ -1,5 +1,5 @@ -----BEGIN EC PRIVATE KEY----- -MHcCAQEEIFghsFR1K95tz8qOl3+tX6fv8a/O6AfNbxOSFZX3ihxooAoGCCqGSM49 -AwEHoUQDQgAEalpgP0BOePHtTw0Pus4tdhTb8P9yWUZluvLf1D8vrHImT+G4vr/W -xo5iXGKQVEifuUVyLkAW2kDrq8J/szeRiQ== +MHcCAQEEIPPNyUAnjvFr+eT/7t/IyjuQQd/aLFiTY92LB9gIjyrMoAoGCCqGSM49 +AwEHoUQDQgAEDFlblkOrW9ydKVhtM+9AY3c9saBE7SG3lFx38nBavkADDaI9jh3/ +kvG/Jt9vpm22qwoklTCGDfzCkXkIKaWlBw== -----END EC PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/ecdsa_n_pw b/regress/unittests/sshkey/testdata/ecdsa_n_pw index 75d5859083f..36b7fa78772 100644 --- a/regress/unittests/sshkey/testdata/ecdsa_n_pw +++ b/regress/unittests/sshkey/testdata/ecdsa_n_pw @@ -1,9 +1,9 @@ -----BEGIN OPENSSH PRIVATE KEY----- -b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABBXqI6Z6o -uRM+jAwdhnDoIMAAAAEAAAAAEAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlz -dHAyNTYAAABBBGpaYD9ATnjx7U8ND7rOLXYU2/D/cllGZbry39Q/L6xyJk/huL6/1saOYl -xikFRIn7lFci5AFtpA66vCf7M3kYkAAACwYMnoCTqvUTG0ktSSMNsOZLCdal5J4avEpM1L -sV9SL/RVcwo3ChprhwsnQsaAtMiJCRcHerKgD9qy1MNNaE5VNfVJ0Ih/7ut04cbFKed8p6 -0V+w8WP7WvFffBPoHn+GGbQd1FDGzHhXUB61pH8Qzd1bI/sld/XEtMk7iYjNGQe9Rt0RaK -Wi8trwaA0Fb2w/EFnrdsFFxrIhQEqYBdEQJo782IqAsMG9OwUaM0vy+8bcI= +b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABC4UwEov5 +z0RrCm7AMCxbuiAAAAEAAAAAEAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlz +dHAyNTYAAABBBAxZW5ZDq1vcnSlYbTPvQGN3PbGgRO0ht5Rcd/JwWr5AAw2iPY4d/5Lxvy +bfb6ZttqsKJJUwhg38wpF5CCmlpQcAAACgbCnAklQTHrf5qiHiMxKYwQJ7k/X9mp4fXD4v +xUbgNZiXSxN26mn8mC2rH+WA6Lk3CexR/hrtLI2ndpBsYu1h6HhVkOwwm3Kd/PMKArCupW +l6sYEabrT0EghXR/3aDEZvj79hgKSdu3RpayLvMdbCR8k1cg0/mDmR9hicWfeJ61n/IH05 +tUR268+0BVRW9kDhh/cuv8tVY4L09jCCQ6CpsA== -----END OPENSSH PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/ed25519_1 b/regress/unittests/sshkey/testdata/ed25519_1 index a537ae13dd5..6b0ae01cf68 100644 --- a/regress/unittests/sshkey/testdata/ed25519_1 +++ b/regress/unittests/sshkey/testdata/ed25519_1 @@ -1,7 +1,7 @@ -----BEGIN OPENSSH PRIVATE KEY----- b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW -QyNTUxOQAAACC5PeVeSdyylcfG3C0geNO90e3dGgL0fICaz751dA9zEAAAAJglsAcYJbAH -GAAAAAtzc2gtZWQyNTUxOQAAACC5PeVeSdyylcfG3C0geNO90e3dGgL0fICaz751dA9zEA -AAAED6HJ8Bh8tdQvhMd5o8IxtIwBv8/FV48FpBFWAbYdsIsLk95V5J3LKVx8bcLSB4073R -7d0aAvR8gJrPvnV0D3MQAAAAE0VEMjU1MTkgdGVzdCBrZXkgIzEBAg== +QyNTUxOQAAACBThupGO0X+FLQhbz8CoKPwc7V3JNsQuGtlsgN+F7SMGQAAAJjnj4Ao54+A +KAAAAAtzc2gtZWQyNTUxOQAAACBThupGO0X+FLQhbz8CoKPwc7V3JNsQuGtlsgN+F7SMGQ +AAAED3KgoDbjR54V7bdNpfKlQY5m20UK1QaHytkCR+6rZEDFOG6kY7Rf4UtCFvPwKgo/Bz +tXck2xC4a2WyA34XtIwZAAAAE0VEMjU1MTkgdGVzdCBrZXkgIzEBAg== -----END OPENSSH PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/ed25519_1-cert.fp b/regress/unittests/sshkey/testdata/ed25519_1-cert.fp index fbde87af041..a9674e2b02b 100644 --- a/regress/unittests/sshkey/testdata/ed25519_1-cert.fp +++ b/regress/unittests/sshkey/testdata/ed25519_1-cert.fp @@ -1 +1 @@ -MD5:19:08:8e:7e:4d:e5:de:86:2a:09:47:65:eb:0a:51:2f +SHA256:L3k/oJubblSY0lB9Ulsl7emDMnRPKm/8udf2ccwk560 diff --git a/regress/unittests/sshkey/testdata/ed25519_1-cert.pub b/regress/unittests/sshkey/testdata/ed25519_1-cert.pub index ad0b9a888e9..649b4e80452 100644 --- a/regress/unittests/sshkey/testdata/ed25519_1-cert.pub +++ b/regress/unittests/sshkey/testdata/ed25519_1-cert.pub @@ -1 +1 @@ -ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIHmdL66MkkOvncpc0W4MdvlJZMfQthHiOUv+XKm7gvzOAAAAILk95V5J3LKVx8bcLSB4073R7d0aAvR8gJrPvnV0D3MQAAAAAAAAAAgAAAACAAAABmp1bGl1cwAAABIAAAAFaG9zdDEAAAAFaG9zdDIAAAAANouDYAAAAABNHeHgAAAAAAAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACC5PeVeSdyylcfG3C0geNO90e3dGgL0fICaz751dA9zEAAAAFMAAAALc3NoLWVkMjU1MTkAAABAsUStKm1z3Rtvwy3eXE1DrgVp6kix2iEQXfB66IHX2UpAj5yl0eQGXWTSEDIxHDIb0SJvUH43OWX0PrEeAs0mAA== ed25519_1.pub +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIIxzuxl4z3uwAIslne8Huft+1n1IhHAlNbWZkQyyECCGAAAAIFOG6kY7Rf4UtCFvPwKgo/BztXck2xC4a2WyA34XtIwZAAAAAAAAAAgAAAACAAAABmp1bGl1cwAAABIAAAAFaG9zdDEAAAAFaG9zdDIAAAAANowB8AAAAABNHmBwAAAAAAAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACBThupGO0X+FLQhbz8CoKPwc7V3JNsQuGtlsgN+F7SMGQAAAFMAAAALc3NoLWVkMjU1MTkAAABABGTn+Bmz86Ajk+iqKCSdP5NClsYzn4alJd0V5bizhP0Kumc/HbqQfSt684J1WdSzih+EjvnTgBhK9jTBKb90AQ== ED25519 test key #1 diff --git a/regress/unittests/sshkey/testdata/ed25519_1.fp b/regress/unittests/sshkey/testdata/ed25519_1.fp index fbde87af041..a9674e2b02b 100644 --- a/regress/unittests/sshkey/testdata/ed25519_1.fp +++ b/regress/unittests/sshkey/testdata/ed25519_1.fp @@ -1 +1 @@ -MD5:19:08:8e:7e:4d:e5:de:86:2a:09:47:65:eb:0a:51:2f +SHA256:L3k/oJubblSY0lB9Ulsl7emDMnRPKm/8udf2ccwk560 diff --git a/regress/unittests/sshkey/testdata/ed25519_1.fp.bb b/regress/unittests/sshkey/testdata/ed25519_1.fp.bb index 591a711b443..309f2dafc56 100644 --- a/regress/unittests/sshkey/testdata/ed25519_1.fp.bb +++ b/regress/unittests/sshkey/testdata/ed25519_1.fp.bb @@ -1 +1 @@ -xofip-nuhoh-botam-cypeg-panig-tunef-bimav-numeb-nikic-gocyf-paxax +xubop-rekyd-bakal-nubuf-pahaf-gicuh-logeb-gocif-petod-galip-fuxux diff --git a/regress/unittests/sshkey/testdata/ed25519_1.pub b/regress/unittests/sshkey/testdata/ed25519_1.pub index 633e05077ae..e533059eaab 100644 --- a/regress/unittests/sshkey/testdata/ed25519_1.pub +++ b/regress/unittests/sshkey/testdata/ed25519_1.pub @@ -1 +1 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILk95V5J3LKVx8bcLSB4073R7d0aAvR8gJrPvnV0D3MQ ED25519 test key #1 +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFOG6kY7Rf4UtCFvPwKgo/BztXck2xC4a2WyA34XtIwZ ED25519 test key #1 diff --git a/regress/unittests/sshkey/testdata/ed25519_1_pw b/regress/unittests/sshkey/testdata/ed25519_1_pw index 9fc635208b6..c3b7ae7f811 100644 --- a/regress/unittests/sshkey/testdata/ed25519_1_pw +++ b/regress/unittests/sshkey/testdata/ed25519_1_pw @@ -1,8 +1,8 @@ -----BEGIN OPENSSH PRIVATE KEY----- -b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABAlT1eewp -9gl0gue+sSrBWKAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAILk95V5J3LKVx8bc -LSB4073R7d0aAvR8gJrPvnV0D3MQAAAAoMrL9ixIQHoJ86DcKMGt26+bCeaoyGjW5hha2Y -IxAZ+rRvNjUuv3MGvbUxtUpPZkTP/vk2fVSCuCD9St5Lbt/LKdIk2MfWIFbjZ6iEfdzxz0 -DHmsSDMps8dbePqqIPULR8av447jEzQEkUc8GSR6WqFSJOjJ8OvrJat1KcEK7V2tjZnLS1 -GoLMqVAtCVhuXwUkeJiRQE/JRl172hxB+LAVw= +b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABCus+kaow +AUjHphacvRp98dAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIFOG6kY7Rf4UtCFv +PwKgo/BztXck2xC4a2WyA34XtIwZAAAAoJaqqgiYQuElraJAmYOm7Tb4nJ3eI4oj9mQ52M +/Yd+ION2Ur1v8BDewpDX+LHEYgKHo3Mlmcn2UyF+QJ+7xUCW7QCtk/4szrJzw74DlEl6mH +T8PT/f/av7PpECBD/YD3NoDlB9OWm/Q4sHcxfBEKfTGD7s2Onn71HgrdEOPqd4Sj/IQigR +drfjtXEMlD32k9n3dd2eS9x7AHWYaGFEMkOcY= -----END OPENSSH PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/ed25519_2 b/regress/unittests/sshkey/testdata/ed25519_2 index a6e5f0040a0..e4aed6398d2 100644 --- a/regress/unittests/sshkey/testdata/ed25519_2 +++ b/regress/unittests/sshkey/testdata/ed25519_2 @@ -1,7 +1,7 @@ -----BEGIN OPENSSH PRIVATE KEY----- b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW -QyNTUxOQAAACBXUfO5Kid+jhRnyVt+1r9wj2FN/mZ6RfgGdySeYoq4WAAAAJjGeKsZxnir -GQAAAAtzc2gtZWQyNTUxOQAAACBXUfO5Kid+jhRnyVt+1r9wj2FN/mZ6RfgGdySeYoq4WA -AAAEB+gn4gGClQl2WMeOkikY+w0A0kSw1KH4Oyami7hlypsFdR87kqJ36OFGfJW37Wv3CP -YU3+ZnpF+AZ3JJ5iirhYAAAAE0VEMjU1MTkgdGVzdCBrZXkgIzEBAg== +QyNTUxOQAAACDPVKyLnm3eZE0lm0IfM3Uy9AsdGSBtozcoCt21blYBCwAAAJix1mBGsdZg +RgAAAAtzc2gtZWQyNTUxOQAAACDPVKyLnm3eZE0lm0IfM3Uy9AsdGSBtozcoCt21blYBCw +AAAECZEQHXs18o3DKjhUYaTyt+bUbhqfMeqmsKjYyFvzGVgs9UrIuebd5kTSWbQh8zdTL0 +Cx0ZIG2jNygK3bVuVgELAAAAE0VEMjU1MTkgdGVzdCBrZXkgIzEBAg== -----END OPENSSH PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/ed25519_2.fp b/regress/unittests/sshkey/testdata/ed25519_2.fp index ec1cdbb94d9..04966267257 100644 --- a/regress/unittests/sshkey/testdata/ed25519_2.fp +++ b/regress/unittests/sshkey/testdata/ed25519_2.fp @@ -1 +1 @@ -MD5:5c:c9:ae:a3:0c:aa:28:29:b8:fc:7c:64:ba:6e:e9:c9 +SHA256:vMbaARqVciRgXyZPNHDo+P5p5WK5yWG1Oo6VC35Bomw diff --git a/regress/unittests/sshkey/testdata/ed25519_2.fp.bb b/regress/unittests/sshkey/testdata/ed25519_2.fp.bb index ebe782e2c7d..abba7890154 100644 --- a/regress/unittests/sshkey/testdata/ed25519_2.fp.bb +++ b/regress/unittests/sshkey/testdata/ed25519_2.fp.bb @@ -1 +1 @@ -xenoz-tovup-zecyt-hohar-motam-sugid-fecyz-tutyk-gosom-ginar-kixux +xuces-bapyb-vikob-zesyv-budod-nupip-kebon-tacyc-fofed-lezic-soxax diff --git a/regress/unittests/sshkey/testdata/ed25519_2.pub b/regress/unittests/sshkey/testdata/ed25519_2.pub index 37b93352a54..af34236e712 100644 --- a/regress/unittests/sshkey/testdata/ed25519_2.pub +++ b/regress/unittests/sshkey/testdata/ed25519_2.pub @@ -1 +1 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFdR87kqJ36OFGfJW37Wv3CPYU3+ZnpF+AZ3JJ5iirhY ED25519 test key #1 +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM9UrIuebd5kTSWbQh8zdTL0Cx0ZIG2jNygK3bVuVgEL ED25519 test key #1 diff --git a/regress/unittests/sshkey/testdata/rsa1_1 b/regress/unittests/sshkey/testdata/rsa1_1 index d22014e881108a3a444be9395b226f374a1c5d3d..161cc04dc700b60ac13cc992f44aeed3b4c2fc73 100644 GIT binary patch delta 482 zcmV<80UiFO1C<1jD1QV11OU#Ar+QUxx`=<8hHMB*WCD0oRHz&fg-tXuf%*wG5+kNx znUPhuZe<4$g^7KC{ z^qj2jQL-*O+{Ng7S za`-D*-&U74>8PeYYy@XD9%apvRnJUyJ}?Zik-TG-^ykJVhxFovu0p6u!(qKrP=y9a zz;2cQ5gcD{(b;ivU}sBa>QjG!)j*HYQ~?40DY5PO{*~ZB4Np66dUgnEJ+eGhBDMLo z-#aVXxB@qou{1Yvn1urGMb-`0gtLdf+KFEA4ruHC@+H8QXwVNL0sz@^?a0D(O~cgn zwNUbkJU4{y5@DYT)Kqz*9hj2XHJb2w6g^?*kC*YA0a z&H{k~0P`ygBwge@~0NBjod;kCd delta 369 zcmV-%0gnEa1f>IzC}aZw0|3ux1)f}YLotnX4L-Y7>sNS@$-@bV7jQpJF;^&1Rl?e( z0Rm8-y~^G)PE;J0UMVsCG+6~N=3N0dBHDmme#q}zm&^cXiO^PTRd}*Kda7IEuvOSs zm;(&ntuC_6PP37$8Goussz?I>wVfr#T)T!C9{?{D?q9b1S~Ygk6-SvCjwZg*&KN>) zq?&d9yYIBiuCu5~7~4k40a9klsjAXuOiqlL2bQ~@whP>5e^wW?_WdKkL;k8T5$HJ? z4)A5LY5s6_u%bwT0e(LJzX(SdM;}bPoK-0z0!CbC^fXPQo_~3<;_AV5x+Xf|Q><6+ zh?-DOI1wbbJ6$aSfY!M>ww};NntOW-$Qy1xOjTkXoR9wqD&^#!8b2(pTj53<-6@Pr zR|F>b1%%Rqa{++&MzmhuZe<4$g^7KC{ z^qj2jQL-*O+{Ng7SSy5;_e#_e0a3U*2-qNKV{=>`+x4pLC)gixQjCp_;pTJdI>5LUZS&Y=oW) z#~<0VrXtPDjg1EDfwQR2(4(L$r^@%@iO<#DL6n#~yw<3Wh8aTf=sfYB93?KI=rH5| zhJ9^zcJqxR{S-%r7|y>+FNlAO*nf7hPxO=V{h2B7#DMi>kBt5M1Yvz~2wnK!{X67+ z^UyAq&zuTy-Sycy;sY=0Sf)NyOOBB^4mgY1eBz#XBWW76jM=AM(_iVdb}qg9dBr#< zEur5a{CGeW+_wAOz@vwnlhNe*A~nmmJ#z6|#&BzrB3RwVoN7*RgL_hK>|~6{U{zN* zJo5mQiMg&C9@I(%D9D1)oO$Mb2#ug%?oL(mG1k~9_a0iyG>^WS(81xJCrWVi*4(0& Y@z;Q>&U92BAZe;2>C<{in4v`9Ve~xpNB{r; delta 369 zcmV-%0gnEa1f>IzC}aZw0|3ux1)f}YLotnX4L-Y7>sNS@$-@bV7jQpJF;^&1Rl?e( z0Rm8-y~^G)PE;J0UMVsCG+6~N=3N0dBHDmme#q}zm&^cXiO^PTRd}*Kda7IEuvOSs zm;(&ntuC_6PP37$8Gk}EOK;LHZBhWJXQ5I$x>?wDc+J{=o*$j`@H_@oYbGW@qjWNX zhN)$2wZ+hll^2EMKaLd2vOIV*tT~@e;w3b{`H& zRa}qUyDo=P>WghoT0&<{s2xxIHexPf3@*Ov8-wt+B(%7L>3@eId&)~Gpg$K}O_Sj0RGEf(YPrM7wsCY>XbhN zT)Psn#?^~((qzncOHwYVS;zaRwYSz23J{14f-(|x8d8F=R@(9y7P@A_HU*W7`6#LG diff --git a/regress/unittests/sshkey/testdata/rsa1_2 b/regress/unittests/sshkey/testdata/rsa1_2 index e75e665ffc5c7305455c37701d0fd051f82fc119..1d672ddea393fe786673f5c8aed8a772eaaa9f7b 100644 GIT binary patch delta 931 zcmV;U16=&o2h|6VEPu+dk+pgiM?k^5a3J(*A)%eb4`h9^stx-F90uqMPj8gsj<5pH>o`y-Xzl-hn z$(Cf~RWty5(Z$?7;oAN3(@M~X6)htwg$d}GWOtMO6m@mo0WtqW^?+x9lf725=mS_h(e;P9~WrdLQl5+&hD#`Cd$qH zgHH+#3A%HwgJ98vx`n$HWmR0pr8eu02HzSUgb@e8A+9K**t14oor_rSKt-;h#I1je z_BmHgYZNN>djd|glPm!lf9av=p$Gtr8y7`KUMC``Q!S@ZS1xg`#|jZ!yDcvP3@X}M z7>qdPb&CquPDVDx7e~mcXimCCOce==ElM_{>cjq?N? zDz^`p#r|r~Pn$DN`3~{i-K@LQuXW;%HrOzzgyD#ZU z4BGV)$E0n#&j_{hhjI&EulHVv-;+Hn71AMELHAo>yR~)@VEQ-yn7rA`ktZ87O^`O- z-F`*AMks)+Il6%0fAUZuTSqo#VFUoTtDr9g6f4VI0(j_L!$1)rf_Q)X&P#q_Aa^|o zAws9Uw1_)@O(d)im+i@5nN3=j+;)2U9V5O7ll?HF0!Cm;%5d*f6Grz)Is+nLarid1OU;- z9zDcq2+H&;NG$Z*Zl8ZR+6oPe@bEF7NNa;=J1!8;jm-vy)Xps;CCP@Qv8szlNFZ-o z`dcE@e_(1_Aa;1b8xgKbpfUdt=6}|NZ;%N8X&8j^<>3@C`jEevO F006q@#Vh~- delta 931 zcmV;U16=&o2h|6VEPt?ypQDDX>Z>lp>CMOH%TBDGm|_BX?$&lLA5k|sq!+A;h9e)X zJBKH!-kC{rr>f?3p)yo+L6}P3k*XXb@EtD#1nPgGA(osrdR+v)ql5-*`A!Q~(eK26 zP|7Ij1_M-m^c)6uRSkmEY4(}4SJd$EcbT1@cB^Nfzd{Do7=PQV?HD8RPEFrBteAF& z=CB6%qCTdt6STnPvHM#dwA(L7vME9=MFn)q>Bdd9-2C8BgKKNwsQXkKO+sWurRpH9 zQKDTiNI^{PE*YJonR#d@K8x!R^P^GeidV1=t@@7uqnou`=}oSQkJ?}%*C_KVF3CRK z7Ud9gzBlPm!le~+h+rw9Hw$E61Y4{@3z&5ipJ^-npCdlJN~>7UpwK?iOg z*W8Q>T|Q#0sEmzxugHLaU&WJ7`+UzWHMxBU^62epv~*9DLA(*?zn-8vy-&_UC^Z=h z`n8U}FmYz1oMMME zO)NSOJ7UIQ)2;Dkwy&OcC0!sh8V&HzU);hU>I9dCu)FjAI#fW3ls{Jj&}na;FY9x8 zd-JqN>Lq6jLKBj=DS6UaBCk13{{t+_+!F$|NsWy_QRqMxGDGq5^fb}fnE!Q$FH%7UodX7XK_jzCQvmpSRX<#2!el8Km z9^BS$%6=VEZ_(_Q^mO#!%&y0h9b0`;-Y|&g208qYe5@ORf7hk*5~g*I70D1=1OU)p z7XC?#X(FRP$2LAPk^qBrVu`Zw>IM8V#u?v2erE|sCWkiNKxu6$V>fDQ-eD-aHh8+m z7UA=Zp%!BoWS)&En+p69dfuJ=rut2+(P5|-&IlBl6;z;`8sNti);3370~KeHRGs9) zG=0;DgT$%;e_tH-M(iM;4e^)Iw%9EM0NCaUcP=*Ma#*XWNn4VGhl$vYvZM>(S)&>R z&=>exIwW8gWpn|p|6%N$ZMty>Dt5iXe}S*FKUryNp%U~~Z;vaWRNXC`LuCq+ zDwK__ML9bNA;6zjjRr>P>5lOt&XQYKQV%?$6Eg096&CB{89IY^H^=gzVXKd$c)0)o F006R>zSRH# diff --git a/regress/unittests/sshkey/testdata/rsa1_2.fp b/regress/unittests/sshkey/testdata/rsa1_2.fp index cd0039306f8..00516d521fb 100644 --- a/regress/unittests/sshkey/testdata/rsa1_2.fp +++ b/regress/unittests/sshkey/testdata/rsa1_2.fp @@ -1 +1 @@ -MD5:c0:83:1c:97:5f:32:77:7e:e4:e3:e9:29:b9:eb:76:9c +SHA256:JaOeRCnLl/TLe7vn1+aQ4ONyKZCUhK5x3k4VHilmbpE diff --git a/regress/unittests/sshkey/testdata/rsa1_2.fp.bb b/regress/unittests/sshkey/testdata/rsa1_2.fp.bb index cd80371401b..b4989a588d8 100644 --- a/regress/unittests/sshkey/testdata/rsa1_2.fp.bb +++ b/regress/unittests/sshkey/testdata/rsa1_2.fp.bb @@ -1 +1 @@ -xifad-vevot-sozyl-fapeb-meryf-kylut-cydiv-firik-gavyb-lanad-kaxox +xipag-zohut-zepuk-pisyv-kamog-pupus-netud-tudis-melup-cynov-gaxox diff --git a/regress/unittests/sshkey/testdata/rsa1_2.param.n b/regress/unittests/sshkey/testdata/rsa1_2.param.n index f8143a4b93c..25d438d0620 100644 --- a/regress/unittests/sshkey/testdata/rsa1_2.param.n +++ b/regress/unittests/sshkey/testdata/rsa1_2.param.n @@ -1 +1 @@ -00b08a9fa386aceaab2ec3e9cdc7e6cb4eac9e98620279eed6762e1f513739a417ac8a86231fad3b8727a9de994973a7aae674a132547341984ade91aa1c22f01d2f0204ea7fa121969c367a5d04bda384066cf94e0b56d1efc47f50ca28e90603547df41c0676550d82d369f699b457d4f0f077999d9e76ab679fbf4206d418dbabed1823f14e4ddf3aac987686e6b006f8a23ea6af13b4c0e5b1fb5b1eb4db2f47b229422c450574cae9c64db5dcfce050836b6bdfa8fb541b4d426444a5ea20ad51a25d3048414ced2e199da2997968273e8beb10f3a351e98a57b00dadfa8f00a39bb55be94dae898fda6021d728f32b2ec93edd16e51073be3ac7511e5085 +00cab091b57a154740c1bb7020f46a21a19dc40f647db2aab1babd30cabe241f0437391e68376ba35e48c624b8eaf6b59424d4c1a848c9fd1ef5cdc7c1b7f5e5df23b7ad513b79021286d38c52fdfae35656659e8649b2bf8bedf7c99664e45534007bd1c5dc3de1dafdf2d34ad087155951aa0f3d500b36d0d804bbccdef15ab31ca3dd40bdf5196065a97f397ef576caffb606be8232f6e0614aea0e979b9584296673fabb1dbd9f3212495c428842a2ab1f1768dd424fb6fdceeeab9126cacdfc834f0a0d09ba73ad8360d183ba85bb1565555cc6a536eb8d06df1a1e841107c021ae28a2d8b3465f9d8b58ef4045aea1c4ad7f8bf639574d6b142af67b4eb3 diff --git a/regress/unittests/sshkey/testdata/rsa1_2.pub b/regress/unittests/sshkey/testdata/rsa1_2.pub index de1afbb8bce..acab6dda6e6 100644 --- a/regress/unittests/sshkey/testdata/rsa1_2.pub +++ b/regress/unittests/sshkey/testdata/rsa1_2.pub @@ -1 +1 @@ -2048 65537 22286299513474010485021611215236051675183880694440075228245854420062562171290421803318459093678819161498086077099067169041536315773126601869537036602014639497662916952995546870691495931205282427606841521014293638607226118353743812583642616889028731910222603216563207637006843580936568089467160095319593442255227365472917576488012409542775346105980501967996562422764758836868135158147777193940857952623773420292946843206784104932927528915610322518810753953608862466374219925252817405397507396462117715293725218947744085154122395590957537510003558169729949140038634486299736757269280065662263306737701939154762092925061 RSA1 test key #2 +2048 65537 25587207108642486834576012232250034427766229965612147538722032399009467293691448851087324679403117563681753304072089087252850866332601294130674473984011813227791089686736237645788471744456489819306046398653719249100878753563464696688916667605969658659855996383142110932332560049231682024775766802333675397528993897914717996946881193454997890776063024953924432026083898531677702536941151535135950834711001926404724453460085864892836473957600610133803037286539329764689125111700732309717375455919436557475211197800228646235077584780367991159670572954337165006813357814232200750568307753718414790655085790471723847208627 RSA1 test key #2 diff --git a/regress/unittests/sshkey/testdata/rsa_1 b/regress/unittests/sshkey/testdata/rsa_1 index 09e79a72e3e..5de3f8422e8 100644 --- a/regress/unittests/sshkey/testdata/rsa_1 +++ b/regress/unittests/sshkey/testdata/rsa_1 @@ -1,12 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIIBywIBAAJhAM/6MDmVVm/uNQmZpOcthoAAgMDUg7G4H6ZLLyPEhboKaBBHvIdw -ZdDmB+0LDf3D1aWXyUd2/pCkCysiBzqd/523zAzjY7HayqL6A940AxKBBbWLn+X6 -i2yJR7dTOYkk6QIDAQABAmAgKanBjfWzE5yCIo+c7K5rJyjCKVtAZaAHYIMmveKM -VcWoFt/x9hDY0GoTX21HfDxLX8oDxnsmhsOrnvSmgUChFwkm45eSETqeVDWwIVFA -FGL1s38xQsciWZWBFNppAIECMQD7nslReAxwz/Ad++ACXswfJg1l2wUQ1gJA3zh3 -jln6a4s3aV1zxbKlIn8iqBv0BZkCMQDTmO4WqyNnin73XCZs0DWu7GsfcuaH8QnD -wqPjJgrclTZXedxHkeqO2oyZW4mLC9ECMBb/blsZ49kzyDiVWuYcj/+Q1MyodhAR -32bagCi9RBAVYEYSRU5dlXRucLxULSnikQIxAJ5teY5Vcru6kZfJUifUuO0QrKAu -WnbcPVBqMmUHfchsm/RhFFIt6W4uKmlEhTYrkQIxAMAStb7QCU3yU6ZkN7uL22Zs -498i4jY6y+VEXv+L9O09VdlEnXhbUisOhy1bhyS3yg== +MIICXAIBAAKBgQDLV5lUTt7FrADseB/CGhEZzpoojjEW5y8+ePvLppmK3MmMI18u +d6vxzpK3bwZLYkVSyfJYI0HmIuGhdu7yMrW6wb84gbq8C31Xoe9EORcIUuGSvDKd +NSM1SjlhDquRblDFB8kToqXyx1lqrXecXylxIUOL0jE+u0rU1967pDJx+wIDAQAB +AoGAXyj5mpjmbD+YlxGIWz/zrM4hGsWgd4VteKEJxT6MMI4uzCRpkMd0ck8oHiwZ +GAI/SwUzIsgtONQuH3AXVsUgghW4Ynn+8ksEv0IZ918WDMDwqvqkyrVzsOsZzqYj +Pf8DUDKCpwFjnlknJ04yvWBZvVhWtY4OiZ8GV0Ttsu3k+GECQQD1YHfvBb5FdJBv +Uhde2Il+jaFia8mwVVNNaiD2ECxXx6CzGz54ZLEB9NPVfDUZK8lJ4UJDqelWNh3i +PF3RefWDAkEA1CVBzAFL4mNwpleVPzrfy69xP3gWOa26MxM/GE6zx9jC7HgQ3KPa +WKdG/FuHs085aTRDaDLmGcZ8IvMuu7NgKQJAcIOKmxR0Gd8IN7NZugjqixggb0Pj +mLKXXwESGiJyYtHL0zTj4Uqyi6Ya2GJ66o7UXscmnmYz828fJtTtZBdbRwJBALfi +C2QvA32Zv/0PEXibKXy996WSC4G3ShwXZKtHHKHvCxY5BDSbehk59VesZrVPyG2e +NYdOBxD0cIlCzJE56/ECQAndVkxvO8hwyEFGGwF3faHIAe/OxVb+MjaU25//Pe1/ +h/e6tlCk4w9CODpyV685gV394eYwMcGDcIkipTNUDZs= -----END RSA PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/rsa_1-cert.fp b/regress/unittests/sshkey/testdata/rsa_1-cert.fp index 1cf780dd952..79f380a2508 100644 --- a/regress/unittests/sshkey/testdata/rsa_1-cert.fp +++ b/regress/unittests/sshkey/testdata/rsa_1-cert.fp @@ -1 +1 @@ -MD5:be:27:4c:16:27:f5:04:03:62:a8:b7:91:df:a5:b1:3b +SHA256:l6itGumSMcRBBAFteCgmjQBIXqLK/jFGUH3viHX1RmE diff --git a/regress/unittests/sshkey/testdata/rsa_1-cert.pub b/regress/unittests/sshkey/testdata/rsa_1-cert.pub index 51b1ce0ddb7..3bacf3c8fe5 100644 --- a/regress/unittests/sshkey/testdata/rsa_1-cert.pub +++ b/regress/unittests/sshkey/testdata/rsa_1-cert.pub @@ -1 +1 @@ -ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAg1i9Ueveqg9sFSGsEYmsQqlI+dpC3nqhucPfwBVo3DtcAAAADAQABAAAAYQDP+jA5lVZv7jUJmaTnLYaAAIDA1IOxuB+mSy8jxIW6CmgQR7yHcGXQ5gftCw39w9Wll8lHdv6QpAsrIgc6nf+dt8wM42Ox2sqi+gPeNAMSgQW1i5/l+otsiUe3UzmJJOkAAAAAAAAABQAAAAIAAAAGanVsaXVzAAAAEgAAAAVob3N0MQAAAAVob3N0MgAAAAA2i4NgAAAAAE0d4eAAAAAAAAAAAAAAAAAAAAAzAAAAC3NzaC1lZDI1NTE5AAAAILk95V5J3LKVx8bcLSB4073R7d0aAvR8gJrPvnV0D3MQAAAAUwAAAAtzc2gtZWQyNTUxOQAAAED0TLf2Mv2F9TBt1Skf/1vviUgt7bt9xvL5HqugnVDfKaEg+RNKgfa5Rtpteb39EODkH8v4FJPWlmNG0F9w0cYF rsa_1.pub +ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAg98LhS2EHxLOWCLopZPwHdg/RJXusnkOqQXSc9R7aITkAAAADAQABAAAAgQDLV5lUTt7FrADseB/CGhEZzpoojjEW5y8+ePvLppmK3MmMI18ud6vxzpK3bwZLYkVSyfJYI0HmIuGhdu7yMrW6wb84gbq8C31Xoe9EORcIUuGSvDKdNSM1SjlhDquRblDFB8kToqXyx1lqrXecXylxIUOL0jE+u0rU1967pDJx+wAAAAAAAAAFAAAAAgAAAAZqdWxpdXMAAAASAAAABWhvc3QxAAAABWhvc3QyAAAAADaMAfAAAAAATR5gcAAAAAAAAAAAAAAAAAAAADMAAAALc3NoLWVkMjU1MTkAAAAgU4bqRjtF/hS0IW8/AqCj8HO1dyTbELhrZbIDfhe0jBkAAABTAAAAC3NzaC1lZDI1NTE5AAAAQI3QGlUCzC07KorupxpDkkGy6tniaZ8EvBflzvv+itXWNchGvfUeHmVT6aX0sRqehdz/lR+GmXRoZBhofwh0qAM= RSA test key #1 diff --git a/regress/unittests/sshkey/testdata/rsa_1.fp b/regress/unittests/sshkey/testdata/rsa_1.fp index 1cf780dd952..79f380a2508 100644 --- a/regress/unittests/sshkey/testdata/rsa_1.fp +++ b/regress/unittests/sshkey/testdata/rsa_1.fp @@ -1 +1 @@ -MD5:be:27:4c:16:27:f5:04:03:62:a8:b7:91:df:a5:b1:3b +SHA256:l6itGumSMcRBBAFteCgmjQBIXqLK/jFGUH3viHX1RmE diff --git a/regress/unittests/sshkey/testdata/rsa_1.fp.bb b/regress/unittests/sshkey/testdata/rsa_1.fp.bb index 448133bad64..45bacd5193e 100644 --- a/regress/unittests/sshkey/testdata/rsa_1.fp.bb +++ b/regress/unittests/sshkey/testdata/rsa_1.fp.bb @@ -1 +1 @@ -xetif-zuvul-nylyc-vykor-lumac-gyhyv-bacih-cimyk-sycen-gikym-pixax +xosis-fodod-votot-dibum-ryvac-rediz-naruf-votun-kevis-halis-gexux diff --git a/regress/unittests/sshkey/testdata/rsa_1.param.n b/regress/unittests/sshkey/testdata/rsa_1.param.n index 2ffc2ba7e76..49337121341 100644 --- a/regress/unittests/sshkey/testdata/rsa_1.param.n +++ b/regress/unittests/sshkey/testdata/rsa_1.param.n @@ -1 +1 @@ -00cffa303995566fee350999a4e72d86800080c0d483b1b81fa64b2f23c485ba0a681047bc877065d0e607ed0b0dfdc3d5a597c94776fe90a40b2b22073a9dff9db7cc0ce363b1dacaa2fa03de3403128105b58b9fe5fa8b6c8947b753398924e9 +00cb5799544edec5ac00ec781fc21a1119ce9a288e3116e72f3e78fbcba6998adcc98c235f2e77abf1ce92b76f064b624552c9f2582341e622e1a176eef232b5bac1bf3881babc0b7d57a1ef4439170852e192bc329d3523354a39610eab916e50c507c913a2a5f2c7596aad779c5f297121438bd2313ebb4ad4d7debba43271fb diff --git a/regress/unittests/sshkey/testdata/rsa_1.param.p b/regress/unittests/sshkey/testdata/rsa_1.param.p index 4fcf148c3c1..4783d215e8c 100644 --- a/regress/unittests/sshkey/testdata/rsa_1.param.p +++ b/regress/unittests/sshkey/testdata/rsa_1.param.p @@ -1 +1 @@ -00fb9ec951780c70cff01dfbe0025ecc1f260d65db0510d60240df38778e59fa6b8b37695d73c5b2a5227f22a81bf40599 +00f56077ef05be4574906f52175ed8897e8da1626bc9b055534d6a20f6102c57c7a0b31b3e7864b101f4d3d57c35192bc949e14243a9e956361de23c5dd179f583 diff --git a/regress/unittests/sshkey/testdata/rsa_1.param.q b/regress/unittests/sshkey/testdata/rsa_1.param.q index 3473f5144b0..00fc8a2dfe4 100644 --- a/regress/unittests/sshkey/testdata/rsa_1.param.q +++ b/regress/unittests/sshkey/testdata/rsa_1.param.q @@ -1 +1 @@ -00d398ee16ab23678a7ef75c266cd035aeec6b1f72e687f109c3c2a3e3260adc95365779dc4791ea8eda8c995b898b0bd1 +00d42541cc014be26370a657953f3adfcbaf713f781639adba33133f184eb3c7d8c2ec7810dca3da58a746fc5b87b34f396934436832e619c67c22f32ebbb36029 diff --git a/regress/unittests/sshkey/testdata/rsa_1.pub b/regress/unittests/sshkey/testdata/rsa_1.pub index 889fdae86d0..23ef872e0f5 100644 --- a/regress/unittests/sshkey/testdata/rsa_1.pub +++ b/regress/unittests/sshkey/testdata/rsa_1.pub @@ -1 +1 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQDP+jA5lVZv7jUJmaTnLYaAAIDA1IOxuB+mSy8jxIW6CmgQR7yHcGXQ5gftCw39w9Wll8lHdv6QpAsrIgc6nf+dt8wM42Ox2sqi+gPeNAMSgQW1i5/l+otsiUe3UzmJJOk= RSA test key #1 +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDLV5lUTt7FrADseB/CGhEZzpoojjEW5y8+ePvLppmK3MmMI18ud6vxzpK3bwZLYkVSyfJYI0HmIuGhdu7yMrW6wb84gbq8C31Xoe9EORcIUuGSvDKdNSM1SjlhDquRblDFB8kToqXyx1lqrXecXylxIUOL0jE+u0rU1967pDJx+w== RSA test key #1 diff --git a/regress/unittests/sshkey/testdata/rsa_1_pw b/regress/unittests/sshkey/testdata/rsa_1_pw index 71637a59bc0..b4c06745828 100644 --- a/regress/unittests/sshkey/testdata/rsa_1_pw +++ b/regress/unittests/sshkey/testdata/rsa_1_pw @@ -1,15 +1,18 @@ -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED -DEK-Info: AES-128-CBC,1E851A01F12A49FDC256E7A665C61D4B +DEK-Info: AES-128-CBC,0C3F819F6EEA66A471BAEEDDA8171606 -+sfWU7kg3idmHL6vShby5LXnfF4bZDPhJjv89uldae7qPEgEW8qS8o0Ssokxf7Au -/vTQnbSB+gy/qZaUOykOzqiV1YL7UfkbOkM2QYnzzrVeGzI5RZ0G9iH8HBn2owQ+ -Ejf1UKDUVZEea5X0IwQRfE0zaZqFS4tyEex0iKz8dI4FvyabKLZsCs1DBGO7A3ml -LgP947mh10yKWTP2fbq8LOhDUEWCXrh2NzuH6Rl5nNyC4MNQEkLzK1wL7J/WCNaL -sciYmuqEQRDikDDQQFZw2wjBD638fhK+IhuN3VGegiXFnu5C+p9kzUvqVk4X9g2r -BMmlP0pceFv/fEwtNNaeI2Tt7mIsWsZTmCqdzOUAYqGIiNjzykWw64nMO3TpVpbA -i4854RhblbeiyjENbMVPU6BAk4fx7OJvDElLxwN43CS3U0MldbI7A4uG3B3RTSCj -1rGxRNAHWC3q3zzrn6gLwrUVje4iTedaKItLIHQeo1A091Tr8AqQdZi/Ck2Ju0Hl -4Qdwzjw1Y5n1Akm+EWh31ydxtUQ0YBOz/W6DKwTNA1D8oH9bZBG4f0pnvVhtttAO -WKj+DUqMa+f3OOmQ9UXlitk2pEgjeMngTgfQnhZiCts= +AhQNxgw7Z2un3dpm6KPHF1u5qVvOczm0yiTyPK4U11B3TTRhXOHdzPLAcKMX71Xq +fmLm2/JIZATUbLTaysLKIQlmAgtpmXoKLv9b90R3AXLophgToZzOLpvlQTCt+y9G +0E3QQZG/LFy9BLNyw6uD5cy0RHT3FQb5VQDwfBvR/I+K3qWBFLlb7Rw9bCujYczu +D3bimcDj/k6YkrWVsEa81Ch5RF2RClOYufti6bsvc4xIsB0Kd++vokER+kXFuQqf +Tl0Jz+SG0kr9QtjVvkhBtSxzJ6/olAosoUySQ5hqsB8iECufBgp1KelXqsHFJQXy +gCvVmGiivFUinX0rKOuWCHTplsSKQ9BnPSwDAAs8A7ZLcTXcLs/hMQ5r6fmOYfNN +YthhjZyE2ciJO0lydGJUJMb5aJUak0rl+uINRlYCHTRLVwmCOmpfqz9SfcJb1ieU +4Us8NR+pXJar4U0+C2wVlNJkAdpL6GvYxN6vp7vLa+BiFwIZOQozswacIZk/ScXm +QL9rmWug51RCmDeenX46WTEZeB0o0+xi60sDEDhhe4+iNYcJu5L0BJ5lqRFe3I5n +HRRv1mBEjbF2fDcg/ChYfOXsc4gDivH2nObabeASuMFZyadmXfA8tnXRZf+7Wuy/ +LZGYbM2xLeEyV3ss16WBHuIqexDt04OEZvs0jN90zj6Yv7qKCB975bdOcuKkN2Nn +n9lA11R2pgsCs6COp9rYiWXkXZeDf3sW6kdcEV+/SzkVsv4JlHcsIzgk4WGVF/E/ +ZkU4J9AvSdJPzEQDM+yszp0eeUow4+SAgpuNTqZiUO/2UUVbsr3qvlYMoCixhFAN -----END RSA PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/rsa_2 b/regress/unittests/sshkey/testdata/rsa_2 index 058cf777a1a..2441d52bf55 100644 --- a/regress/unittests/sshkey/testdata/rsa_2 +++ b/regress/unittests/sshkey/testdata/rsa_2 @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAlDS/ygeFfsR/mhZK/XMHU/gzRogPuMQIYUd17WDjMprA6dQb -ckTDrNm/mrf09I6YAhjgooEL16oWM1z6cesDE0KwaJsy6uTmXFMLO+Ha4mtFHhmu -tiyJcQ9MKKr0vC64384WQZygZk0OlVz7x9WSPiGXzal5MzsX4TYq5B05o2Cb+epA -FxK0c8cdYZD0Sy57gWRpRA3yJq4zh/hks98jzn0XA3HAJA39MKhUG5tf5e6z5BeP -Yi5FvdnDQ9WcasRiEvkmHbg59pbgg/Lbsl6OgZQruS8hKiJ3YBARt2euCCeg7qAF -KbXRR9TMwfphH3Ai4Oi/w6HPRAhdrwooA/gKkQIDAQABAoIBAH22OLB/rMaYmrvz -COzvM1oQgD3lj6Bj98+8M9WEh3MXPWeaGSXWGjx1/0aXn1oJ0fqFa5Wr7IWkqmwr -A+y5McSWntg8PPZt7tCFSFQlAetonhooIsA4CuUx2qHsUOeGoh6EyvAgkRX1atdb -Jd6d1AyLph43EK1aBKltrvgLqiZfs7mcuwyvKtN9ktdKY2FDhn6DHpm9pE9MEHJV -Xv1isNc6a0qNoRlKqxrSZHNEN4fbjLw31wBySzmmnIog5wVEwaHeASwLJT6TmuIZ -eZxnd7/jMwRZWH8ZIGKvkTMp4fYzK9QkehO7A2HFD3FPDBVrkSJjqRdkujF8vu1C -0RwrD1kCgYEAxFXUoE1ero6vp9akvR/mw94kYjXE/YOz1yi0KTkZUs6gURc8Kzsm -MzlEZ31rnngE4jQHYAvuPEfiqcnUgylW3QuevMgo2hCLYO7aG5C0fk8TeOiuvnrF -YPO8rSJWk/BgdrPtzu45P7jmWsjkHn+y+t8cKvq1sZY40sn2YgIhYK8CgYEAwT6j -5tReI6sxpHltPUbvOdpD04eL6ggBAKwzb5aBoa/Dj+sU1zg5uyY8diggQEEznlBW -iWTQmmmfy1ef9i6YAwNuZveKOrVwNMcdubQJ2X26XoFrmA59PjsbLtr1bdUb02gz -6P5x6pcw5qzEq0mddgvHiU3RhL24xdc1LW8nmL8CgYEAmgaT1macPuklmNBlURGz -4jll5b41GoW2EreWDzkCStpbHwLRa0DuCQWGSoI0aY/SlPsoRgtWDOiAQ59ZHsTR -pnw1PfjxQ5HzJkp7xWBSmTzEE/jHDhwWuKa+gD0OGuVbaARkLhDpzLnrzZEIlXyt -Fu7tlDI3VGh7j7Jtnhn5wXUCgYBKmPbGfcaVeFmih2lfFUn2CEbUmmetgUd5zf/R -HMWP9/zDStlxt3e5winm5tiEVWcqvxKY2T0Zzppr8biDXTs7NpDg2MAYp7/X7+GO -tWxz8/AE2WsCeN1qL4Dv1oCV1IV4V6pqUAcDqzeqZJlLEhDh5+wwGcU+u8pfPRN/ -JYCgmwKBgDa+kXPqzcc6vzD9cwEEk4ftn9/Vk2yBx0XOu8RdEkRhXj1QXGJckCqh -FkXzVbuurFhsBt+H0B4arw+51T9fVCZqfcaU34u+Qa/FQvTod4OJUSRxYUaDqygs -VTyuP+zGZlIw7JWktxjVazENsM/ef5wBH0Nf839OZbPVDLfn7K0j +MIIEpAIBAAKCAQEA9NEUXp78SAkmL4+eAj4mBzPOjk+ccCPVzkTR+mZJdyTwkJAB +HUN4cn4a2kTmh7Er+N8CXCsiqxIOV1GfH2fwaCiBlOEXeQJi/cMjxr9kVWO4FhC6 +l1UqbvPUdrUCUZjFTA9/Ah9MKgk7qGYq5SjE3p+sn4GLhRKbqmq9LjiHgMmkBuv/ +a1Slit+rXHzO2F8fH5hkjeHivyYVgw45aNvGCe2RRfbpoeW2mRtgIv7y9wSewt6a +mhEDXSo/F6mkqA7xVinzro5NettEXLo91tA9Hb6f6x/Mc/GJDNXTKhpWCGeJ6xeW +nAefDZORWAY7Y9YbuAxhEJVi9QL5NWoFOA0C6wIDAQABAoIBAQDtRGVVfwhKWHOl +zK76xXjdqhwaWJXpKRHiI1jOMawpyKdNtAMgdW+apxUnTXePMurG/HuxEC09VvaH +MhfhvD6G9BsCS1UQdnuyLRnTWVLIXyjeWcA9QtEpTy8vDSb+Je2xVaNmTybl5qTn +BH22Mtj6Wg5XWJn7kplDhMdssGTDLsSCMw/rcxe9iT2qOKyltQal23RHzR7SijGp +QTtBp2SDGhvMZcyGuyMqJ084W8sdJpbyVzdDim2iaZdHlk7uvW2n0HcJ56I6yhIq +2U8wfgEEwydGVGHgmQNJ/n+SiT/hv6g5ebhDS46X9F9m5CHDwhdr0DrhPBVSsdhl +1HeJ0+FhAoGBAPuC3uNHToiJis688juKlwc3SQ6ger5ffAg3yaNhEcpHkvOtdZlF +/CfX94xazMov/YqFwkvpSSdKsX+PeXuaqnb1hPKNYX5t45U9RjB/ox7BIQj/2rPx +Bfs99UFW9HKP4HsVmLu1xeJg1Pc9iylTK/xrnwfYiZ+H7IGVccizjnqHAoGBAPkv +n1flAdxBzJH/O0rXoig2EtZsDRMPY51MGDdqVOW14ZOfTVlmu0OSnkSKQm2twfro +TPDVb2TY3wTRutz8H9yOFW1c1Nz4YOyTb8FmJhE2FWAQ9t8QpwUlhn15if72dS/Y +22+vP+AYu7wfqGL7QVVEXho5hGjXi053iEvfXBl9AoGAeZISpo1LGphRLgkKlVky +E1zXxWgwrGB/FYHRx1UeQkZCc+K+Wy4G6kNr9r3VC04TIafx+Lt0jrd+AIibUfG6 +v/GBJ7TLEU+QmAycJskrUaxMiYsSbbPtDjoumDytv8pn2VbhEqqUUg44IqHu6DS5 +qDNlFWfHbgNHgIN6EmcoUXUCgYEAi2G57X4pRjx/4wIy9jAbggaNDuctgQXQoIGZ +4hVWG49a+CnZKDKweKGgaZI0igjxQhmCQAwC3RP520Y9EbLtV38aOSv93QQJowrt +Le6nSGVKG4whqrAz3EsbKUA8kiLldbgFNjl+ryjmidnjZEpKRxmQ0XZuu/4k6+Us +ldQAPjkCgYBwjSm5eDUtK2eEPaBtbJykV05CTv5rn6CKC9L7ZBTkCcdU1hxeqe99 +wb22decnNawGRP1a5cGwqKJPOfkgybJVkdr6aqQW8ClzdFSaenjzs+nVW+T9JTXf +9lFpIZg5kN/geld3B9B4C99riTM0jg9hbe2RQvpLRTrZbnWMA1XoRw== -----END RSA PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/rsa_2.fp b/regress/unittests/sshkey/testdata/rsa_2.fp index 8d43676105d..4659639db52 100644 --- a/regress/unittests/sshkey/testdata/rsa_2.fp +++ b/regress/unittests/sshkey/testdata/rsa_2.fp @@ -1 +1 @@ -MD5:fb:8f:7b:26:3d:42:40:ef:ed:f1:ed:ee:66:9e:ba:b0 +SHA256:NoQh0XBUuYUSWqnzOzOBnfpgJTRWLMj7BlWAb8IbjeE diff --git a/regress/unittests/sshkey/testdata/rsa_2.fp.bb b/regress/unittests/sshkey/testdata/rsa_2.fp.bb index e90a3571a2a..e9d1e4a57dc 100644 --- a/regress/unittests/sshkey/testdata/rsa_2.fp.bb +++ b/regress/unittests/sshkey/testdata/rsa_2.fp.bb @@ -1 +1 @@ -xepev-gupub-vuvyg-femiv-gonat-defiv-hirak-betub-pahut-veryd-hexix +xogit-gupof-mydon-hocep-zuval-feson-rarif-cefar-tobar-ryvap-kuxex diff --git a/regress/unittests/sshkey/testdata/rsa_2.param.n b/regress/unittests/sshkey/testdata/rsa_2.param.n index 389de422697..a669dbf0be0 100644 --- a/regress/unittests/sshkey/testdata/rsa_2.param.n +++ b/regress/unittests/sshkey/testdata/rsa_2.param.n @@ -1 +1 @@ -009434bfca07857ec47f9a164afd730753f83346880fb8c408614775ed60e3329ac0e9d41b7244c3acd9bf9ab7f4f48e980218e0a2810bd7aa16335cfa71eb031342b0689b32eae4e65c530b3be1dae26b451e19aeb62c89710f4c28aaf4bc2eb8dfce16419ca0664d0e955cfbc7d5923e2197cda979333b17e1362ae41d39a3609bf9ea401712b473c71d6190f44b2e7b816469440df226ae3387f864b3df23ce7d170371c0240dfd30a8541b9b5fe5eeb3e4178f622e45bdd9c343d59c6ac46212f9261db839f696e083f2dbb25e8e81942bb92f212a2277601011b767ae0827a0eea00529b5d147d4ccc1fa611f7022e0e8bfc3a1cf44085daf0a2803f80a91 +00f4d1145e9efc4809262f8f9e023e260733ce8e4f9c7023d5ce44d1fa66497724f09090011d4378727e1ada44e687b12bf8df025c2b22ab120e57519f1f67f068288194e117790262fdc323c6bf645563b81610ba97552a6ef3d476b5025198c54c0f7f021f4c2a093ba8662ae528c4de9fac9f818b85129baa6abd2e388780c9a406ebff6b54a58adfab5c7cced85f1f1f98648de1e2bf2615830e3968dbc609ed9145f6e9a1e5b6991b6022fef2f7049ec2de9a9a11035d2a3f17a9a4a80ef15629f3ae8e4d7adb445cba3dd6d03d1dbe9feb1fcc73f1890cd5d32a1a56086789eb17969c079f0d939158063b63d61bb80c61109562f502f9356a05380d02eb diff --git a/regress/unittests/sshkey/testdata/rsa_2.param.p b/regress/unittests/sshkey/testdata/rsa_2.param.p index c3c9a130a20..be7c1c36cdc 100644 --- a/regress/unittests/sshkey/testdata/rsa_2.param.p +++ b/regress/unittests/sshkey/testdata/rsa_2.param.p @@ -1 +1 @@ -00c455d4a04d5eae8eafa7d6a4bd1fe6c3de246235c4fd83b3d728b429391952cea051173c2b3b26333944677d6b9e7804e23407600bee3c47e2a9c9d4832956dd0b9ebcc828da108b60eeda1b90b47e4f1378e8aebe7ac560f3bcad225693f06076b3edceee393fb8e65ac8e41e7fb2fadf1c2afab5b19638d2c9f662022160af +00fb82dee3474e88898acebcf23b8a970737490ea07abe5f7c0837c9a36111ca4792f3ad759945fc27d7f78c5accca2ffd8a85c24be949274ab17f8f797b9aaa76f584f28d617e6de3953d46307fa31ec12108ffdab3f105fb3df54156f4728fe07b1598bbb5c5e260d4f73d8b29532bfc6b9f07d8899f87ec819571c8b38e7a87 diff --git a/regress/unittests/sshkey/testdata/rsa_2.param.q b/regress/unittests/sshkey/testdata/rsa_2.param.q index 728c474b065..6f2c542dfb2 100644 --- a/regress/unittests/sshkey/testdata/rsa_2.param.q +++ b/regress/unittests/sshkey/testdata/rsa_2.param.q @@ -1 +1 @@ -00c13ea3e6d45e23ab31a4796d3d46ef39da43d3878bea080100ac336f9681a1afc38feb14d73839bb263c7628204041339e50568964d09a699fcb579ff62e9803036e66f78a3ab57034c71db9b409d97dba5e816b980e7d3e3b1b2edaf56dd51bd36833e8fe71ea9730e6acc4ab499d760bc7894dd184bdb8c5d7352d6f2798bf +00f92f9f57e501dc41cc91ff3b4ad7a2283612d66c0d130f639d4c18376a54e5b5e1939f4d5966bb43929e448a426dadc1fae84cf0d56f64d8df04d1badcfc1fdc8e156d5cd4dcf860ec936fc166261136156010f6df10a70525867d7989fef6752fd8db6faf3fe018bbbc1fa862fb4155445e1a398468d78b4e77884bdf5c197d diff --git a/regress/unittests/sshkey/testdata/rsa_2.pub b/regress/unittests/sshkey/testdata/rsa_2.pub index ed9f78cad2f..3322fbc9b82 100644 --- a/regress/unittests/sshkey/testdata/rsa_2.pub +++ b/regress/unittests/sshkey/testdata/rsa_2.pub @@ -1 +1 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCUNL/KB4V+xH+aFkr9cwdT+DNGiA+4xAhhR3XtYOMymsDp1BtyRMOs2b+at/T0jpgCGOCigQvXqhYzXPpx6wMTQrBomzLq5OZcUws74dria0UeGa62LIlxD0woqvS8LrjfzhZBnKBmTQ6VXPvH1ZI+IZfNqXkzOxfhNirkHTmjYJv56kAXErRzxx1hkPRLLnuBZGlEDfImrjOH+GSz3yPOfRcDccAkDf0wqFQbm1/l7rPkF49iLkW92cND1ZxqxGIS+SYduDn2luCD8tuyXo6BlCu5LyEqIndgEBG3Z64IJ6DuoAUptdFH1MzB+mEfcCLg6L/Doc9ECF2vCigD+AqR RSA test key #2 +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD00RRenvxICSYvj54CPiYHM86OT5xwI9XORNH6Zkl3JPCQkAEdQ3hyfhraROaHsSv43wJcKyKrEg5XUZ8fZ/BoKIGU4Rd5AmL9wyPGv2RVY7gWELqXVSpu89R2tQJRmMVMD38CH0wqCTuoZirlKMTen6yfgYuFEpuqar0uOIeAyaQG6/9rVKWK36tcfM7YXx8fmGSN4eK/JhWDDjlo28YJ7ZFF9umh5baZG2Ai/vL3BJ7C3pqaEQNdKj8XqaSoDvFWKfOujk1620Rcuj3W0D0dvp/rH8xz8YkM1dMqGlYIZ4nrF5acB58Nk5FYBjtj1hu4DGEQlWL1Avk1agU4DQLr RSA test key #2 diff --git a/regress/unittests/sshkey/testdata/rsa_n b/regress/unittests/sshkey/testdata/rsa_n index 09e79a72e3e..5de3f8422e8 100644 --- a/regress/unittests/sshkey/testdata/rsa_n +++ b/regress/unittests/sshkey/testdata/rsa_n @@ -1,12 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIIBywIBAAJhAM/6MDmVVm/uNQmZpOcthoAAgMDUg7G4H6ZLLyPEhboKaBBHvIdw -ZdDmB+0LDf3D1aWXyUd2/pCkCysiBzqd/523zAzjY7HayqL6A940AxKBBbWLn+X6 -i2yJR7dTOYkk6QIDAQABAmAgKanBjfWzE5yCIo+c7K5rJyjCKVtAZaAHYIMmveKM -VcWoFt/x9hDY0GoTX21HfDxLX8oDxnsmhsOrnvSmgUChFwkm45eSETqeVDWwIVFA -FGL1s38xQsciWZWBFNppAIECMQD7nslReAxwz/Ad++ACXswfJg1l2wUQ1gJA3zh3 -jln6a4s3aV1zxbKlIn8iqBv0BZkCMQDTmO4WqyNnin73XCZs0DWu7GsfcuaH8QnD -wqPjJgrclTZXedxHkeqO2oyZW4mLC9ECMBb/blsZ49kzyDiVWuYcj/+Q1MyodhAR -32bagCi9RBAVYEYSRU5dlXRucLxULSnikQIxAJ5teY5Vcru6kZfJUifUuO0QrKAu -WnbcPVBqMmUHfchsm/RhFFIt6W4uKmlEhTYrkQIxAMAStb7QCU3yU6ZkN7uL22Zs -498i4jY6y+VEXv+L9O09VdlEnXhbUisOhy1bhyS3yg== +MIICXAIBAAKBgQDLV5lUTt7FrADseB/CGhEZzpoojjEW5y8+ePvLppmK3MmMI18u +d6vxzpK3bwZLYkVSyfJYI0HmIuGhdu7yMrW6wb84gbq8C31Xoe9EORcIUuGSvDKd +NSM1SjlhDquRblDFB8kToqXyx1lqrXecXylxIUOL0jE+u0rU1967pDJx+wIDAQAB +AoGAXyj5mpjmbD+YlxGIWz/zrM4hGsWgd4VteKEJxT6MMI4uzCRpkMd0ck8oHiwZ +GAI/SwUzIsgtONQuH3AXVsUgghW4Ynn+8ksEv0IZ918WDMDwqvqkyrVzsOsZzqYj +Pf8DUDKCpwFjnlknJ04yvWBZvVhWtY4OiZ8GV0Ttsu3k+GECQQD1YHfvBb5FdJBv +Uhde2Il+jaFia8mwVVNNaiD2ECxXx6CzGz54ZLEB9NPVfDUZK8lJ4UJDqelWNh3i +PF3RefWDAkEA1CVBzAFL4mNwpleVPzrfy69xP3gWOa26MxM/GE6zx9jC7HgQ3KPa +WKdG/FuHs085aTRDaDLmGcZ8IvMuu7NgKQJAcIOKmxR0Gd8IN7NZugjqixggb0Pj +mLKXXwESGiJyYtHL0zTj4Uqyi6Ya2GJ66o7UXscmnmYz828fJtTtZBdbRwJBALfi +C2QvA32Zv/0PEXibKXy996WSC4G3ShwXZKtHHKHvCxY5BDSbehk59VesZrVPyG2e +NYdOBxD0cIlCzJE56/ECQAndVkxvO8hwyEFGGwF3faHIAe/OxVb+MjaU25//Pe1/ +h/e6tlCk4w9CODpyV685gV394eYwMcGDcIkipTNUDZs= -----END RSA PRIVATE KEY----- diff --git a/regress/unittests/sshkey/testdata/rsa_n_pw b/regress/unittests/sshkey/testdata/rsa_n_pw index 0166fd5f184..dc18373bca8 100644 --- a/regress/unittests/sshkey/testdata/rsa_n_pw +++ b/regress/unittests/sshkey/testdata/rsa_n_pw @@ -1,14 +1,17 @@ -----BEGIN OPENSSH PRIVATE KEY----- -b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABClELgtaZ -qAmMwESpqXDN0uAAAAEAAAAAEAAAB3AAAAB3NzaC1yc2EAAAADAQABAAAAYQDP+jA5lVZv -7jUJmaTnLYaAAIDA1IOxuB+mSy8jxIW6CmgQR7yHcGXQ5gftCw39w9Wll8lHdv6QpAsrIg -c6nf+dt8wM42Ox2sqi+gPeNAMSgQW1i5/l+otsiUe3UzmJJOkAAAGgwJpHy/nshQa9+Jbw -yomvgNMYvuuoD7Ll7iCY/RFFGXivTkki27C9q0qx3afauSLQQWFanGhjeJn7JPy98lMcVl -qnn5XOE5+xxZqA8ONOBD8eH0KBcTH17DH1A1z94p5zZ1VJKIWsBZ0krxgHIXcdv9ucAckj -N0vAEBm+0wsfy2TTOtuqXvcj65wFwknpyy/SSvU0QTr99FiYe9PIhIslBHO6wlqxfKj+Tm -E/nCb75dAVu6gTtS2P0pdOqV/V7VHX5C0z3BROqpKDJJcVeoc7vRkEl+MWfvvQrG66IPEW -luohFXPDPDrxu1zDduyRsmNwpBHChi2rFhxtsjxNK0svMwESeCCKAWmPxnzLJfvMbTCv00 -SpaCr7WhtzsGt73axqSkeOdynp5NNrN7MEdwruMZFirF4BcI2z2H9ugpS+qbLPuE2H5vln -h7NSwBUNwmZ+4TC8MXFH9KIpRg8dNhf66OU610LYiN4+ZfOYCmfQfgQuBGhMTYFMY6O4SB -NCdIavvWY6rDSBq7QC1f4rHpwiXxpkiE43Rd8fM32TaPlBPtA= +b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABAFw/Wg/V +I5SAXWj/HJr9qeAAAAEAAAAAEAAACXAAAAB3NzaC1yc2EAAAADAQABAAAAgQDLV5lUTt7F +rADseB/CGhEZzpoojjEW5y8+ePvLppmK3MmMI18ud6vxzpK3bwZLYkVSyfJYI0HmIuGhdu +7yMrW6wb84gbq8C31Xoe9EORcIUuGSvDKdNSM1SjlhDquRblDFB8kToqXyx1lqrXecXylx +IUOL0jE+u0rU1967pDJx+wAAAgD1iSGiMlMJt2VH4kx5yr0wCJS+4UOmX0bxKO7UH5Jcul +K5eaSe5ZoKE7hTYBaz0K5dRF/0fqLsvVZlE4quDjFLN6Hyavgn2W/QM7SUqBHgRMal9pgH +LnxX6mFNWJ+4yb7f3bcbVIdgmMm3sT9Xjwaf5xgzNlR2mkUWtFwjyQh6FxUo5apNzqNBwO +l2Q4xfmyZTp1s++pStQ/su6obXpxnE2Nx5G/D84ZL5iWl+njUy/MvJTazHRbiTSyihU+UA +mUr5ZNuP3WUYY+h3KVlHpYHJYB7l3AMTKuPMFLhY9V7BJ+DuKPaqBgX4hvRzY0eVQiFr61 +ovjWjvfu1ulx550JqdYCgH2PpP0E89OQne35Cxs9QPThfe8DKojC9YquYh9zmVTvr7kNiE +Soluk/7oKpQIDaC+/SRk7AJ2e3Cbt1lXyGNn37PuqaaC/apaF/DOD6Yig9aClS7jOUrT96 +56trFAYfHEIKbRCUSMCiM1+x6HOLYf5ROrGE9KxT3kUD9XMsMpTva+cPpHUpbGpXcYE10N +MyYDz+V5M2/ZoIdEhscJNQ3UnhaZpeEaqcOyNyo90n3Dnaw/WpMDD/kNMGfm8daTaYInnQ +QnwA2gwlYfpTAqxE71oXgOuGmtA0yqJB4778Xq26Pb+B7/mZZZe6n0FVmiNC+ZG37ZGOw/ +iGL9e2Sxzw== -----END OPENSSH PRIVATE KEY----- diff --git a/sandbox-systrace.c b/sandbox-systrace.c index 03b0d40ccdb..3830ed16c63 100644 --- a/sandbox-systrace.c +++ b/sandbox-systrace.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sandbox-systrace.c,v 1.16 2015/06/29 22:35:12 djm Exp $ */ +/* $OpenBSD: sandbox-systrace.c,v 1.17 2015/07/27 16:29:23 guenther Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -63,6 +63,9 @@ static const struct sandbox_policy preauth_policy[] = { { SYS_getpid, SYSTR_POLICY_PERMIT }, { SYS_getpgid, SYSTR_POLICY_PERMIT }, { SYS_gettimeofday, SYSTR_POLICY_PERMIT }, +#ifdef SYS_kbind + { SYS_kbind, SYSTR_POLICY_PERMIT }, +#endif { SYS_madvise, SYSTR_POLICY_PERMIT }, { SYS_mmap, SYSTR_POLICY_PERMIT }, { SYS_mprotect, SYSTR_POLICY_PERMIT }, diff --git a/scp.0 b/scp.0 index 3f309fe0329..8f41f614040 100644 --- a/scp.0 +++ b/scp.0 @@ -109,6 +109,7 @@ DESCRIPTION PreferredAuthentications Protocol ProxyCommand + PubkeyAcceptedKeyTypes PubkeyAuthentication RekeyLimit RhostsRSAAuthentication @@ -161,4 +162,4 @@ AUTHORS Timo Rinne Tatu Ylonen -OpenBSD 5.7 January 30, 2015 OpenBSD 5.7 +OpenBSD 5.8 July 10, 2015 OpenBSD 5.8 diff --git a/scp.1 b/scp.1 index 0e84780e0e5..279b0d70b7b 100644 --- a/scp.1 +++ b/scp.1 @@ -8,9 +8,9 @@ .\" .\" Created: Sun May 7 00:14:37 1995 ylo .\" -.\" $OpenBSD: scp.1,v 1.66 2015/01/30 11:43:14 djm Exp $ +.\" $OpenBSD: scp.1,v 1.67 2015/07/10 06:21:53 markus Exp $ .\" -.Dd $Mdocdate: January 30 2015 $ +.Dd $Mdocdate: July 10 2015 $ .Dt SCP 1 .Os .Sh NAME @@ -170,6 +170,7 @@ For full details of the options listed below, and their possible values, see .It PreferredAuthentications .It Protocol .It ProxyCommand +.It PubkeyAcceptedKeyTypes .It PubkeyAuthentication .It RekeyLimit .It RhostsRSAAuthentication diff --git a/servconf.c b/servconf.c index df93fc450e8..6c7a91e6b22 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.274 2015/07/01 02:32:17 djm Exp $ */ + +/* $OpenBSD: servconf.c,v 1.280 2015/08/06 14:53:21 deraadt Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -107,6 +108,7 @@ initialize_server_options(ServerOptions *options) options->hostbased_authentication = -1; options->hostbased_uses_name_from_packet_only = -1; options->hostbased_key_types = NULL; + options->hostkeyalgorithms = NULL; options->rsa_authentication = -1; options->pubkey_authentication = -1; options->pubkey_key_types = NULL; @@ -222,7 +224,7 @@ fill_default_server_options(ServerOptions *options) if (options->key_regeneration_time == -1) options->key_regeneration_time = 3600; if (options->permit_root_login == PERMIT_NOT_SET) - options->permit_root_login = PERMIT_YES; + options->permit_root_login = PERMIT_NO_PASSWD; if (options->ignore_rhosts == -1) options->ignore_rhosts = 1; if (options->ignore_user_known_hosts == -1) @@ -257,14 +259,12 @@ fill_default_server_options(ServerOptions *options) options->hostbased_authentication = 0; if (options->hostbased_uses_name_from_packet_only == -1) options->hostbased_uses_name_from_packet_only = 0; - if (options->hostbased_key_types == NULL) - options->hostbased_key_types = xstrdup("*"); + if (options->hostkeyalgorithms == NULL) + options->hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG); if (options->rsa_authentication == -1) options->rsa_authentication = 1; if (options->pubkey_authentication == -1) options->pubkey_authentication = 1; - if (options->pubkey_key_types == NULL) - options->pubkey_key_types = xstrdup("*"); if (options->kerberos_authentication == -1) options->kerberos_authentication = 0; if (options->kerberos_or_local_passwd == -1) @@ -341,6 +341,16 @@ fill_default_server_options(ServerOptions *options) options->fwd_opts.streamlocal_bind_unlink = 0; if (options->fingerprint_hash == -1) options->fingerprint_hash = SSH_FP_HASH_DEFAULT; + + if (kex_assemble_names(KEX_SERVER_ENCRYPT, &options->ciphers) != 0 || + kex_assemble_names(KEX_SERVER_MAC, &options->macs) != 0 || + kex_assemble_names(KEX_SERVER_KEX, &options->kex_algorithms) != 0 || + kex_assemble_names(KEX_DEFAULT_PK_ALG, + &options->hostbased_key_types) != 0 || + kex_assemble_names(KEX_DEFAULT_PK_ALG, + &options->pubkey_key_types) != 0) + fatal("%s: kex_assemble_names failed", __func__); + /* Turn privilege separation on by default */ if (use_privsep == -1) use_privsep = PRIVSEP_NOSANDBOX; @@ -399,6 +409,7 @@ typedef enum { sXAuthLocation, sSubsystem, sMaxStartups, sMaxAuthTries, sMaxSessions, sBanner, sUseDNS, sHostbasedAuthentication, sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedKeyTypes, + sHostKeyAlgorithms, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, sAcceptEnv, sPermitTunnel, @@ -449,6 +460,7 @@ static struct { { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL }, { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_ALL }, { "hostbasedacceptedkeytypes", sHostbasedAcceptedKeyTypes, SSHCFG_ALL }, + { "hostkeyalgorithms", sHostKeyAlgorithms, SSHCFG_GLOBAL }, { "rsaauthentication", sRSAAuthentication, SSHCFG_ALL }, { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL }, { "pubkeyacceptedkeytypes", sPubkeyAcceptedKeyTypes, SSHCFG_ALL }, @@ -904,6 +916,7 @@ static const struct multistate multistate_addressfamily[] = { }; static const struct multistate multistate_permitrootlogin[] = { { "without-password", PERMIT_NO_PASSWD }, + { "prohibit-password", PERMIT_NO_PASSWD }, { "forced-commands-only", PERMIT_FORCED_ONLY }, { "yes", PERMIT_YES }, { "no", PERMIT_NO }, @@ -1175,13 +1188,17 @@ process_server_config_line(ServerOptions *options, char *line, if (!arg || *arg == '\0') fatal("%s line %d: Missing argument.", filename, linenum); - if (!sshkey_names_valid2(arg, 1)) + if (!sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1)) fatal("%s line %d: Bad key types '%s'.", filename, linenum, arg ? arg : ""); if (*activep && *charptr == NULL) *charptr = xstrdup(arg); break; + case sHostKeyAlgorithms: + charptr = &options->hostkeyalgorithms; + goto parse_keytypes; + case sRSAAuthentication: intptr = &options->rsa_authentication; goto parse_flag; @@ -1424,7 +1441,7 @@ process_server_config_line(ServerOptions *options, char *line, arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: Missing argument.", filename, linenum); - if (!ciphers_valid(arg)) + if (!ciphers_valid(*arg == '+' ? arg + 1 : arg)) fatal("%s line %d: Bad SSH2 cipher spec '%s'.", filename, linenum, arg ? arg : ""); if (options->ciphers == NULL) @@ -1435,7 +1452,7 @@ process_server_config_line(ServerOptions *options, char *line, arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: Missing argument.", filename, linenum); - if (!mac_valid(arg)) + if (!mac_valid(*arg == '+' ? arg + 1 : arg)) fatal("%s line %d: Bad SSH2 mac spec '%s'.", filename, linenum, arg ? arg : ""); if (options->macs == NULL) @@ -1447,7 +1464,7 @@ process_server_config_line(ServerOptions *options, char *line, if (!arg || *arg == '\0') fatal("%s line %d: Missing argument.", filename, linenum); - if (!kex_names_valid(arg)) + if (!kex_names_valid(*arg == '+' ? arg + 1 : arg)) fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.", filename, linenum, arg ? arg : ""); if (options->kex_algorithms == NULL) @@ -2279,6 +2296,8 @@ dump_config(ServerOptions *o) o->kex_algorithms ? o->kex_algorithms : KEX_SERVER_KEX); dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types ? o->hostbased_key_types : KEX_DEFAULT_PK_ALG); + dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms ? + o->hostkeyalgorithms : KEX_DEFAULT_PK_ALG); dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types ? o->pubkey_key_types : KEX_DEFAULT_PK_ALG); diff --git a/servconf.h b/servconf.h index 606d80c9d84..f4137af7d66 100644 --- a/servconf.h +++ b/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.119 2015/05/22 03:50:02 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.120 2015/07/10 06:21:53 markus Exp $ */ /* * Author: Tatu Ylonen @@ -102,6 +102,7 @@ typedef struct { int hostbased_authentication; /* If true, permit ssh2 hostbased auth */ int hostbased_uses_name_from_packet_only; /* experimental */ char *hostbased_key_types; /* Key types allowed for hostbased */ + char *hostkeyalgorithms; /* SSH2 server key types */ int rsa_authentication; /* If true, permit RSA authentication. */ int pubkey_authentication; /* If true, permit ssh2 pubkey authentication. */ char *pubkey_key_types; /* Key types allowed for public key */ diff --git a/sftp-server.0 b/sftp-server.0 index 77b6bb5096d..b971cef4039 100644 --- a/sftp-server.0 +++ b/sftp-server.0 @@ -93,4 +93,4 @@ HISTORY AUTHORS Markus Friedl -OpenBSD 5.7 December 11, 2014 OpenBSD 5.7 +OpenBSD 5.8 December 11, 2014 OpenBSD 5.8 diff --git a/sftp.0 b/sftp.0 index 24fd9916dcd..550f27648c8 100644 --- a/sftp.0 +++ b/sftp.0 @@ -380,4 +380,4 @@ SEE ALSO T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- filexfer-00.txt, January 2001, work in progress material. -OpenBSD 5.7 January 30, 2015 OpenBSD 5.7 +OpenBSD 5.8 January 30, 2015 OpenBSD 5.8 diff --git a/ssh-add.0 b/ssh-add.0 index 66493f141c3..29db710abcc 100644 --- a/ssh-add.0 +++ b/ssh-add.0 @@ -126,4 +126,4 @@ AUTHORS created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -OpenBSD 5.7 March 30, 2015 OpenBSD 5.7 +OpenBSD 5.8 March 30, 2015 OpenBSD 5.8 diff --git a/ssh-add.c b/ssh-add.c index 9c8da5437e3..d6271d78ef7 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.122 2015/03/26 12:32:38 naddy Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.123 2015/07/03 03:43:18 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -302,8 +302,7 @@ add_file(int agent_fd, const char *filename, int key_only) } /* Graft with private bits */ - if ((r = sshkey_to_certified(private, - sshkey_cert_is_legacy(cert))) != 0) { + if ((r = sshkey_to_certified(private)) != 0) { error("%s: sshkey_to_certified: %s", __func__, ssh_err(r)); sshkey_free(cert); goto out; diff --git a/ssh-agent.0 b/ssh-agent.0 index eb892811cec..65bf6e70fd8 100644 --- a/ssh-agent.0 +++ b/ssh-agent.0 @@ -109,4 +109,4 @@ AUTHORS created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -OpenBSD 5.7 April 24, 2015 OpenBSD 5.7 +OpenBSD 5.8 April 24, 2015 OpenBSD 5.8 diff --git a/ssh-agent.c b/ssh-agent.c index 34b19b754ec..a335ea33d76 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.203 2015/05/15 05:44:21 dtucker Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.204 2015/07/08 20:24:02 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -72,9 +72,6 @@ # include #endif -#include "key.h" /* XXX for typedef */ -#include "buffer.h" /* XXX for typedef */ - #include "xmalloc.h" #include "ssh.h" #include "rsa.h" diff --git a/ssh-keygen.0 b/ssh-keygen.0 index 784ad032f60..a471a40559e 100644 --- a/ssh-keygen.0 +++ b/ssh-keygen.0 @@ -101,7 +101,7 @@ DESCRIPTION -b bits Specifies the number of bits in the key to create. For RSA keys, - the minimum size is 768 bits and the default is 2048 bits. + the minimum size is 1024 bits and the default is 2048 bits. Generally, 2048 bits is considered sufficient. DSA keys must be exactly 1024 bits as specified by FIPS 186-2. For ECDSA keys, the -b flag determines the key length by selecting from one of @@ -563,4 +563,4 @@ AUTHORS created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -OpenBSD 5.7 February 24, 2015 OpenBSD 5.7 +OpenBSD 5.8 July 3, 2015 OpenBSD 5.8 diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 9b93666c9e4..8c3317be702 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.125 2015/02/24 15:24:05 naddy Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.126 2015/07/03 03:49:45 djm Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: February 24 2015 $ +.Dd $Mdocdate: July 3 2015 $ .Dt SSH-KEYGEN 1 .Os .Sh NAME @@ -244,7 +244,7 @@ This option specifies the number of primality tests to perform. Show the bubblebabble digest of specified private or public key file. .It Fl b Ar bits Specifies the number of bits in the key to create. -For RSA keys, the minimum size is 768 bits and the default is 2048 bits. +For RSA keys, the minimum size is 1024 bits and the default is 2048 bits. Generally, 2048 bits is considered sufficient. DSA keys must be exactly 1024 bits as specified by FIPS 186-2. For ECDSA keys, the diff --git a/ssh-keygen.c b/ssh-keygen.c index 8259d87e735..ea5f1e49e3d 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.274 2015/05/28 07:37:31 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.276 2015/07/03 03:49:45 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -217,8 +217,8 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp) fatal("key bits exceeds maximum %d", maxbits); if (type == KEY_DSA && *bitsp != 1024) fatal("DSA keys must be 1024 bits"); - else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 768) - fatal("Key must at least be 768 bits"); + else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 1024) + fatal("Key must at least be 1024 bits"); else if (type == KEY_ECDSA && sshkey_ecdsa_bits_to_nid(*bitsp) == -1) fatal("Invalid ECDSA key length - valid lengths are " "256, 384 or 521 bits"); @@ -239,7 +239,6 @@ ask_filename(struct passwd *pw, const char *prompt) name = _PATH_SSH_CLIENT_IDENTITY; break; case KEY_DSA_CERT: - case KEY_DSA_CERT_V00: case KEY_DSA: name = _PATH_SSH_CLIENT_ID_DSA; break; @@ -250,7 +249,6 @@ ask_filename(struct passwd *pw, const char *prompt) break; #endif case KEY_RSA_CERT: - case KEY_RSA_CERT_V00: case KEY_RSA: name = _PATH_SSH_CLIENT_ID_RSA; break; @@ -1575,25 +1573,6 @@ do_ca_sign(struct passwd *pw, int argc, char **argv) struct sshkey *ca, *public; char *otmp, *tmp, *cp, *out, *comment, **plist = NULL; FILE *f; - int v00 = 0; /* legacy keys */ - - if (key_type_name != NULL) { - switch (sshkey_type_from_name(key_type_name)) { - case KEY_RSA_CERT_V00: - case KEY_DSA_CERT_V00: - v00 = 1; - break; - case KEY_UNSPEC: - if (strcasecmp(key_type_name, "v00") == 0) { - v00 = 1; - break; - } else if (strcasecmp(key_type_name, "v01") == 0) - break; - /* FALLTHROUGH */ - default: - fatal("unknown key type %s", key_type_name); - } - } #ifdef ENABLE_PKCS11 pkcs11_init(1); @@ -1630,7 +1609,7 @@ do_ca_sign(struct passwd *pw, int argc, char **argv) __func__, tmp, sshkey_type(public)); /* Prepare certificate to sign */ - if ((r = sshkey_to_certified(public, v00)) != 0) + if ((r = sshkey_to_certified(public)) != 0) fatal("Could not upgrade key %s to certificate: %s", tmp, ssh_err(r)); public->cert->type = cert_key_type; @@ -1640,15 +1619,9 @@ do_ca_sign(struct passwd *pw, int argc, char **argv) public->cert->principals = plist; public->cert->valid_after = cert_valid_from; public->cert->valid_before = cert_valid_to; - if (v00) { - prepare_options_buf(public->cert->critical, - OPTIONS_CRITICAL|OPTIONS_EXTENSIONS); - } else { - prepare_options_buf(public->cert->critical, - OPTIONS_CRITICAL); - prepare_options_buf(public->cert->extensions, - OPTIONS_EXTENSIONS); - } + prepare_options_buf(public->cert->critical, OPTIONS_CRITICAL); + prepare_options_buf(public->cert->extensions, + OPTIONS_EXTENSIONS); if ((r = sshkey_from_private(ca, &public->cert->signature_key)) != 0) fatal("key_from_private (ca key): %s", ssh_err(r)); @@ -1833,7 +1806,7 @@ add_cert_option(char *opt) } static void -show_options(struct sshbuf *optbuf, int v00, int in_critical) +show_options(struct sshbuf *optbuf, int in_critical) { char *name, *arg; struct sshbuf *options, *option = NULL; @@ -1848,14 +1821,14 @@ show_options(struct sshbuf *optbuf, int v00, int in_critical) (r = sshbuf_froms(options, &option)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); printf(" %s", name); - if ((v00 || !in_critical) && + if (!in_critical && (strcmp(name, "permit-X11-forwarding") == 0 || strcmp(name, "permit-agent-forwarding") == 0 || strcmp(name, "permit-port-forwarding") == 0 || strcmp(name, "permit-pty") == 0 || strcmp(name, "permit-user-rc") == 0)) printf("\n"); - else if ((v00 || in_critical) && + else if (in_critical && (strcmp(name, "force-command") == 0 || strcmp(name, "source-address") == 0)) { if ((r = sshbuf_get_cstring(option, &arg, NULL)) != 0) @@ -1882,7 +1855,7 @@ do_show_cert(struct passwd *pw) struct sshkey *key; struct stat st; char *key_fp, *ca_fp; - u_int i, v00; + u_int i; int r; if (!have_identity) @@ -1894,7 +1867,6 @@ do_show_cert(struct passwd *pw) identity_file, ssh_err(r)); if (!sshkey_is_cert(key)) fatal("%s is not a certificate", identity_file); - v00 = key->type == KEY_RSA_CERT_V00 || key->type == KEY_DSA_CERT_V00; key_fp = sshkey_fingerprint(key, fingerprint_hash, SSH_FP_DEFAULT); ca_fp = sshkey_fingerprint(key->cert->signature_key, @@ -1909,10 +1881,7 @@ do_show_cert(struct passwd *pw) printf(" Signing CA: %s %s\n", sshkey_type(key->cert->signature_key), ca_fp); printf(" Key ID: \"%s\"\n", key->cert->key_id); - if (!v00) { - printf(" Serial: %llu\n", - (unsigned long long)key->cert->serial); - } + printf(" Serial: %llu\n", (unsigned long long)key->cert->serial); printf(" Valid: %s\n", fmt_validity(key->cert->valid_after, key->cert->valid_before)); printf(" Principals: "); @@ -1929,16 +1898,14 @@ do_show_cert(struct passwd *pw) printf("(none)\n"); else { printf("\n"); - show_options(key->cert->critical, v00, 1); + show_options(key->cert->critical, 1); } - if (!v00) { - printf(" Extensions: "); - if (sshbuf_len(key->cert->extensions) == 0) - printf("(none)\n"); - else { - printf("\n"); - show_options(key->cert->extensions, v00, 0); - } + printf(" Extensions: "); + if (sshbuf_len(key->cert->extensions) == 0) + printf("(none)\n"); + else { + printf("\n"); + show_options(key->cert->extensions, 0); } exit(0); } diff --git a/ssh-keyscan.0 b/ssh-keyscan.0 index fe7aa855918..500c1dd3079 100644 --- a/ssh-keyscan.0 +++ b/ssh-keyscan.0 @@ -106,4 +106,4 @@ BUGS This is because it opens a connection to the ssh port, reads the public key, and drops the connection as soon as it gets the key. -OpenBSD 5.7 August 30, 2014 OpenBSD 5.7 +OpenBSD 5.8 August 30, 2014 OpenBSD 5.8 diff --git a/ssh-keysign.0 b/ssh-keysign.0 index b06107617b8..7db72c714ad 100644 --- a/ssh-keysign.0 +++ b/ssh-keysign.0 @@ -50,4 +50,4 @@ HISTORY AUTHORS Markus Friedl -OpenBSD 5.7 December 7, 2013 OpenBSD 5.7 +OpenBSD 5.8 December 7, 2013 OpenBSD 5.8 diff --git a/ssh-keysign.c b/ssh-keysign.c index 56882027e5f..1dca3e289f1 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keysign.c,v 1.48 2015/03/24 20:09:11 markus Exp $ */ +/* $OpenBSD: ssh-keysign.c,v 1.49 2015/07/03 03:56:25 djm Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -187,6 +187,7 @@ main(int argc, char **argv) close(fd); i = 0; + /* XXX This really needs to read sshd_config for the paths */ key_fd[i++] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_ECDSA_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_ED25519_KEY_FILE, O_RDONLY); diff --git a/ssh-pkcs11-helper.0 b/ssh-pkcs11-helper.0 index a4d6dd4c06e..7fac805ffb9 100644 --- a/ssh-pkcs11-helper.0 +++ b/ssh-pkcs11-helper.0 @@ -22,4 +22,4 @@ HISTORY AUTHORS Markus Friedl -OpenBSD 5.7 July 16, 2013 OpenBSD 5.7 +OpenBSD 5.8 July 16, 2013 OpenBSD 5.8 diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index e074175bbb7..92614a52d64 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.19 2015/05/27 05:15:02 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.21 2015/07/18 08:02:17 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * @@ -481,15 +481,23 @@ pkcs11_fetch_keys_filter(struct pkcs11_provider *p, CK_ULONG slotidx, error("C_GetAttributeValue failed: %lu", rv); continue; } - /* check that none of the attributes are zero length */ - if (attribs[0].ulValueLen == 0 || - attribs[1].ulValueLen == 0 || + /* + * Allow CKA_ID (always first attribute) to be empty, but + * ensure that none of the others are zero length. + * XXX assumes CKA_ID is always first. + */ + if (attribs[1].ulValueLen == 0 || attribs[2].ulValueLen == 0) { continue; } /* allocate buffers for attributes */ - for (i = 0; i < 3; i++) - attribs[i].pValue = xmalloc(attribs[i].ulValueLen); + for (i = 0; i < 3; i++) { + if (attribs[i].ulValueLen > 0) { + attribs[i].pValue = xmalloc( + attribs[i].ulValueLen); + } + } + /* * retrieve ID, modulus and public exponent of RSA key, * or ID, subject and value for certificates. @@ -631,6 +639,11 @@ pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp) error("C_GetTokenInfo failed: %lu", rv); continue; } + if ((token->flags & CKF_TOKEN_INITIALIZED) == 0) { + debug2("%s: ignoring uninitialised token in slot %lu", + __func__, (unsigned long)i); + continue; + } rmspace(token->label, sizeof(token->label)); rmspace(token->manufacturerID, sizeof(token->manufacturerID)); rmspace(token->model, sizeof(token->model)); diff --git a/ssh.0 b/ssh.0 index 5aaeb8d13db..ad4817aff0f 100644 --- a/ssh.0 +++ b/ssh.0 @@ -6,12 +6,11 @@ NAME SYNOPSIS ssh [-1246AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec] [-D [bind_address:]port] [-E log_file] [-e escape_char] - [-F configfile] [-I pkcs11] [-i identity_file] - [-L [bind_address:]port:host:hostport] [-l login_name] [-m mac_spec] - [-O ctl_cmd] [-o option] [-p port] + [-F configfile] [-I pkcs11] [-i identity_file] [-L address] + [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port] [-Q cipher | cipher-auth | mac | kex | key | protocol-version] - [-R [bind_address:]port:host:hostport] [-S ctl_path] [-W host:port] - [-w local_tun[:remote_tun]] [user@]hostname [command] + [-R address] [-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]] + [user@]hostname [command] DESCRIPTION ssh (SSH client) is a program for logging into a remote machine and for @@ -156,22 +155,29 @@ DESCRIPTION server. -L [bind_address:]port:host:hostport - Specifies that the given port on the local (client) host is to be - forwarded to the given host and port on the remote side. This - works by allocating a socket to listen to port on the local side, - optionally bound to the specified bind_address. Whenever a - connection is made to this port, the connection is forwarded over - the secure channel, and a connection is made to host port - hostport from the remote machine. Port forwardings can also be - specified in the configuration file. IPv6 addresses can be - specified by enclosing the address in square brackets. Only the - superuser can forward privileged ports. By default, the local - port is bound in accordance with the GatewayPorts setting. - However, an explicit bind_address may be used to bind the - connection to a specific address. The bind_address of - M-bM-^@M-^\localhostM-bM-^@M-^] indicates that the listening port be bound for local - use only, while an empty address or M-bM-^@M-^X*M-bM-^@M-^Y indicates that the port - should be available from all interfaces. + -L [bind_address:]port:remote_socket + -L local_socket:host:hostport + -L local_socket:remote_socket + Specifies that connections to the given TCP port or Unix socket + on the local (client) host are to be forwarded to the given host + and port, or Unix socket, on the remote side. This works by + allocating a socket to listen to either a TCP port on the local + side, optionally bound to the specified bind_address, or to a + Unix socket. Whenever a connection is made to the local port or + socket, the connection is forwarded over the secure channel, and + a connection is made to either host port hostport, or the Unix + socket remote_socket, from the remote machine. + + Port forwardings can also be specified in the configuration file. + Only the superuser can forward privileged ports. IPv6 addresses + can be specified by enclosing the address in square brackets. + + By default, the local port is bound in accordance with the + GatewayPorts setting. However, an explicit bind_address may be + used to bind the connection to a specific address. The + bind_address of M-bM-^@M-^\localhostM-bM-^@M-^] indicates that the listening port be + bound for local use only, while an empty address or M-bM-^@M-^X*M-bM-^@M-^Y indicates + that the port should be available from all interfaces. -l login_name Specifies the user to log in as on the remote machine. This also @@ -278,6 +284,7 @@ DESCRIPTION Protocol ProxyCommand ProxyUseFdpass + PubkeyAcceptedKeyTypes PubkeyAuthentication RekeyLimit RemoteForward @@ -317,19 +324,24 @@ DESCRIPTION suppressed. -R [bind_address:]port:host:hostport - Specifies that the given port on the remote (server) host is to - be forwarded to the given host and port on the local side. This - works by allocating a socket to listen to port on the remote - side, and whenever a connection is made to this port, the - connection is forwarded over the secure channel, and a connection - is made to host port hostport from the local machine. + -R [bind_address:]port:local_socket + -R remote_socket:host:hostport + -R remote_socket:local_socket + Specifies that connections to the given TCP port or Unix socket + on the remote (server) host are to be forwarded to the given host + and port, or Unix socket, on the local side. This works by + allocating a socket to listen to either a TCP port or to a Unix + socket on the remote side. Whenever a connection is made to this + port or Unix socket, the connection is forwarded over the secure + channel, and a connection is made to either host port hostport, + or local_socket, from the local machine. Port forwardings can also be specified in the configuration file. Privileged ports can be forwarded only when logging in as root on the remote machine. IPv6 addresses can be specified by enclosing the address in square brackets. - By default, the listening socket on the server will be bound to + By default, TCP listening sockets on the server will be bound to the loopback interface only. This may be overridden by specifying a bind_address. An empty bind_address, or the address M-bM-^@M-^X*M-bM-^@M-^Y, indicates that the remote socket should listen on all @@ -957,4 +969,4 @@ AUTHORS created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -OpenBSD 5.7 May 22, 2015 OpenBSD 5.7 +OpenBSD 5.8 July 20, 2015 OpenBSD 5.8 diff --git a/ssh.1 b/ssh.1 index df7ac86af93..2ea0a2058d1 100644 --- a/ssh.1 +++ b/ssh.1 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.358 2015/05/22 05:28:45 djm Exp $ -.Dd $Mdocdate: May 22 2015 $ +.\" $OpenBSD: ssh.1,v 1.361 2015/07/20 18:44:12 millert Exp $ +.Dd $Mdocdate: July 20 2015 $ .Dt SSH 1 .Os .Sh NAME @@ -52,14 +52,14 @@ .Op Fl F Ar configfile .Op Fl I Ar pkcs11 .Op Fl i Ar identity_file -.Op Fl L Oo Ar bind_address : Oc Ns Ar port : Ns Ar host : Ns Ar hostport +.Op Fl L Ar address .Op Fl l Ar login_name .Op Fl m Ar mac_spec .Op Fl O Ar ctl_cmd .Op Fl o Ar option .Op Fl p Ar port .Op Fl Q Cm cipher | cipher-auth | mac | kex | key | protocol-version -.Op Fl R Oo Ar bind_address : Oc Ns Ar port : Ns Ar host : Ns Ar hostport +.Op Fl R Ar address .Op Fl S Ar ctl_path .Op Fl W Ar host : Ns Ar port .Op Fl w Ar local_tun Ns Op : Ns Ar remote_tun @@ -93,23 +93,28 @@ is specified, it is executed on the remote host instead of a login shell. .Pp The options are as follows: -.Bl -tag -width Ds +.Pp +.Bl -tag -width Ds -compact .It Fl 1 Forces .Nm to try protocol version 1 only. +.Pp .It Fl 2 Forces .Nm to try protocol version 2 only. +.Pp .It Fl 4 Forces .Nm to use IPv4 addresses only. +.Pp .It Fl 6 Forces .Nm to use IPv6 addresses only. +.Pp .It Fl A Enables forwarding of the authentication agent connection. This can also be specified on a per-host basis in a configuration file. @@ -122,14 +127,17 @@ socket) can access the local agent through the forwarded connection. An attacker cannot obtain key material from the agent, however they can perform operations on the keys that enable them to authenticate using the identities loaded into the agent. +.Pp .It Fl a Disables forwarding of the authentication agent connection. +.Pp .It Fl b Ar bind_address Use .Ar bind_address on the local machine as the source address of the connection. Only useful on systems with more than one address. +.Pp .It Fl C Requests compression of all data (including stdin, stdout, stderr, and data for forwarded X11, TCP and @@ -148,6 +156,7 @@ The default value can be set on a host-by-host basis in the configuration files; see the .Cm Compression option. +.Pp .It Fl c Ar cipher_spec Selects the cipher specification for encrypting the session. .Pp @@ -166,6 +175,7 @@ See the keyword in .Xr ssh_config 5 for more information. +.Pp .It Fl D Xo .Sm off .Oo Ar bind_address : Oc @@ -205,10 +215,12 @@ indicates that the listening port be bound for local use only, while an empty address or .Sq * indicates that the port should be available from all interfaces. +.Pp .It Fl E Ar log_file Append debug logs to .Ar log_file instead of standard error. +.Pp .It Fl e Ar escape_char Sets the escape character for sessions with a pty (default: .Ql ~ ) . @@ -221,6 +233,7 @@ and followed by itself sends the escape character once. Setting the character to .Dq none disables any escapes and makes the session fully transparent. +.Pp .It Fl F Ar configfile Specifies an alternative per-user configuration file. If a configuration file is given on the command line, @@ -229,6 +242,7 @@ the system-wide configuration file will be ignored. The default for the per-user configuration file is .Pa ~/.ssh/config . +.Pp .It Fl f Requests .Nm @@ -251,6 +265,7 @@ then a client started with .Fl f will wait for all remote port forwards to be successfully established before placing itself in the background. +.Pp .It Fl G Causes .Nm @@ -259,15 +274,18 @@ to print its configuration after evaluating and .Cm Match blocks and exit. +.Pp .It Fl g Allows remote hosts to connect to local forwarded ports. If used on a multiplexed connection, then this option must be specified on the master process. +.Pp .It Fl I Ar pkcs11 Specify the PKCS#11 shared library .Nm should use to communicate with a PKCS#11 token providing the user's private RSA key. +.Pp .It Fl i Ar identity_file Selects a file from which the identity (private key) for public key authentication is read. @@ -291,33 +309,58 @@ will also try to load certificate information from the filename obtained by appending .Pa -cert.pub to identity filenames. +.Pp .It Fl K Enables GSSAPI-based authentication and forwarding (delegation) of GSSAPI credentials to the server. +.Pp .It Fl k Disables forwarding (delegation) of GSSAPI credentials to the server. +.Pp .It Fl L Xo .Sm off .Oo Ar bind_address : Oc .Ar port : host : hostport .Sm on .Xc -Specifies that the given port on the local (client) host is to be -forwarded to the given host and port on the remote side. -This works by allocating a socket to listen to +.It Fl L Xo +.Sm off +.Oo Ar bind_address : Oc +.Ar port : remote_socket +.Sm on +.Xc +.It Fl L Xo +.Sm off +.Ar local_socket : host : hostport +.Sm on +.Xc +.It Fl L Xo +.Sm off +.Ar local_socket : remote_socket +.Sm on +.Xc +Specifies that connections to the given TCP port or Unix socket on the local +(client) host are to be forwarded to the given host and port, or Unix socket, +on the remote side. +This works by allocating a socket to listen to either a TCP .Ar port on the local side, optionally bound to the specified -.Ar bind_address . -Whenever a connection is made to this port, the +.Ar bind_address , +or to a Unix socket. +Whenever a connection is made to the local port or socket, the connection is forwarded over the secure channel, and a connection is -made to +made to either .Ar host port -.Ar hostport +.Ar hostport , +or the Unix socket +.Ar remote_socket , from the remote machine. +.Pp Port forwardings can also be specified in the configuration file. -IPv6 addresses can be specified by enclosing the address in square brackets. Only the superuser can forward privileged ports. +IPv6 addresses can be specified by enclosing the address in square brackets. +.Pp By default, the local port is bound in accordance with the .Cm GatewayPorts setting. @@ -332,9 +375,11 @@ indicates that the listening port be bound for local use only, while an empty address or .Sq * indicates that the port should be available from all interfaces. +.Pp .It Fl l Ar login_name Specifies the user to log in as on the remote machine. This also may be specified on a per-host basis in the configuration file. +.Pp .It Fl M Places the .Nm @@ -353,6 +398,7 @@ Refer to the description of in .Xr ssh_config 5 for details. +.Pp .It Fl m Ar mac_spec Additionally, for protocol version 2 a comma-separated list of MAC (message authentication code) algorithms can @@ -360,10 +406,12 @@ be specified in order of preference. See the .Cm MACs keyword for more information. +.Pp .It Fl N Do not execute a remote command. This is useful for just forwarding ports (protocol version 2 only). +.Pp .It Fl n Redirects stdin from .Pa /dev/null @@ -384,6 +432,7 @@ program will be put in the background. needs to ask for a password or passphrase; see also the .Fl f option.) +.Pp .It Fl O Ar ctl_cmd Control an active connection multiplexing master process. When the @@ -402,6 +451,7 @@ Valid commands are: (request the master to exit), and .Dq stop (request the master to stop accepting further multiplexing requests). +.Pp .It Fl o Ar option Can be used to give options in the format used in the configuration file. This is useful for specifying options for which there is no separate @@ -470,6 +520,7 @@ For full details of the options listed below, and their possible values, see .It Protocol .It ProxyCommand .It ProxyUseFdpass +.It PubkeyAcceptedKeyTypes .It PubkeyAuthentication .It RekeyLimit .It RemoteForward @@ -493,10 +544,12 @@ For full details of the options listed below, and their possible values, see .It VisualHostKey .It XAuthLocation .El +.Pp .It Fl p Ar port Port to connect to on the remote host. This can be specified on a per-host basis in the configuration file. +.Pp .It Fl Q Cm cipher | cipher-auth | mac | kex | key | protocol-version Queries .Nm @@ -514,25 +567,47 @@ The available features are: (key types) and .Ar protocol-version (supported SSH protocol versions). +.Pp .It Fl q Quiet mode. Causes most warning and diagnostic messages to be suppressed. +.Pp .It Fl R Xo .Sm off .Oo Ar bind_address : Oc .Ar port : host : hostport .Sm on .Xc -Specifies that the given port on the remote (server) host is to be -forwarded to the given host and port on the local side. -This works by allocating a socket to listen to +.It Fl R Xo +.Sm off +.Oo Ar bind_address : Oc +.Ar port : local_socket +.Sm on +.Xc +.It Fl R Xo +.Sm off +.Ar remote_socket : host : hostport +.Sm on +.Xc +.It Fl R Xo +.Sm off +.Ar remote_socket : local_socket +.Sm on +.Xc +Specifies that connections to the given TCP port or Unix socket on the remote +(server) host are to be forwarded to the given host and port, or Unix socket, +on the local side. +This works by allocating a socket to listen to either a TCP .Ar port -on the remote side, and whenever a connection is made to this port, the -connection is forwarded over the secure channel, and a connection is -made to +or to a Unix socket on the remote side. +Whenever a connection is made to this port or Unix socket, the +connection is forwarded over the secure channel, and a connection +is made to either .Ar host port -.Ar hostport +.Ar hostport , +or +.Ar local_socket , from the local machine. .Pp Port forwardings can also be specified in the configuration file. @@ -540,7 +615,7 @@ Privileged ports can be forwarded only when logging in as root on the remote machine. IPv6 addresses can be specified by enclosing the address in square brackets. .Pp -By default, the listening socket on the server will be bound to the loopback +By default, TCP listening sockets on the server will be bound to the loopback interface only. This may be overridden by specifying a .Ar bind_address . @@ -565,6 +640,7 @@ to the client at run time. When used together with .Ic -O forward the allocated port will be printed to the standard output. +.Pp .It Fl S Ar ctl_path Specifies the location of a control socket for connection sharing, or the string @@ -577,14 +653,17 @@ and in .Xr ssh_config 5 for details. +.Pp .It Fl s May be used to request invocation of a subsystem on the remote system. Subsystems are a feature of the SSH2 protocol which facilitate the use of SSH as a secure transport for other applications (eg.\& .Xr sftp 1 ) . The subsystem is specified as the remote command. +.Pp .It Fl T Disable pseudo-terminal allocation. +.Pp .It Fl t Force pseudo-terminal allocation. This can be used to execute arbitrary @@ -595,8 +674,10 @@ Multiple options force tty allocation, even if .Nm has no local tty. +.Pp .It Fl V Display the version number and exit. +.Pp .It Fl v Verbose mode. Causes @@ -608,6 +689,7 @@ Multiple .Fl v options increase the verbosity. The maximum is 3. +.Pp .It Fl W Ar host : Ns Ar port Requests that standard input and output on the client be forwarded to .Ar host @@ -621,6 +703,7 @@ Implies and .Cm ClearAllForwardings . Works with Protocol version 2 only. +.Pp .It Fl w Xo .Ar local_tun Ns Op : Ns Ar remote_tun .Xc @@ -650,6 +733,7 @@ If the .Cm Tunnel directive is unset, it is set to the default tunnel mode, which is .Dq point-to-point . +.Pp .It Fl X Enables X11 forwarding. This can also be specified on a per-host basis in a configuration file. @@ -670,12 +754,15 @@ option and the directive in .Xr ssh_config 5 for more information. +.Pp .It Fl x Disables X11 forwarding. +.Pp .It Fl Y Enables trusted X11 forwarding. Trusted X11 forwardings are not subjected to the X11 SECURITY extension controls. +.Pp .It Fl y Send log information using the .Xr syslog 3 diff --git a/ssh.c b/ssh.c index 3fd5a941ff6..59c1f931cb0 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.418 2015/05/04 06:10:48 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.420 2015/07/30 00:01:34 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -108,6 +108,7 @@ #include "roaming.h" #include "version.h" #include "ssherr.h" +#include "myproposal.h" #ifdef ENABLE_PKCS11 #include "ssh-pkcs11.h" @@ -203,10 +204,10 @@ usage(void) "usage: ssh [-1246AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]\n" " [-D [bind_address:]port] [-E log_file] [-e escape_char]\n" " [-F configfile] [-I pkcs11] [-i identity_file]\n" -" [-L [bind_address:]port:host:hostport] [-l login_name] [-m mac_spec]\n" +" [-L address] [-l login_name] [-m mac_spec]\n" " [-O ctl_cmd] [-o option] [-p port]\n" " [-Q cipher | cipher-auth | mac | kex | key]\n" -" [-R [bind_address:]port:host:hostport] [-S ctl_path] [-W host:port]\n" +" [-R address] [-S ctl_path] [-W host:port]\n" " [-w local_tun[:remote_tun]] [user@]hostname [command]\n" ); exit(255); @@ -794,26 +795,26 @@ main(int ac, char **av) } break; case 'c': - if (ciphers_valid(optarg)) { + if (ciphers_valid(*optarg == '+' ? + optarg + 1 : optarg)) { /* SSH2 only */ options.ciphers = xstrdup(optarg); options.cipher = SSH_CIPHER_INVALID; - } else { - /* SSH1 only */ - options.cipher = cipher_number(optarg); - if (options.cipher == -1) { - fprintf(stderr, - "Unknown cipher type '%s'\n", - optarg); - exit(255); - } - if (options.cipher == SSH_CIPHER_3DES) - options.ciphers = "3des-cbc"; - else if (options.cipher == SSH_CIPHER_BLOWFISH) - options.ciphers = "blowfish-cbc"; - else - options.ciphers = (char *)-1; + break; } + /* SSH1 only */ + options.cipher = cipher_number(optarg); + if (options.cipher == -1) { + fprintf(stderr, "Unknown cipher type '%s'\n", + optarg); + exit(255); + } + if (options.cipher == SSH_CIPHER_3DES) + options.ciphers = xstrdup("3des-cbc"); + else if (options.cipher == SSH_CIPHER_BLOWFISH) + options.ciphers = xstrdup("blowfish-cbc"); + else + options.ciphers = xstrdup(KEX_CLIENT_ENCRYPT); break; case 'm': if (mac_valid(optarg)) diff --git a/ssh.h b/ssh.h index c94633bdce4..39c7e18af10 100644 --- a/ssh.h +++ b/ssh.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.h,v 1.79 2010/06/25 07:14:46 djm Exp $ */ +/* $OpenBSD: ssh.h,v 1.81 2015/08/04 05:23:06 djm Exp $ */ /* * Author: Tatu Ylonen diff --git a/ssh_config.0 b/ssh_config.0 index b0a614b8a3a..654807779d2 100644 --- a/ssh_config.0 +++ b/ssh_config.0 @@ -180,8 +180,12 @@ DESCRIPTION Ciphers Specifies the ciphers allowed for protocol version 2 in order of - preference. Multiple ciphers must be comma-separated. The - supported ciphers are: + preference. Multiple ciphers must be comma-separated. If the + specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified + ciphers will be appended to the default set instead of replacing + them. + + The supported ciphers are: 3des-cbc aes128-cbc @@ -435,23 +439,35 @@ DESCRIPTION HostbasedKeyTypes Specifies the key types that will be used for hostbased - authentication as a comma-separated pattern list. The default - M-bM-^@M-^\*M-bM-^@M-^] will allow all key types. The -Q option of ssh(1) may be - used to list supported key types. - - HostKeyAlgorithms - Specifies the protocol version 2 host key algorithms that the - client wants to use in order of preference. The default for this - option is: + authentication as a comma-separated pattern list. Alternately if + the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the + specified key types will be appended to the default set instead + of replacing them. The default for this option is: ecdsa-sha2-nistp256-cert-v01@openssh.com, ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, ssh-ed25519-cert-v01@openssh.com, - ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com, - ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com, + ssh-rsa-cert-v01@openssh.com, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, - ssh-ed25519,ssh-rsa,ssh-dss + ssh-ed25519,ssh-rsa + + The -Q option of ssh(1) may be used to list supported key types. + + HostKeyAlgorithms + Specifies the protocol version 2 host key algorithms that the + client wants to use in order of preference. Alternately if the + specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified + key types will be appended to the default set instead of + replacing them. The default for this option is: + + ecdsa-sha2-nistp256-cert-v01@openssh.com, + ecdsa-sha2-nistp384-cert-v01@openssh.com, + ecdsa-sha2-nistp521-cert-v01@openssh.com, + ssh-ed25519-cert-v01@openssh.com, + ssh-rsa-cert-v01@openssh.com, + ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, + ssh-ed25519,ssh-rsa If hostkeys are known for the destination host then this default is modified to prefer their algorithms. @@ -548,14 +564,16 @@ DESCRIPTION KexAlgorithms Specifies the available KEX (Key Exchange) algorithms. Multiple - algorithms must be comma-separated. The default is: + algorithms must be comma-separated. Alternately if the specified + value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified methods + will be appended to the default set instead of replacing them. + The default is: curve25519-sha256@libssh.org, ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, diffie-hellman-group-exchange-sha256, diffie-hellman-group-exchange-sha1, - diffie-hellman-group14-sha1, - diffie-hellman-group1-sha1 + diffie-hellman-group14-sha1 The list of available key exchange algorithms may also be obtained using the -Q option of ssh(1) with an argument of M-bM-^@M-^\kexM-bM-^@M-^]. @@ -604,9 +622,15 @@ DESCRIPTION MACs Specifies the MAC (message authentication code) algorithms in order of preference. The MAC algorithm is used in protocol version 2 for data integrity protection. Multiple algorithms - must be comma-separated. The algorithms that contain M-bM-^@M-^\-etmM-bM-^@M-^] - calculate the MAC after encryption (encrypt-then-mac). These are - considered safer and their use recommended. The default is: + must be comma-separated. If the specified value begins with a + M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified algorithms will be appended to + the default set instead of replacing them. + + The algorithms that contain M-bM-^@M-^\-etmM-bM-^@M-^] calculate the MAC after + encryption (encrypt-then-mac). These are considered safer and + their use recommended. + + The default is: umac-64-etm@openssh.com,umac-128-etm@openssh.com, hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com, @@ -696,6 +720,23 @@ DESCRIPTION back to ssh(1) instead of continuing to execute and pass data. The default is M-bM-^@M-^\noM-bM-^@M-^]. + PubkeyAcceptedKeyTypes + Specifies the key types that will be used for public key + authentication as a comma-separated pattern list. Alternately if + the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the key + types after it will be appended to the default instead of + replacing it. The default for this option is: + + ecdsa-sha2-nistp256-cert-v01@openssh.com, + ecdsa-sha2-nistp384-cert-v01@openssh.com, + ecdsa-sha2-nistp521-cert-v01@openssh.com, + ssh-ed25519-cert-v01@openssh.com, + ssh-rsa-cert-v01@openssh.com, + ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, + ssh-ed25519,ssh-rsa + + The -Q option of ssh(1) may be used to list supported key types. + PubkeyAuthentication Specifies whether to try public key authentication. The argument to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\yesM-bM-^@M-^]. @@ -982,4 +1023,4 @@ AUTHORS created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -OpenBSD 5.7 June 2, 2015 OpenBSD 5.7 +OpenBSD 5.8 July 30, 2015 OpenBSD 5.8 diff --git a/ssh_config.5 b/ssh_config.5 index 268a627b2bc..5b0975f87e2 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.211 2015/06/02 09:10:40 djm Exp $ -.Dd $Mdocdate: June 2 2015 $ +.\" $OpenBSD: ssh_config.5,v 1.214 2015/07/30 00:01:34 djm Exp $ +.Dd $Mdocdate: July 30 2015 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -373,6 +373,11 @@ The default is Specifies the ciphers allowed for protocol version 2 in order of preference. Multiple ciphers must be comma-separated. +If the specified value begins with a +.Sq + +character, then the specified ciphers will be appended to the default set +instead of replacing them. +.Pp The supported ciphers are: .Pp .Bl -item -compact -offset indent @@ -781,9 +786,21 @@ is similar to .It Cm HostbasedKeyTypes Specifies the key types that will be used for hostbased authentication as a comma-separated pattern list. -The default -.Dq * -will allow all key types. +Alternately if the specified value begins with a +.Sq + +character, then the specified key types will be appended to the default set +instead of replacing them. +The default for this option is: +.Bd -literal -offset 3n +ecdsa-sha2-nistp256-cert-v01@openssh.com, +ecdsa-sha2-nistp384-cert-v01@openssh.com, +ecdsa-sha2-nistp521-cert-v01@openssh.com, +ssh-ed25519-cert-v01@openssh.com, +ssh-rsa-cert-v01@openssh.com, +ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, +ssh-ed25519,ssh-rsa +.Ed +.Pp The .Fl Q option of @@ -792,16 +809,19 @@ may be used to list supported key types. .It Cm HostKeyAlgorithms Specifies the protocol version 2 host key algorithms that the client wants to use in order of preference. +Alternately if the specified value begins with a +.Sq + +character, then the specified key types will be appended to the default set +instead of replacing them. The default for this option is: .Bd -literal -offset 3n ecdsa-sha2-nistp256-cert-v01@openssh.com, ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, ssh-ed25519-cert-v01@openssh.com, -ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com, -ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com, +ssh-rsa-cert-v01@openssh.com, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, -ssh-ed25519,ssh-rsa,ssh-dss +ssh-ed25519,ssh-rsa .Ed .Pp If hostkeys are known for the destination host then this default is modified @@ -974,14 +994,17 @@ and .It Cm KexAlgorithms Specifies the available KEX (Key Exchange) algorithms. Multiple algorithms must be comma-separated. +Alternately if the specified value begins with a +.Sq + +character, then the specified methods will be appended to the default set +instead of replacing them. The default is: .Bd -literal -offset indent curve25519-sha256@libssh.org, ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, diffie-hellman-group-exchange-sha256, diffie-hellman-group-exchange-sha1, -diffie-hellman-group14-sha1, -diffie-hellman-group1-sha1 +diffie-hellman-group14-sha1 .Ed .Pp The list of available key exchange algorithms may also be obtained using the @@ -1063,10 +1086,16 @@ in order of preference. The MAC algorithm is used in protocol version 2 for data integrity protection. Multiple algorithms must be comma-separated. +If the specified value begins with a +.Sq + +character, then the specified algorithms will be appended to the default set +instead of replacing them. +.Pp The algorithms that contain .Dq -etm calculate the MAC after encryption (encrypt-then-mac). These are considered safer and their use recommended. +.Pp The default is: .Bd -literal -offset indent umac-64-etm@openssh.com,umac-128-etm@openssh.com, @@ -1207,6 +1236,29 @@ will pass a connected file descriptor back to instead of continuing to execute and pass data. The default is .Dq no . +.It Cm PubkeyAcceptedKeyTypes +Specifies the key types that will be used for public key authentication +as a comma-separated pattern list. +Alternately if the specified value begins with a +.Sq + +character, then the key types after it will be appended to the default +instead of replacing it. +The default for this option is: +.Bd -literal -offset 3n +ecdsa-sha2-nistp256-cert-v01@openssh.com, +ecdsa-sha2-nistp384-cert-v01@openssh.com, +ecdsa-sha2-nistp521-cert-v01@openssh.com, +ssh-ed25519-cert-v01@openssh.com, +ssh-rsa-cert-v01@openssh.com, +ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, +ssh-ed25519,ssh-rsa +.Ed +.Pp +The +.Fl Q +option of +.Xr ssh 1 +may be used to list supported key types. .It Cm PubkeyAuthentication Specifies whether to try public key authentication. The argument to this keyword must be diff --git a/sshconnect2.c b/sshconnect2.c index fcaed6b01c5..775103185ed 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.224 2015/05/04 06:10:48 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.226 2015/07/30 00:01:34 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -163,18 +163,12 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) xxx_host = host; xxx_hostaddr = hostaddr; - if (options.ciphers == (char *)-1) { - logit("No valid ciphers for protocol version 2 given, using defaults."); - options.ciphers = NULL; - } - if (options.ciphers != NULL) { - myproposal[PROPOSAL_ENC_ALGS_CTOS] = - myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers; - } + myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal( + options.kex_algorithms); myproposal[PROPOSAL_ENC_ALGS_CTOS] = - compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]); + compat_cipher_proposal(options.ciphers); myproposal[PROPOSAL_ENC_ALGS_STOC] = - compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]); + compat_cipher_proposal(options.ciphers); if (options.compression) { myproposal[PROPOSAL_COMP_ALGS_CTOS] = myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib@openssh.com,zlib,none"; @@ -182,23 +176,22 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) myproposal[PROPOSAL_COMP_ALGS_CTOS] = myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com,zlib"; } - if (options.macs != NULL) { - myproposal[PROPOSAL_MAC_ALGS_CTOS] = - myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; - } - if (options.hostkeyalgorithms != NULL) + myproposal[PROPOSAL_MAC_ALGS_CTOS] = + myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; + if (options.hostkeyalgorithms != NULL) { + if (kex_assemble_names(KEX_DEFAULT_PK_ALG, + &options.hostkeyalgorithms) != 0) + fatal("%s: kex_assemble_namelist", __func__); myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(options.hostkeyalgorithms); - else { + } else { + /* Enforce default */ + options.hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG); /* Prefer algorithms that we already have keys for */ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( order_hostkeyalgs(host, hostaddr, port)); } - if (options.kex_algorithms != NULL) - myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms; - myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal( - myproposal[PROPOSAL_KEX_ALGS]); if (options.rekey_limit || options.rekey_interval) packet_set_rekey_limits((u_int32_t)options.rekey_limit, @@ -1315,6 +1308,26 @@ pubkey_cleanup(Authctxt *authctxt) } } +static int +try_identity(Identity *id) +{ + if (!id->key) + return (0); + if (match_pattern_list(sshkey_ssh_name(id->key), + options.pubkey_key_types, 0) != 1) { + debug("Skipping %s key %s for not in PubkeyAcceptedKeyTypes", + sshkey_ssh_name(id->key), id->filename); + return (0); + } + if (key_type_plain(id->key->type) == KEY_RSA && + (datafellows & SSH_BUG_RSASIGMD5) != 0) { + debug("Skipped %s key %s for RSA/MD5 server", + key_type(id->key), id->filename); + return (0); + } + return (id->key->type != KEY_RSA1); +} + int userauth_pubkey(Authctxt *authctxt) { @@ -1333,11 +1346,7 @@ userauth_pubkey(Authctxt *authctxt) * private key instead */ if (id->key != NULL) { - if (key_type_plain(id->key->type) == KEY_RSA && - (datafellows & SSH_BUG_RSASIGMD5) != 0) { - debug("Skipped %s key %s for RSA/MD5 server", - key_type(id->key), id->filename); - } else if (id->key->type != KEY_RSA1) { + if (try_identity(id)) { debug("Offering %s public key: %s", key_type(id->key), id->filename); sent = send_pubkey_test(authctxt, id); @@ -1347,13 +1356,8 @@ userauth_pubkey(Authctxt *authctxt) id->key = load_identity_file(id->filename, id->userprovided); if (id->key != NULL) { - id->isprivate = 1; - if (key_type_plain(id->key->type) == KEY_RSA && - (datafellows & SSH_BUG_RSASIGMD5) != 0) { - debug("Skipped %s key %s for RSA/MD5 " - "server", key_type(id->key), - id->filename); - } else { + if (try_identity(id)) { + id->isprivate = 1; sent = sign_and_send_pubkey( authctxt, id); } diff --git a/sshd.0 b/sshd.0 index 33a9392f94c..7980225686f 100644 --- a/sshd.0 +++ b/sshd.0 @@ -87,12 +87,11 @@ DESCRIPTION files for the different protocol versions and host key algorithms. - -i Specifies that sshd is being run from inetd(8). sshd is normally - not run from inetd because it needs to generate the server key - before it can respond to the client, and this may take tens of - seconds. Clients would have to wait too long if the key was - regenerated every time. However, with small key sizes (e.g. 512) - using sshd from inetd may be feasible. + -i Specifies that sshd is being run from inetd(8). If SSH protocol + 1 is enabled, sshd should not normally be run from inetd because + it needs to generate the server key before it can respond to the + client, and this may take some time. Clients may have to wait + too long if the key was regenerated every time. -k key_gen_time Specifies how often the ephemeral protocol version 1 server key @@ -152,7 +151,7 @@ AUTHENTICATION host-specific key, normally 2048 bits, used to identify the host. Forward security for protocol 1 is provided through an additional server - key, normally 768 bits, generated when the server starts. This key is + key, normally 1024 bits, generated when the server starts. This key is normally regenerated every hour if it has been used, and is never stored on disk. Whenever a client connects, the daemon responds with its public host and server keys. The client compares the RSA host key against its @@ -633,4 +632,4 @@ AUTHORS versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support for privilege separation. -OpenBSD 5.7 May 1, 2015 OpenBSD 5.7 +OpenBSD 5.8 July 3, 2015 OpenBSD 5.8 diff --git a/sshd.8 b/sshd.8 index dcf20f0ea81..213b5fc4315 100644 --- a/sshd.8 +++ b/sshd.8 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.279 2015/05/01 07:11:47 djm Exp $ -.Dd $Mdocdate: May 1 2015 $ +.\" $OpenBSD: sshd.8,v 1.280 2015/07/03 03:49:45 djm Exp $ +.Dd $Mdocdate: July 3 2015 $ .Dt SSHD 8 .Os .Sh NAME @@ -184,15 +184,12 @@ Specifies that .Nm is being run from .Xr inetd 8 . +If SSH protocol 1 is enabled, .Nm -is normally not run +should not normally be run from inetd because it needs to generate the server key before it can -respond to the client, and this may take tens of seconds. -Clients would have to wait too long if the key was regenerated every time. -However, with small key sizes (e.g. 512) using -.Nm -from inetd may -be feasible. +respond to the client, and this may take some time. +Clients may have to wait too long if the key was regenerated every time. .It Fl k Ar key_gen_time Specifies how often the ephemeral protocol version 1 server key is regenerated (default 3600 seconds, or one hour). @@ -287,7 +284,7 @@ used to identify the host. .Pp Forward security for protocol 1 is provided through an additional server key, -normally 768 bits, +normally 1024 bits, generated when the server starts. This key is normally regenerated every hour if it has been used, and is never stored on disk. diff --git a/sshd.c b/sshd.c index 6f8c6f2b108..c7dd8cb7a06 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.450 2015/05/24 23:39:16 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.457 2015/07/30 00:01:34 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -95,6 +95,7 @@ #include "log.h" #include "buffer.h" #include "misc.h" +#include "match.h" #include "servconf.h" #include "uidswap.h" #include "compat.h" @@ -797,8 +798,15 @@ list_hostkey_types(void) key = sensitive_data.host_keys[i]; if (key == NULL) key = sensitive_data.host_pubkeys[i]; - if (key == NULL) + if (key == NULL || key->type == KEY_RSA1) continue; + /* Check that the key is accepted in HostkeyAlgorithms */ + if (match_pattern_list(sshkey_ssh_name(key), + options.hostkeyalgorithms, 0) != 1) { + debug3("%s: %s key not permitted by HostkeyAlgorithms", + __func__, sshkey_ssh_name(key)); + continue; + } switch (key->type) { case KEY_RSA: case KEY_DSA: @@ -815,8 +823,6 @@ list_hostkey_types(void) if (key == NULL) continue; switch (key->type) { - case KEY_RSA_CERT_V00: - case KEY_DSA_CERT_V00: case KEY_RSA_CERT: case KEY_DSA_CERT: case KEY_ECDSA_CERT: @@ -843,8 +849,6 @@ get_hostkey_by_type(int type, int nid, int need_private, struct ssh *ssh) for (i = 0; i < options.num_host_key_files; i++) { switch (type) { - case KEY_RSA_CERT_V00: - case KEY_DSA_CERT_V00: case KEY_RSA_CERT: case KEY_DSA_CERT: case KEY_ECDSA_CERT: @@ -1878,8 +1882,8 @@ main(int ac, char **av) #ifdef WITH_SSH1 /* Check certain values for sanity. */ if (options.protocol & SSH_PROTO_1) { - if (options.server_key_bits < 512 || - options.server_key_bits > 32768) { + if (options.server_key_bits < SSH_RSA_MINIMUM_MODULUS_SIZE || + options.server_key_bits > OPENSSL_RSA_MAX_MODULUS_BITS) { fprintf(stderr, "Bad server key size.\n"); exit(1); } @@ -2527,9 +2531,7 @@ sshd_hostkey_sign(Key *privkey, Key *pubkey, u_char **signature, size_t *slen, return 0; } -/* - * SSH2 key exchange: diffie-hellman-group1-sha1 - */ +/* SSH2 key exchange */ static void do_ssh2_kex(void) { @@ -2537,19 +2539,15 @@ do_ssh2_kex(void) struct kex *kex; int r; - if (options.ciphers != NULL) { - myproposal[PROPOSAL_ENC_ALGS_CTOS] = - myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers; - } - myproposal[PROPOSAL_ENC_ALGS_CTOS] = - compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]); - myproposal[PROPOSAL_ENC_ALGS_STOC] = - compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]); + myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal( + options.kex_algorithms); + myproposal[PROPOSAL_ENC_ALGS_CTOS] = compat_cipher_proposal( + options.ciphers); + myproposal[PROPOSAL_ENC_ALGS_STOC] = compat_cipher_proposal( + options.ciphers); + myproposal[PROPOSAL_MAC_ALGS_CTOS] = + myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; - if (options.macs != NULL) { - myproposal[PROPOSAL_MAC_ALGS_CTOS] = - myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; - } if (options.compression == COMP_NONE) { myproposal[PROPOSAL_COMP_ALGS_CTOS] = myproposal[PROPOSAL_COMP_ALGS_STOC] = "none"; @@ -2557,11 +2555,6 @@ do_ssh2_kex(void) myproposal[PROPOSAL_COMP_ALGS_CTOS] = myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com"; } - if (options.kex_algorithms != NULL) - myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms; - - myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal( - myproposal[PROPOSAL_KEX_ALGS]); if (options.rekey_limit || options.rekey_interval) packet_set_rekey_limits((u_int32_t)options.rekey_limit, diff --git a/sshd_config b/sshd_config index cf7d8e1e81e..4d77f05aa2d 100644 --- a/sshd_config +++ b/sshd_config @@ -1,4 +1,4 @@ -# $OpenBSD: sshd_config,v 1.95 2015/04/27 21:42:48 djm Exp $ +# $OpenBSD: sshd_config,v 1.97 2015/08/06 14:53:21 deraadt Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. @@ -41,7 +41,7 @@ # Authentication: #LoginGraceTime 2m -#PermitRootLogin no +#PermitRootLogin prohibit-password #StrictModes yes #MaxAuthTries 6 #MaxSessions 10 diff --git a/sshd_config.0 b/sshd_config.0 index 64104185252..1cc7459f87b 100644 --- a/sshd_config.0 +++ b/sshd_config.0 @@ -262,7 +262,11 @@ DESCRIPTION Ciphers Specifies the ciphers allowed for protocol version 2. Multiple - ciphers must be comma-separated. The supported ciphers are: + ciphers must be comma-separated. If the specified value begins + with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified ciphers will be appended + to the default set instead of replacing them. + + The supported ciphers are: 3des-cbc aes128-cbc @@ -394,9 +398,20 @@ DESCRIPTION HostbasedAcceptedKeyTypes Specifies the key types that will be accepted for hostbased - authentication as a comma-separated pattern list. The default - M-bM-^@M-^\*M-bM-^@M-^] will allow all key types. The -Q option of ssh(1) may be - used to list supported key types. + authentication as a comma-separated pattern list. Alternately if + the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the + specified key types will be appended to the default set instead + of replacing them. The default for this option is: + + ecdsa-sha2-nistp256-cert-v01@openssh.com, + ecdsa-sha2-nistp384-cert-v01@openssh.com, + ecdsa-sha2-nistp521-cert-v01@openssh.com, + ssh-ed25519-cert-v01@openssh.com, + ssh-rsa-cert-v01@openssh.com, + ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, + ssh-ed25519,ssh-rsa + + The -Q option of ssh(1) may be used to list supported key types. HostbasedAuthentication Specifies whether rhosts or /etc/hosts.equiv authentication @@ -425,13 +440,17 @@ DESCRIPTION default is /etc/ssh/ssh_host_key for protocol version 1, and /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_ecdsa_key, /etc/ssh/ssh_host_ed25519_key and /etc/ssh/ssh_host_rsa_key for - protocol version 2. Note that sshd(8) will refuse to use a file - if it is group/world-accessible. It is possible to have multiple - host key files. M-bM-^@M-^\rsa1M-bM-^@M-^] keys are used for version 1 and M-bM-^@M-^\dsaM-bM-^@M-^], - M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ed25519M-bM-^@M-^] or M-bM-^@M-^\rsaM-bM-^@M-^] are used for version 2 of the SSH - protocol. It is also possible to specify public host key files - instead. In this case operations on the private key will be - delegated to an ssh-agent(1). + protocol version 2. + + Note that sshd(8) will refuse to use a file if it is group/world- + accessible and that the HostKeyAlgorithms option restricts which + of the keys are actually used by sshd(8). + + It is possible to have multiple host key files. M-bM-^@M-^\rsa1M-bM-^@M-^] keys are + used for version 1 and M-bM-^@M-^\dsaM-bM-^@M-^], M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ed25519M-bM-^@M-^] or M-bM-^@M-^\rsaM-bM-^@M-^] are + used for version 2 of the SSH protocol. It is also possible to + specify public host key files instead. In this case operations + on the private key will be delegated to an ssh-agent(1). HostKeyAgent Identifies the UNIX-domain socket used to communicate with an @@ -439,6 +458,21 @@ DESCRIPTION M-bM-^@M-^\SSH_AUTH_SOCKM-bM-^@M-^] is specified, the location of the socket will be read from the SSH_AUTH_SOCK environment variable. + HostKeyAlgorithms + Specifies the protocol version 2 host key algorithms that the + server offers. The default for this option is: + + ecdsa-sha2-nistp256-cert-v01@openssh.com, + ecdsa-sha2-nistp384-cert-v01@openssh.com, + ecdsa-sha2-nistp521-cert-v01@openssh.com, + ssh-ed25519-cert-v01@openssh.com, + ssh-rsa-cert-v01@openssh.com, + ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, + ssh-ed25519,ssh-rsa + + The list of available key types may also be obtained using the -Q + option of ssh(1) with an argument of M-bM-^@M-^\keyM-bM-^@M-^]. + IgnoreRhosts Specifies that .rhosts and .shosts files will not be used in RhostsRSAAuthentication or HostbasedAuthentication. @@ -493,8 +527,10 @@ DESCRIPTION KexAlgorithms Specifies the available KEX (Key Exchange) algorithms. Multiple - algorithms must be comma-separated. The supported algorithms - are: + algorithms must be comma-separated. Alternately if the specified + value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified methods + will be appended to the default set instead of replacing them. + The supported algorithms are: curve25519-sha256@libssh.org diffie-hellman-group1-sha1 @@ -551,9 +587,13 @@ DESCRIPTION MACs Specifies the available MAC (message authentication code) algorithms. The MAC algorithm is used in protocol version 2 for data integrity protection. Multiple algorithms must be comma- - separated. The algorithms that contain M-bM-^@M-^\-etmM-bM-^@M-^] calculate the MAC - after encryption (encrypt-then-mac). These are considered safer - and their use recommended. The supported MACs are: + separated. If the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, + then the specified algorithms will be appended to the default set + instead of replacing them. + + The algorithms that contain M-bM-^@M-^\-etmM-bM-^@M-^] calculate the MAC after + encryption (encrypt-then-mac). These are considered safer and + their use recommended. The supported MACs are: hmac-md5 hmac-md5-96 @@ -673,11 +713,13 @@ DESCRIPTION PermitRootLogin Specifies whether root can log in using ssh(1). The argument - must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\without-passwordM-bM-^@M-^], M-bM-^@M-^\forced-commands-onlyM-bM-^@M-^], or - M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. + must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\prohibit-passwordM-bM-^@M-^], M-bM-^@M-^\without-passwordM-bM-^@M-^], + M-bM-^@M-^\forced-commands-onlyM-bM-^@M-^], or M-bM-^@M-^\noM-bM-^@M-^]. The default is + M-bM-^@M-^\prohibit-passwordM-bM-^@M-^]. - If this option is set to M-bM-^@M-^\without-passwordM-bM-^@M-^], password - authentication is disabled for root. + If this option is set to M-bM-^@M-^\prohibit-passwordM-bM-^@M-^] or + M-bM-^@M-^\without-passwordM-bM-^@M-^], password and keyboard-interactive + authentication are disabled for root. If this option is set to M-bM-^@M-^\forced-commands-onlyM-bM-^@M-^], root login with public key authentication will be allowed, but only if the @@ -740,9 +782,20 @@ DESCRIPTION PubkeyAcceptedKeyTypes Specifies the key types that will be accepted for public key - authentication as a comma-separated pattern list. The default - M-bM-^@M-^\*M-bM-^@M-^] will allow all key types. The -Q option of ssh(1) may be - used to list supported key types. + authentication as a comma-separated pattern list. Alternately if + the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the + specified key types will be appended to the default set instead + of replacing them. The default for this option is: + + ecdsa-sha2-nistp256-cert-v01@openssh.com, + ecdsa-sha2-nistp384-cert-v01@openssh.com, + ecdsa-sha2-nistp521-cert-v01@openssh.com, + ssh-ed25519-cert-v01@openssh.com, + ssh-rsa-cert-v01@openssh.com, + ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, + ssh-ed25519,ssh-rsa + + The -Q option of ssh(1) may be used to list supported key types. PubkeyAuthentication Specifies whether public key authentication is allowed. The @@ -786,7 +839,7 @@ DESCRIPTION ServerKeyBits Defines the number of bits in the ephemeral protocol version 1 - server key. The minimum value is 512, and the default is 1024. + server key. The default and minimum value is 1024. StreamLocalBindMask Sets the octal file creation mode mask (umask) used when creating @@ -868,9 +921,13 @@ DESCRIPTION TrustedUserCAKeys. For more details on certificates, see the CERTIFICATES section in ssh-keygen(1). - UseDNS Specifies whether sshd(8) should look up the remote host name and - check that the resolved host name for the remote IP address maps - back to the very same IP address. The default is M-bM-^@M-^\noM-bM-^@M-^]. + UseDNS Specifies whether sshd(8) should look up the remote host name, + and to check that the resolved host name for the remote IP + address maps back to the very same IP address. + + If this option is set to M-bM-^@M-^\noM-bM-^@M-^] (the default) then only addresses + and not host names may be used in ~/.ssh/known_hosts from and + sshd_config(5) Match Host directives. UseLogin Specifies whether login(1) is used for interactive login @@ -992,4 +1049,4 @@ AUTHORS versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support for privilege separation. -OpenBSD 5.7 June 5, 2015 OpenBSD 5.7 +OpenBSD 5.8 August 6, 2015 OpenBSD 5.8 diff --git a/sshd_config.5 b/sshd_config.5 index 5ab4318906c..58e277f958f 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.204 2015/06/05 03:44:14 djm Exp $ -.Dd $Mdocdate: June 5 2015 $ +.\" $OpenBSD: sshd_config.5,v 1.210 2015/08/06 14:53:21 deraadt Exp $ +.Dd $Mdocdate: August 6 2015 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -434,6 +434,11 @@ The default is not to .It Cm Ciphers Specifies the ciphers allowed for protocol version 2. Multiple ciphers must be comma-separated. +If the specified value begins with a +.Sq + +character, then the specified ciphers will be appended to the default set +instead of replacing them. +.Pp The supported ciphers are: .Pp .Bl -item -compact -offset indent @@ -640,9 +645,21 @@ The default is .It Cm HostbasedAcceptedKeyTypes Specifies the key types that will be accepted for hostbased authentication as a comma-separated pattern list. -The default -.Dq * -will allow all key types. +Alternately if the specified value begins with a +.Sq + +character, then the specified key types will be appended to the default set +instead of replacing them. +The default for this option is: +.Bd -literal -offset 3n +ecdsa-sha2-nistp256-cert-v01@openssh.com, +ecdsa-sha2-nistp384-cert-v01@openssh.com, +ecdsa-sha2-nistp521-cert-v01@openssh.com, +ssh-ed25519-cert-v01@openssh.com, +ssh-rsa-cert-v01@openssh.com, +ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, +ssh-ed25519,ssh-rsa +.Ed +.Pp The .Fl Q option of @@ -694,9 +711,15 @@ for protocol version 1, and and .Pa /etc/ssh/ssh_host_rsa_key for protocol version 2. +.Pp Note that .Xr sshd 8 -will refuse to use a file if it is group/world-accessible. +will refuse to use a file if it is group/world-accessible +and that the +.Cm HostKeyAlgorithms +option restricts which of the keys are actually used by +.Xr sshd 8 . +.Pp It is possible to have multiple host key files. .Dq rsa1 keys are used for version 1 and @@ -718,6 +741,26 @@ If is specified, the location of the socket will be read from the .Ev SSH_AUTH_SOCK environment variable. +.It Cm HostKeyAlgorithms +Specifies the protocol version 2 host key algorithms +that the server offers. +The default for this option is: +.Bd -literal -offset 3n +ecdsa-sha2-nistp256-cert-v01@openssh.com, +ecdsa-sha2-nistp384-cert-v01@openssh.com, +ecdsa-sha2-nistp521-cert-v01@openssh.com, +ssh-ed25519-cert-v01@openssh.com, +ssh-rsa-cert-v01@openssh.com, +ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, +ssh-ed25519,ssh-rsa +.Ed +.Pp +The list of available key types may also be obtained using the +.Fl Q +option of +.Xr ssh 1 +with an argument of +.Dq key . .It Cm IgnoreRhosts Specifies that .Pa .rhosts @@ -821,6 +864,10 @@ The default is .It Cm KexAlgorithms Specifies the available KEX (Key Exchange) algorithms. Multiple algorithms must be comma-separated. +Alternately if the specified value begins with a +.Sq + +character, then the specified methods will be appended to the default set +instead of replacing them. The supported algorithms are: .Pp .Bl -item -compact -offset indent @@ -919,6 +966,11 @@ Specifies the available MAC (message authentication code) algorithms. The MAC algorithm is used in protocol version 2 for data integrity protection. Multiple algorithms must be comma-separated. +If the specified value begins with a +.Sq + +character, then the specified algorithms will be appended to the default set +instead of replacing them. +.Pp The algorithms that contain .Dq -etm calculate the MAC after encryption (encrypt-then-mac). @@ -1152,16 +1204,19 @@ Specifies whether root can log in using .Xr ssh 1 . The argument must be .Dq yes , +.Dq prohibit-password , .Dq without-password , .Dq forced-commands-only , or .Dq no . The default is -.Dq no . +.Dq prohibit-password . .Pp If this option is set to +.Dq prohibit-password +or .Dq without-password , -password authentication is disabled for root. +password and keyboard-interactive authentication are disabled for root. .Pp If this option is set to .Dq forced-commands-only , @@ -1279,9 +1334,21 @@ is identical to .It Cm PubkeyAcceptedKeyTypes Specifies the key types that will be accepted for public key authentication as a comma-separated pattern list. -The default -.Dq * -will allow all key types. +Alternately if the specified value begins with a +.Sq + +character, then the specified key types will be appended to the default set +instead of replacing them. +The default for this option is: +.Bd -literal -offset 3n +ecdsa-sha2-nistp256-cert-v01@openssh.com, +ecdsa-sha2-nistp384-cert-v01@openssh.com, +ecdsa-sha2-nistp521-cert-v01@openssh.com, +ssh-ed25519-cert-v01@openssh.com, +ssh-rsa-cert-v01@openssh.com, +ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, +ssh-ed25519,ssh-rsa +.Ed +.Pp The .Fl Q option of @@ -1343,7 +1410,7 @@ The default is This option applies to protocol version 1 only. .It Cm ServerKeyBits Defines the number of bits in the ephemeral protocol version 1 server key. -The minimum value is 512, and the default is 1024. +The default and minimum value is 1024. .It Cm StreamLocalBindMask Sets the octal file creation mode mask .Pq umask @@ -1451,11 +1518,20 @@ For more details on certificates, see the CERTIFICATES section in .It Cm UseDNS Specifies whether .Xr sshd 8 -should look up the remote host name and check that +should look up the remote host name, and to check that the resolved host name for the remote IP address maps back to the very same IP address. -The default is -.Dq no . +.Pp +If this option is set to +.Dq no +(the default) then only addresses and not host names may be used in +.Pa ~/.ssh/known_hosts +.Cm from +and +.Xr sshd_config 5 +.Cm Match +.Cm Host +directives. .It Cm UseLogin Specifies whether .Xr login 1 diff --git a/sshkey.c b/sshkey.c index cfe5980805e..dbb16e2fd1b 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.19 2015/05/21 04:55:51 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.20 2015/07/03 03:43:18 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -111,10 +111,6 @@ static const struct keytype keytypes[] = { KEY_ECDSA_CERT, NID_secp521r1, 1 }, # endif /* OPENSSL_HAS_NISTP521 */ # endif /* OPENSSL_HAS_ECC */ - { "ssh-rsa-cert-v00@openssh.com", "RSA-CERT-V00", - KEY_RSA_CERT_V00, 0, 1 }, - { "ssh-dss-cert-v00@openssh.com", "DSA-CERT-V00", - KEY_DSA_CERT_V00, 0, 1 }, #endif /* WITH_OPENSSL */ { NULL, NULL, -1, -1, 0 } }; @@ -272,11 +268,9 @@ sshkey_size(const struct sshkey *k) #ifdef WITH_OPENSSL case KEY_RSA1: case KEY_RSA: - case KEY_RSA_CERT_V00: case KEY_RSA_CERT: return BN_num_bits(k->rsa->n); case KEY_DSA: - case KEY_DSA_CERT_V00: case KEY_DSA_CERT: return BN_num_bits(k->dsa->p); case KEY_ECDSA: @@ -290,18 +284,6 @@ sshkey_size(const struct sshkey *k) return 0; } -int -sshkey_cert_is_legacy(const struct sshkey *k) -{ - switch (k->type) { - case KEY_DSA_CERT_V00: - case KEY_RSA_CERT_V00: - return 1; - default: - return 0; - } -} - static int sshkey_type_is_valid_ca(int type) { @@ -329,10 +311,8 @@ int sshkey_type_plain(int type) { switch (type) { - case KEY_RSA_CERT_V00: case KEY_RSA_CERT: return KEY_RSA; - case KEY_DSA_CERT_V00: case KEY_DSA_CERT: return KEY_DSA; case KEY_ECDSA_CERT: @@ -497,7 +477,6 @@ sshkey_new(int type) #ifdef WITH_OPENSSL case KEY_RSA1: case KEY_RSA: - case KEY_RSA_CERT_V00: case KEY_RSA_CERT: if ((rsa = RSA_new()) == NULL || (rsa->n = BN_new()) == NULL || @@ -510,7 +489,6 @@ sshkey_new(int type) k->rsa = rsa; break; case KEY_DSA: - case KEY_DSA_CERT_V00: case KEY_DSA_CERT: if ((dsa = DSA_new()) == NULL || (dsa->p = BN_new()) == NULL || @@ -558,7 +536,6 @@ sshkey_add_private(struct sshkey *k) #ifdef WITH_OPENSSL case KEY_RSA1: case KEY_RSA: - case KEY_RSA_CERT_V00: case KEY_RSA_CERT: #define bn_maybe_alloc_failed(p) (p == NULL && (p = BN_new()) == NULL) if (bn_maybe_alloc_failed(k->rsa->d) || @@ -570,7 +547,6 @@ sshkey_add_private(struct sshkey *k) return SSH_ERR_ALLOC_FAIL; break; case KEY_DSA: - case KEY_DSA_CERT_V00: case KEY_DSA_CERT: if (bn_maybe_alloc_failed(k->dsa->priv_key)) return SSH_ERR_ALLOC_FAIL; @@ -616,14 +592,12 @@ sshkey_free(struct sshkey *k) #ifdef WITH_OPENSSL case KEY_RSA1: case KEY_RSA: - case KEY_RSA_CERT_V00: case KEY_RSA_CERT: if (k->rsa != NULL) RSA_free(k->rsa); k->rsa = NULL; break; case KEY_DSA: - case KEY_DSA_CERT_V00: case KEY_DSA_CERT: if (k->dsa != NULL) DSA_free(k->dsa); @@ -695,13 +669,11 @@ sshkey_equal_public(const struct sshkey *a, const struct sshkey *b) switch (a->type) { #ifdef WITH_OPENSSL case KEY_RSA1: - case KEY_RSA_CERT_V00: case KEY_RSA_CERT: case KEY_RSA: return a->rsa != NULL && b->rsa != NULL && BN_cmp(a->rsa->e, b->rsa->e) == 0 && BN_cmp(a->rsa->n, b->rsa->n) == 0; - case KEY_DSA_CERT_V00: case KEY_DSA_CERT: case KEY_DSA: return a->dsa != NULL && b->dsa != NULL && @@ -772,8 +744,6 @@ to_blob_buf(const struct sshkey *key, struct sshbuf *b, int force_plain) switch (type) { #ifdef WITH_OPENSSL - case KEY_DSA_CERT_V00: - case KEY_RSA_CERT_V00: case KEY_DSA_CERT: case KEY_ECDSA_CERT: case KEY_RSA_CERT: @@ -1297,8 +1267,6 @@ sshkey_read(struct sshkey *ret, char **cpp) case KEY_DSA: case KEY_ECDSA: case KEY_ED25519: - case KEY_DSA_CERT_V00: - case KEY_RSA_CERT_V00: case KEY_DSA_CERT: case KEY_ECDSA_CERT: case KEY_RSA_CERT: @@ -1797,7 +1765,6 @@ sshkey_from_private(const struct sshkey *k, struct sshkey **pkp) switch (k->type) { #ifdef WITH_OPENSSL case KEY_DSA: - case KEY_DSA_CERT_V00: case KEY_DSA_CERT: if ((n = sshkey_new(k->type)) == NULL) return SSH_ERR_ALLOC_FAIL; @@ -1829,7 +1796,6 @@ sshkey_from_private(const struct sshkey *k, struct sshkey **pkp) # endif /* OPENSSL_HAS_ECC */ case KEY_RSA: case KEY_RSA1: - case KEY_RSA_CERT_V00: case KEY_RSA_CERT: if ((n = sshkey_new(k->type)) == NULL) return SSH_ERR_ALLOC_FAIL; @@ -1873,21 +1839,20 @@ cert_parse(struct sshbuf *b, struct sshkey *key, struct sshbuf *certbuf) u_char *sig = NULL; size_t signed_len = 0, slen = 0, kidlen = 0; int ret = SSH_ERR_INTERNAL_ERROR; - int v00 = sshkey_cert_is_legacy(key); /* Copy the entire key blob for verification and later serialisation */ if ((ret = sshbuf_putb(key->cert->certblob, certbuf)) != 0) return ret; - if ((!v00 && (ret = sshbuf_get_u64(b, &key->cert->serial)) != 0) || + /* Parse body of certificate up to signature */ + if ((ret = sshbuf_get_u64(b, &key->cert->serial)) != 0 || (ret = sshbuf_get_u32(b, &key->cert->type)) != 0 || (ret = sshbuf_get_cstring(b, &key->cert->key_id, &kidlen)) != 0 || (ret = sshbuf_froms(b, &principals)) != 0 || (ret = sshbuf_get_u64(b, &key->cert->valid_after)) != 0 || (ret = sshbuf_get_u64(b, &key->cert->valid_before)) != 0 || (ret = sshbuf_froms(b, &crit)) != 0 || - (!v00 && (ret = sshbuf_froms(b, &exts)) != 0) || - (v00 && (ret = sshbuf_get_string_direct(b, NULL, NULL)) != 0) || + (ret = sshbuf_froms(b, &exts)) != 0 || (ret = sshbuf_get_string_direct(b, NULL, NULL)) != 0 || (ret = sshbuf_froms(b, &ca)) != 0) { /* XXX debug print error for ret */ @@ -1924,9 +1889,8 @@ cert_parse(struct sshbuf *b, struct sshkey *key, struct sshbuf *certbuf) goto out; } oprincipals = key->cert->principals; - key->cert->principals = realloc(key->cert->principals, - (key->cert->nprincipals + 1) * - sizeof(*key->cert->principals)); + key->cert->principals = reallocarray(key->cert->principals, + key->cert->nprincipals + 1, sizeof(*key->cert->principals)); if (key->cert->principals == NULL) { free(principal); key->cert->principals = oprincipals; @@ -1947,7 +1911,6 @@ cert_parse(struct sshbuf *b, struct sshkey *key, struct sshbuf *certbuf) /* * Validate critical options and extensions sections format. - * NB. extensions are not present in v00 certs. */ while (sshbuf_len(crit) != 0) { if ((ret = sshbuf_get_string_direct(crit, NULL, NULL)) != 0 || @@ -2032,7 +1995,6 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, } /* FALLTHROUGH */ case KEY_RSA: - case KEY_RSA_CERT_V00: if ((key = sshkey_new(type)) == NULL) { ret = SSH_ERR_ALLOC_FAIL; goto out; @@ -2054,7 +2016,6 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, } /* FALLTHROUGH */ case KEY_DSA: - case KEY_DSA_CERT_V00: if ((key = sshkey_new(type)) == NULL) { ret = SSH_ERR_ALLOC_FAIL; goto out; @@ -2224,7 +2185,6 @@ sshkey_sign(const struct sshkey *key, return SSH_ERR_INVALID_ARGUMENT; switch (key->type) { #ifdef WITH_OPENSSL - case KEY_DSA_CERT_V00: case KEY_DSA_CERT: case KEY_DSA: return ssh_dss_sign(key, sigp, lenp, data, datalen, compat); @@ -2233,7 +2193,6 @@ sshkey_sign(const struct sshkey *key, case KEY_ECDSA: return ssh_ecdsa_sign(key, sigp, lenp, data, datalen, compat); # endif /* OPENSSL_HAS_ECC */ - case KEY_RSA_CERT_V00: case KEY_RSA_CERT: case KEY_RSA: return ssh_rsa_sign(key, sigp, lenp, data, datalen, compat); @@ -2258,7 +2217,6 @@ sshkey_verify(const struct sshkey *key, return SSH_ERR_INVALID_ARGUMENT; switch (key->type) { #ifdef WITH_OPENSSL - case KEY_DSA_CERT_V00: case KEY_DSA_CERT: case KEY_DSA: return ssh_dss_verify(key, sig, siglen, data, dlen, compat); @@ -2267,7 +2225,6 @@ sshkey_verify(const struct sshkey *key, case KEY_ECDSA: return ssh_ecdsa_verify(key, sig, siglen, data, dlen, compat); # endif /* OPENSSL_HAS_ECC */ - case KEY_RSA_CERT_V00: case KEY_RSA_CERT: case KEY_RSA: return ssh_rsa_verify(key, sig, siglen, data, dlen, compat); @@ -2303,7 +2260,6 @@ sshkey_demote(const struct sshkey *k, struct sshkey **dkp) switch (k->type) { #ifdef WITH_OPENSSL - case KEY_RSA_CERT_V00: case KEY_RSA_CERT: if ((ret = sshkey_cert_copy(k, pk)) != 0) goto fail; @@ -2317,7 +2273,6 @@ sshkey_demote(const struct sshkey *k, struct sshkey **dkp) goto fail; } break; - case KEY_DSA_CERT_V00: case KEY_DSA_CERT: if ((ret = sshkey_cert_copy(k, pk)) != 0) goto fail; @@ -2376,27 +2331,23 @@ sshkey_demote(const struct sshkey *k, struct sshkey **dkp) /* Convert a plain key to their _CERT equivalent */ int -sshkey_to_certified(struct sshkey *k, int legacy) +sshkey_to_certified(struct sshkey *k) { int newtype; switch (k->type) { #ifdef WITH_OPENSSL case KEY_RSA: - newtype = legacy ? KEY_RSA_CERT_V00 : KEY_RSA_CERT; + newtype = KEY_RSA_CERT; break; case KEY_DSA: - newtype = legacy ? KEY_DSA_CERT_V00 : KEY_DSA_CERT; + newtype = KEY_DSA_CERT; break; case KEY_ECDSA: - if (legacy) - return SSH_ERR_INVALID_ARGUMENT; newtype = KEY_ECDSA_CERT; break; #endif /* WITH_OPENSSL */ case KEY_ED25519: - if (legacy) - return SSH_ERR_INVALID_ARGUMENT; newtype = KEY_ED25519_CERT; break; default: @@ -2448,15 +2399,12 @@ sshkey_certify(struct sshkey *k, struct sshkey *ca) /* -v01 certs put nonce first */ arc4random_buf(&nonce, sizeof(nonce)); - if (!sshkey_cert_is_legacy(k)) { - if ((ret = sshbuf_put_string(cert, nonce, sizeof(nonce))) != 0) - goto out; - } + if ((ret = sshbuf_put_string(cert, nonce, sizeof(nonce))) != 0) + goto out; /* XXX this substantially duplicates to_blob(); refactor */ switch (k->type) { #ifdef WITH_OPENSSL - case KEY_DSA_CERT_V00: case KEY_DSA_CERT: if ((ret = sshbuf_put_bignum2(cert, k->dsa->p)) != 0 || (ret = sshbuf_put_bignum2(cert, k->dsa->q)) != 0 || @@ -2474,7 +2422,6 @@ sshkey_certify(struct sshkey *k, struct sshkey *ca) goto out; break; # endif /* OPENSSL_HAS_ECC */ - case KEY_RSA_CERT_V00: case KEY_RSA_CERT: if ((ret = sshbuf_put_bignum2(cert, k->rsa->e)) != 0 || (ret = sshbuf_put_bignum2(cert, k->rsa->n)) != 0) @@ -2491,13 +2438,8 @@ sshkey_certify(struct sshkey *k, struct sshkey *ca) goto out; } - /* -v01 certs have a serial number next */ - if (!sshkey_cert_is_legacy(k)) { - if ((ret = sshbuf_put_u64(cert, k->cert->serial)) != 0) - goto out; - } - - if ((ret = sshbuf_put_u32(cert, k->cert->type)) != 0 || + if ((ret = sshbuf_put_u64(cert, k->cert->serial)) != 0 || + (ret = sshbuf_put_u32(cert, k->cert->type)) != 0 || (ret = sshbuf_put_cstring(cert, k->cert->key_id)) != 0) goto out; @@ -2513,22 +2455,9 @@ sshkey_certify(struct sshkey *k, struct sshkey *ca) if ((ret = sshbuf_put_stringb(cert, principals)) != 0 || (ret = sshbuf_put_u64(cert, k->cert->valid_after)) != 0 || (ret = sshbuf_put_u64(cert, k->cert->valid_before)) != 0 || - (ret = sshbuf_put_stringb(cert, k->cert->critical)) != 0) - goto out; - - /* -v01 certs have non-critical options here */ - if (!sshkey_cert_is_legacy(k)) { - if ((ret = sshbuf_put_stringb(cert, k->cert->extensions)) != 0) - goto out; - } - - /* -v00 certs put the nonce at the end */ - if (sshkey_cert_is_legacy(k)) { - if ((ret = sshbuf_put_string(cert, nonce, sizeof(nonce))) != 0) - goto out; - } - - if ((ret = sshbuf_put_string(cert, NULL, 0)) != 0 || /* Reserved */ + (ret = sshbuf_put_stringb(cert, k->cert->critical)) != 0 || + (ret = sshbuf_put_stringb(cert, k->cert->extensions)) != 0 || + (ret = sshbuf_put_string(cert, NULL, 0)) != 0 || /* Reserved */ (ret = sshbuf_put_string(cert, ca_blob, ca_len)) != 0) goto out; @@ -2628,7 +2557,6 @@ sshkey_private_serialize(const struct sshkey *key, struct sshbuf *b) (r = sshbuf_put_bignum2(b, key->rsa->q)) != 0) goto out; break; - case KEY_RSA_CERT_V00: case KEY_RSA_CERT: if (key->cert == NULL || sshbuf_len(key->cert->certblob) == 0) { r = SSH_ERR_INVALID_ARGUMENT; @@ -2649,7 +2577,6 @@ sshkey_private_serialize(const struct sshkey *key, struct sshbuf *b) (r = sshbuf_put_bignum2(b, key->dsa->priv_key)) != 0) goto out; break; - case KEY_DSA_CERT_V00: case KEY_DSA_CERT: if (key->cert == NULL || sshbuf_len(key->cert->certblob) == 0) { r = SSH_ERR_INVALID_ARGUMENT; @@ -2740,7 +2667,6 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) (r = sshbuf_get_bignum2(buf, k->dsa->priv_key)) != 0) goto out; break; - case KEY_DSA_CERT_V00: case KEY_DSA_CERT: if ((r = sshkey_froms(buf, &k)) != 0 || (r = sshkey_add_private(k)) != 0 || @@ -2813,7 +2739,6 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) (r = rsa_generate_additional_parameters(k->rsa)) != 0) goto out; break; - case KEY_RSA_CERT_V00: case KEY_RSA_CERT: if ((r = sshkey_froms(buf, &k)) != 0 || (r = sshkey_add_private(k)) != 0 || @@ -2863,7 +2788,6 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) /* enable blinding */ switch (k->type) { case KEY_RSA: - case KEY_RSA_CERT_V00: case KEY_RSA_CERT: case KEY_RSA1: if (RSA_blinding_on(k->rsa, NULL) != 1) { diff --git a/sshkey.h b/sshkey.h index cdac0e25562..c8d3cddca59 100644 --- a/sshkey.h +++ b/sshkey.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.h,v 1.6 2015/05/21 04:55:51 djm Exp $ */ +/* $OpenBSD: sshkey.h,v 1.9 2015/08/04 05:23:06 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -62,8 +62,6 @@ enum sshkey_types { KEY_DSA_CERT, KEY_ECDSA_CERT, KEY_ED25519_CERT, - KEY_RSA_CERT_V00, - KEY_DSA_CERT_V00, KEY_UNSPEC }; @@ -137,13 +135,12 @@ int sshkey_type_from_name(const char *); int sshkey_is_cert(const struct sshkey *); int sshkey_type_is_cert(int); int sshkey_type_plain(int); -int sshkey_to_certified(struct sshkey *, int); +int sshkey_to_certified(struct sshkey *); int sshkey_drop_cert(struct sshkey *); int sshkey_certify(struct sshkey *, struct sshkey *); int sshkey_cert_copy(const struct sshkey *, struct sshkey *); int sshkey_cert_check_authority(const struct sshkey *, int, int, const char *, const char **); -int sshkey_cert_is_legacy(const struct sshkey *); int sshkey_ecdsa_nid_from_name(const char *); int sshkey_curve_name_to_nid(const char *); diff --git a/sshpty.c b/sshpty.c index 7bb76416370..15da8c64974 100644 --- a/sshpty.c +++ b/sshpty.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshpty.c,v 1.29 2014/09/03 18:55:07 djm Exp $ */ +/* $OpenBSD: sshpty.c,v 1.30 2015/07/30 23:09:15 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -197,7 +197,7 @@ pty_setowner(struct passwd *pw, const char *tty) /* Determine the group to make the owner of the tty. */ grp = getgrnam("tty"); gid = (grp != NULL) ? grp->gr_gid : pw->pw_gid; - mode = (grp != NULL) ? 0622 : 0600; + mode = (grp != NULL) ? 0620 : 0600; /* * Change owner and mode of the tty as required. diff --git a/version.h b/version.h index b58fbe1ebce..7a5dbc8a230 100644 --- a/version.h +++ b/version.h @@ -1,6 +1,6 @@ -/* $OpenBSD: version.h,v 1.73 2015/07/01 01:55:13 djm Exp $ */ +/* $OpenBSD: version.h,v 1.74 2015/08/02 09:56:42 djm Exp $ */ -#define SSH_VERSION "OpenSSH_6.9" +#define SSH_VERSION "OpenSSH_7.0" #define SSH_PORTABLE "p1" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE From a7a7e85cd3829fe5c5348d8fbd25e98c3b315b58 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= Date: Wed, 26 Aug 2015 09:27:05 +0000 Subject: [PATCH 002/154] Vendor import of OpenSSH 7.1p1. --- ChangeLog | 249 +++++++++++++++++------------------- README | 6 +- auth.c | 4 +- compat.c | 15 ++- contrib/README | 2 +- contrib/redhat/openssh.spec | 2 +- contrib/suse/openssh.spec | 2 +- dns.c | 4 +- mux.c | 6 +- packet.c | 6 +- sftp-server.c | 6 +- sftp.c | 6 +- ssh-keygen.0 | 6 +- ssh-keygen.1 | 8 +- ssh-keygen.c | 5 +- ssh-pkcs11-helper.c | 6 +- ssh_config.0 | 4 +- ssh_config.5 | 6 +- sshconnect.c | 4 +- sshd.c | 4 +- sshd_config.0 | 8 +- sshd_config.5 | 10 +- sshkey.c | 3 +- version.h | 4 +- 24 files changed, 191 insertions(+), 185 deletions(-) diff --git a/ChangeLog b/ChangeLog index ed050211565..0e0dd8787da 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,121 @@ +commit e91346dc2bbf460246df2ab591b7613908c1b0ad +Author: Damien Miller +Date: Fri Aug 21 14:49:03 2015 +1000 + + we don't use Github for issues/pull-requests + +commit a4f5b507c708cc3dc2c8dd2d02e4416d7514dc23 +Author: Damien Miller +Date: Fri Aug 21 14:43:55 2015 +1000 + + fix URL for connect.c + +commit d026a8d3da0f8186598442997c7d0a28e7275414 +Author: Damien Miller +Date: Fri Aug 21 13:47:10 2015 +1000 + + update version numbers for 7.1 + +commit 78f8f589f0ca1c9f41e5a9bae3cda5ce8a6b42ed +Author: djm@openbsd.org +Date: Fri Aug 21 03:45:26 2015 +0000 + + upstream commit + + openssh-7.1 + + Upstream-ID: ff7b1ef4b06caddfb45e08ba998128c88be3d73f + +commit 32a181980c62fce94f7f9ffaf6a79d90f0c309cf +Author: djm@openbsd.org +Date: Fri Aug 21 03:42:19 2015 +0000 + + upstream commit + + fix inverted logic that broke PermitRootLogin; reported + by Mantas Mikulenas; ok markus@ + + Upstream-ID: 260dd6a904c1bb7e43267e394b1c9cf70bdd5ea5 + +commit ce445b0ed927e45bd5bdce8f836eb353998dd65c +Author: deraadt@openbsd.org +Date: Thu Aug 20 22:32:42 2015 +0000 + + upstream commit + + Do not cast result of malloc/calloc/realloc* if stdlib.h + is in scope ok krw millert + + Upstream-ID: 5e50ded78cadf3841556649a16cc4b1cb6c58667 + +commit 05291e5288704d1a98bacda269eb5a0153599146 +Author: naddy@openbsd.org +Date: Thu Aug 20 19:20:06 2015 +0000 + + upstream commit + + In the certificates section, be consistent about using + "host_key" and "user_key" for the respective key types. ok sthen@ deraadt@ + + Upstream-ID: 9e037ea3b15577b238604c5533e082a3947f13cb + +commit 8543d4ef6f2e9f98c3e6b77c894ceec30c5e4ae4 +Author: djm@openbsd.org +Date: Wed Aug 19 23:21:42 2015 +0000 + + upstream commit + + Better compat matching for WinSCP, add compat matching + for FuTTY (fork of PuTTY); ok markus@ deraadt@ + + Upstream-ID: 24001d1ac115fa3260fbdc329a4b9aeb283c5389 + +commit ec6eda16ebab771aa3dfc90629b41953b999cb1e +Author: djm@openbsd.org +Date: Wed Aug 19 23:19:01 2015 +0000 + + upstream commit + + fix double-free() in error path of DSA key generation + reported by Mateusz Kocielski; ok markus@ + + Upstream-ID: 4735d8f888b10599a935fa1b374787089116713c + +commit 45b0eb752c94954a6de046bfaaf129e518ad4b5b +Author: djm@openbsd.org +Date: Wed Aug 19 23:18:26 2015 +0000 + + upstream commit + + fix free() of uninitialised pointer reported by Mateusz + Kocielski; ok markus@ + + Upstream-ID: 519552b050618501a06b7b023de5cb104e2c5663 + +commit c837643b93509a3ef538cb6624b678c5fe32ff79 +Author: djm@openbsd.org +Date: Wed Aug 19 23:17:51 2015 +0000 + + upstream commit + + fixed unlink([uninitialised memory]) reported by Mateusz + Kocielski; ok markus@ + + Upstream-ID: 14a0c4e7d891f5a8dabc4b89d4f6b7c0d5a20109 + +commit 1f8d3d629cd553031021068eb9c646a5f1e50994 +Author: jmc@openbsd.org +Date: Fri Aug 14 15:32:41 2015 +0000 + + upstream commit + + match myproposal.h order; from brian conway (i snuck in a + tweak while here) + + ok dtucker + + Upstream-ID: 35174a19b5237ea36aa3798f042bf5933b772c67 + commit 1dc8d93ce69d6565747eb44446ed117187621b26 Author: deraadt@openbsd.org Date: Thu Aug 6 14:53:21 2015 +0000 @@ -9013,134 +9131,3 @@ Date: Wed Aug 28 12:49:43 2013 +1000 - (djm) [openbsd-compat/bsd-snprintf.c] teach our local snprintf code the 'j' (intmax_t/uintmax_t) and 'z' (size_t/ssize_t) conversions in case we start to use them in the future. - -commit f2f6c315a920a256937e1b6a3702757f3195a592 -Author: Damien Miller -Date: Wed Aug 21 02:44:58 2013 +1000 - - - jmc@cvs.openbsd.org 2013/08/20 06:56:07 - [ssh.1 ssh_config.5] - some proxyusefdpass tweaks; - -commit 1262b6638f7d01ab110fd373dd90d915c882fe1a -Author: Damien Miller -Date: Wed Aug 21 02:44:24 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/20 00:11:38 - [readconf.c readconf.h ssh_config.5 sshconnect.c] - Add a ssh_config ProxyUseFDPass option that supports the use of - ProxyCommands that establish a connection and then pass a connected - file descriptor back to ssh(1). This allows the ProxyCommand to exit - rather than have to shuffle data back and forth and enables ssh to use - getpeername, etc. to obtain address information just like it does with - regular directly-connected sockets. ok markus@ - -commit b7727df37efde4dbe4f5a33b19cbf42022aabf66 -Author: Damien Miller -Date: Wed Aug 21 02:43:49 2013 +1000 - - - jmc@cvs.openbsd.org 2013/08/14 08:39:27 - [scp.1 ssh.1] - some Bx/Ox conversion; - From: Jan Stary - -commit d5d9d7b1fdacf0551de4c747728bd159be40590a -Author: Damien Miller -Date: Wed Aug 21 02:43:27 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/13 18:33:08 - [ssh-keygen.c] - another of the same typo - -commit d234afb0b3a8de1be78cbeafed5fc86912594c3c -Author: Damien Miller -Date: Wed Aug 21 02:42:58 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/13 18:32:08 - [ssh-keygen.c] - typo in error message; from Stephan Rickauer - -commit e0ee727b8281a7c2ae20630ce83f6b200b404059 -Author: Damien Miller -Date: Wed Aug 21 02:42:35 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/09 03:56:42 - [sftp.c] - enable ctrl-left-arrow and ctrl-right-arrow to move forward/back a word; - matching ksh's relatively recent change. - -commit fec029f1dc2c338f3fae3fa82aabc988dc07868c -Author: Damien Miller -Date: Wed Aug 21 02:42:12 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/09 03:39:13 - [sftp-client.c] - two problems found by a to-be-committed regress test: 1) msg_id was not - being initialised so was starting at a random value from the heap - (harmless, but confusing). 2) some error conditions were not being - propagated back to the caller - -commit 036d30743fc914089f9849ca52d615891d47e616 -Author: Damien Miller -Date: Wed Aug 21 02:41:46 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/09 03:37:25 - [sftp.c] - do getopt parsing for all sftp commands (with an empty optstring for - commands without arguments) to ensure consistent behaviour - -commit c7dba12bf95eb1d69711881a153cc286c1987663 -Author: Damien Miller -Date: Wed Aug 21 02:41:15 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/08 05:04:03 - [sftp-client.c sftp-client.h sftp.c] - add a "-l" flag for the rename command to force it to use the silly - standard SSH_FXP_RENAME command instead of the POSIX-rename- like - posix-rename@openssh.com extension. - - intended for use in regress tests, so no documentation. - -commit 034f27a0c09e69fe3589045b41f03f6e345b63f5 -Author: Damien Miller -Date: Wed Aug 21 02:40:44 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/08 04:52:04 - [sftp.c] - fix two year old regression: symlinking a file would incorrectly - canonicalise the target path. bz#2129 report from delphij AT freebsd.org - -commit c6895c5c67492144dd28589e5788f783be9152ed -Author: Damien Miller -Date: Wed Aug 21 02:40:21 2013 +1000 - - - jmc@cvs.openbsd.org 2013/08/07 06:24:51 - [sftp.1 sftp.c] - sort -a; - -commit a6d6c1f38ac9b4a5e1bd4df889e1020a8370ed55 -Author: Damien Miller -Date: Wed Aug 21 02:40:01 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/06 23:06:01 - [servconf.c] - add cast to avoid format warning; from portable - -commit eec840673bce3f69ad269672fba7ed8ff05f154f -Author: Damien Miller -Date: Wed Aug 21 02:39:39 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/06 23:05:01 - [sftp.1] - document top-level -a option (the -a option to 'get' was already - documented) - -commit 02e878070d0eddad4e11f2c82644b275418eb112 -Author: Damien Miller -Date: Wed Aug 21 02:38:51 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/06 23:03:49 - [sftp.c] - fix some whitespace at EOL - make list of commands an enum rather than a long list of defines - add -a to usage() diff --git a/README b/README index c566f7b1bd8..9bbd3bac2bc 100644 --- a/README +++ b/README @@ -1,4 +1,8 @@ -See http://www.openssh.com/txt/release-7.0 for the release notes. +See http://www.openssh.com/txt/release-7.1 for the release notes. + +Please read http://www.openssh.com/report.html for bug reporting +instructions and note that we do not use Github for bug reporting or +patch/pull-request management. - A Japanese translation of this document and of the OpenSSH FAQ is - available at http://www.unixuser.org/~haruyama/security/openssh/index.html diff --git a/auth.c b/auth.c index fc32f6c4bbc..214c2c70841 100644 --- a/auth.c +++ b/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.112 2015/08/06 14:53:21 deraadt Exp $ */ +/* $OpenBSD: auth.c,v 1.113 2015/08/21 03:42:19 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -354,7 +354,7 @@ auth_root_allowed(const char *method) case PERMIT_NO_PASSWD: if (strcmp(method, "publickey") == 0 || strcmp(method, "hostbased") == 0 || - strcmp(method, "gssapi-with-mic")) + strcmp(method, "gssapi-with-mic") == 0) return 1; break; case PERMIT_FORCED_ONLY: diff --git a/compat.c b/compat.c index eef5fbba5b6..55838044c49 100644 --- a/compat.c +++ b/compat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: compat.c,v 1.96 2015/07/28 23:20:42 djm Exp $ */ +/* $OpenBSD: compat.c,v 1.97 2015/08/19 23:21:42 djm Exp $ */ /* * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. * @@ -176,6 +176,7 @@ compat_datafellows(const char *version) "PuTTY_Release_0.63*," "PuTTY_Release_0.64*", SSH_OLD_DHGEX }, + { "FuTTY*", SSH_OLD_DHGEX }, /* Putty Fork */ { "Probe-*", SSH_BUG_PROBE }, { "TeraTerm SSH*," @@ -189,7 +190,17 @@ compat_datafellows(const char *version) "TTSSH/2.70*," "TTSSH/2.71*," "TTSSH/2.72*", SSH_BUG_HOSTKEYS }, - { "WinSCP*", SSH_OLD_DHGEX }, + { "WinSCP_release_4*," + "WinSCP_release_5.0*," + "WinSCP_release_5.1*," + "WinSCP_release_5.5*," + "WinSCP_release_5.6*," + "WinSCP_release_5.7," + "WinSCP_release_5.7.1," + "WinSCP_release_5.7.2," + "WinSCP_release_5.7.3," + "WinSCP_release_5.7.4", + SSH_OLD_DHGEX }, { NULL, 0 } }; diff --git a/contrib/README b/contrib/README index c0022386551..60e19ba9faa 100644 --- a/contrib/README +++ b/contrib/README @@ -11,7 +11,7 @@ which allows the use of outbound SSH from behind a SOCKS4, SOCKS5 or https CONNECT style proxy server. His page for connect.c has extensive documentation on its use as well as compiled versions for Win32. -http://www.taiyo.co.jp/~gotoh/ssh/connect.html +https://bitbucket.org/gotoh/connect/wiki/Home X11 SSH Askpass: diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index 5de78755505..5b27106fb10 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec @@ -1,4 +1,4 @@ -%define ver 7.0p1 +%define ver 7.1p1 %define rel 1 # OpenSSH privilege separation requires a user & group ID diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index dd9692da145..59689588282 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec @@ -13,7 +13,7 @@ Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation Name: openssh -Version: 7.0p1 +Version: 7.1p1 URL: http://www.openssh.com/ Release: 1 Source0: openssh-%{version}.tar.gz diff --git a/dns.c b/dns.c index f201b602e5f..e813afeae69 100644 --- a/dns.c +++ b/dns.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.c,v 1.34 2015/01/28 22:36:00 djm Exp $ */ +/* $OpenBSD: dns.c,v 1.35 2015/08/20 22:32:42 deraadt Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -154,7 +154,7 @@ dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type, *digest_len = rdata_len - 2; if (*digest_len > 0) { - *digest = (u_char *) xmalloc(*digest_len); + *digest = xmalloc(*digest_len); memcpy(*digest, rdata + 2, *digest_len); } else { *digest = (u_char *)xstrdup(""); diff --git a/mux.c b/mux.c index cdc01bd4fff..e6136fd28c2 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.53 2015/05/01 04:03:20 djm Exp $ */ +/* $OpenBSD: mux.c,v 1.54 2015/08/19 23:18:26 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -665,6 +665,8 @@ process_mux_open_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r) u_int lport, cport; int i, ret = 0, freefwd = 1; + memset(&fwd, 0, sizeof(fwd)); + /* XXX - lport/cport check redundant */ if (buffer_get_int_ret(&ftype, m) != 0 || (listen_addr = buffer_get_string_ret(m, NULL)) == NULL || @@ -832,6 +834,8 @@ process_mux_close_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r) int i, ret = 0; u_int lport, cport; + memset(&fwd, 0, sizeof(fwd)); + if (buffer_get_int_ret(&ftype, m) != 0 || (listen_addr = buffer_get_string_ret(m, NULL)) == NULL || buffer_get_int_ret(&lport, m) != 0 || diff --git a/packet.c b/packet.c index 6008c2d9465..01d3e297079 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.213 2015/07/29 04:43:06 djm Exp $ */ +/* $OpenBSD: packet.c,v 1.214 2015/08/20 22:32:42 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1272,7 +1272,7 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) DBG(debug("packet_read()")); - setp = (fd_set *)calloc(howmany(state->connection_in + 1, + setp = calloc(howmany(state->connection_in + 1, NFDBITS), sizeof(fd_mask)); if (setp == NULL) return SSH_ERR_ALLOC_FAIL; @@ -2036,7 +2036,7 @@ ssh_packet_write_wait(struct ssh *ssh) struct timeval start, timeout, *timeoutp = NULL; struct session_state *state = ssh->state; - setp = (fd_set *)calloc(howmany(state->connection_out + 1, + setp = calloc(howmany(state->connection_out + 1, NFDBITS), sizeof(fd_mask)); if (setp == NULL) return SSH_ERR_ALLOC_FAIL; diff --git a/sftp-server.c b/sftp-server.c index d1831bf8d8a..eac11d7e695 100644 --- a/sftp-server.c +++ b/sftp-server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-server.c,v 1.106 2015/04/24 01:36:01 deraadt Exp $ */ +/* $OpenBSD: sftp-server.c,v 1.107 2015/08/20 22:32:42 deraadt Exp $ */ /* * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. * @@ -1632,8 +1632,8 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) fatal("%s: sshbuf_new failed", __func__); set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask); - rset = (fd_set *)xmalloc(set_size); - wset = (fd_set *)xmalloc(set_size); + rset = xmalloc(set_size); + wset = xmalloc(set_size); if (homedir != NULL) { if (chdir(homedir) != 0) { diff --git a/sftp.c b/sftp.c index cb9b967edc9..788601a8d7f 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.170 2015/01/20 23:14:00 deraadt Exp $ */ +/* $OpenBSD: sftp.c,v 1.171 2015/08/20 22:32:42 deraadt Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -1958,7 +1958,7 @@ complete(EditLine *el, int ch) /* Figure out which argument the cursor points to */ cursor = lf->cursor - lf->buffer; - line = (char *)xmalloc(cursor + 1); + line = xmalloc(cursor + 1); memcpy(line, lf->buffer, cursor); line[cursor] = '\0'; argv = makeargv(line, &carg, 1, "e, &terminated); @@ -1966,7 +1966,7 @@ complete(EditLine *el, int ch) /* Get all the arguments on the line */ len = lf->lastchar - lf->buffer; - line = (char *)xmalloc(len + 1); + line = xmalloc(len + 1); memcpy(line, lf->buffer, len); line[len] = '\0'; argv = makeargv(line, &argc, 1, NULL, NULL); diff --git a/ssh-keygen.0 b/ssh-keygen.0 index a471a40559e..07a45b36b9b 100644 --- a/ssh-keygen.0 +++ b/ssh-keygen.0 @@ -426,7 +426,7 @@ CERTIFICATES providing the token library using -D and identifying the CA key by providing its public half as an argument to -s: - $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I key_id host_key.pub + $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I key_id user_key.pub In all cases, key_id is a "key identifier" that is logged by the server when the certificate is used for authentication. @@ -437,7 +437,7 @@ CERTIFICATES principals: $ ssh-keygen -s ca_key -I key_id -n user1,user2 user_key.pub - $ ssh-keygen -s ca_key -I key_id -h -n host.domain user_key.pub + $ ssh-keygen -s ca_key -I key_id -h -n host.domain host_key.pub Additional limitations on the validity and use of user certificates may be specified through certificate options. A certificate option may @@ -563,4 +563,4 @@ AUTHORS created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -OpenBSD 5.8 July 3, 2015 OpenBSD 5.8 +OpenBSD 5.8 August 20, 2015 OpenBSD 5.8 diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 8c3317be702..ed17a08fab2 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.126 2015/07/03 03:49:45 djm Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.127 2015/08/20 19:20:06 naddy Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: July 3 2015 $ +.Dd $Mdocdate: August 20 2015 $ .Dt SSH-KEYGEN 1 .Os .Sh NAME @@ -680,7 +680,7 @@ and identifying the CA key by providing its public half as an argument to .Fl s : .Pp -.Dl $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I key_id host_key.pub +.Dl $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I key_id user_key.pub .Pp In all cases, .Ar key_id @@ -693,7 +693,7 @@ By default, generated certificates are valid for all users or hosts. To generate a certificate for a specified set of principals: .Pp .Dl $ ssh-keygen -s ca_key -I key_id -n user1,user2 user_key.pub -.Dl "$ ssh-keygen -s ca_key -I key_id -h -n host.domain user_key.pub" +.Dl "$ ssh-keygen -s ca_key -I key_id -h -n host.domain host_key.pub" .Pp Additional limitations on the validity and use of user certificates may be specified through certificate options. diff --git a/ssh-keygen.c b/ssh-keygen.c index ea5f1e49e3d..4e0a8555434 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.276 2015/07/03 03:49:45 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.277 2015/08/19 23:17:51 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -1201,7 +1201,8 @@ do_known_hosts(struct passwd *pw, const char *name) exit(1); } else if (delete_host && !ctx.found_key) { logit("Host %s not found in %s", name, identity_file); - unlink(tmp); + if (inplace) + unlink(tmp); } else if (inplace) { /* Backup existing file */ if (unlink(old) == -1 && errno != ENOENT) diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c index ceabc8ba7fe..f2d58639547 100644 --- a/ssh-pkcs11-helper.c +++ b/ssh-pkcs11-helper.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11-helper.c,v 1.10 2015/01/20 23:14:00 deraadt Exp $ */ +/* $OpenBSD: ssh-pkcs11-helper.c,v 1.11 2015/08/20 22:32:42 deraadt Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * @@ -301,8 +301,8 @@ main(int argc, char **argv) buffer_init(&oqueue); set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask); - rset = (fd_set *)xmalloc(set_size); - wset = (fd_set *)xmalloc(set_size); + rset = xmalloc(set_size); + wset = xmalloc(set_size); for (;;) { memset(rset, 0, set_size); diff --git a/ssh_config.0 b/ssh_config.0 index 654807779d2..67133cd4d49 100644 --- a/ssh_config.0 +++ b/ssh_config.0 @@ -205,9 +205,9 @@ DESCRIPTION The default is: + chacha20-poly1305@openssh.com, aes128-ctr,aes192-ctr,aes256-ctr, aes128-gcm@openssh.com,aes256-gcm@openssh.com, - chacha20-poly1305@openssh.com, arcfour256,arcfour128, aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc, aes192-cbc,aes256-cbc,arcfour @@ -1023,4 +1023,4 @@ AUTHORS created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -OpenBSD 5.8 July 30, 2015 OpenBSD 5.8 +OpenBSD 5.8 August 14, 2015 OpenBSD 5.8 diff --git a/ssh_config.5 b/ssh_config.5 index 5b0975f87e2..a47f3ca9e3e 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.214 2015/07/30 00:01:34 djm Exp $ -.Dd $Mdocdate: July 30 2015 $ +.\" $OpenBSD: ssh_config.5,v 1.215 2015/08/14 15:32:41 jmc Exp $ +.Dd $Mdocdate: August 14 2015 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -415,9 +415,9 @@ chacha20-poly1305@openssh.com .Pp The default is: .Bd -literal -offset indent +chacha20-poly1305@openssh.com, aes128-ctr,aes192-ctr,aes256-ctr, aes128-gcm@openssh.com,aes256-gcm@openssh.com, -chacha20-poly1305@openssh.com, arcfour256,arcfour128, aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc, aes192-cbc,aes256-cbc,arcfour diff --git a/sshconnect.c b/sshconnect.c index f41960c5df8..17fbe39b007 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.262 2015/05/28 05:41:29 dtucker Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.263 2015/08/20 22:32:42 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -356,7 +356,7 @@ timeout_connect(int sockfd, const struct sockaddr *serv_addr, goto done; } - fdset = (fd_set *)xcalloc(howmany(sockfd + 1, NFDBITS), + fdset = xcalloc(howmany(sockfd + 1, NFDBITS), sizeof(fd_mask)); FD_SET(sockfd, fdset); ms_to_timeval(&tv, *timeoutp); diff --git a/sshd.c b/sshd.c index c7dd8cb7a06..65ef7e85070 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.457 2015/07/30 00:01:34 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.458 2015/08/20 22:32:42 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1253,7 +1253,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) sighup_restart(); if (fdset != NULL) free(fdset); - fdset = (fd_set *)xcalloc(howmany(maxfd + 1, NFDBITS), + fdset = xcalloc(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask)); for (i = 0; i < num_listen_socks; i++) diff --git a/sshd_config.0 b/sshd_config.0 index 1cc7459f87b..aae7fb6afae 100644 --- a/sshd_config.0 +++ b/sshd_config.0 @@ -286,9 +286,9 @@ DESCRIPTION The default is: + chacha20-poly1305@openssh.com, aes128-ctr,aes192-ctr,aes256-ctr, - aes128-gcm@openssh.com,aes256-gcm@openssh.com, - chacha20-poly1305@openssh.com + aes128-gcm@openssh.com,aes256-gcm@openssh.com The list of available ciphers may also be obtained using the -Q option of ssh(1) with an argument of M-bM-^@M-^\cipherM-bM-^@M-^]. @@ -927,7 +927,7 @@ DESCRIPTION If this option is set to M-bM-^@M-^\noM-bM-^@M-^] (the default) then only addresses and not host names may be used in ~/.ssh/known_hosts from and - sshd_config(5) Match Host directives. + sshd_config Match Host directives. UseLogin Specifies whether login(1) is used for interactive login @@ -1049,4 +1049,4 @@ AUTHORS versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support for privilege separation. -OpenBSD 5.8 August 6, 2015 OpenBSD 5.8 +OpenBSD 5.8 August 14, 2015 OpenBSD 5.8 diff --git a/sshd_config.5 b/sshd_config.5 index 58e277f958f..b18d340af67 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.210 2015/08/06 14:53:21 deraadt Exp $ -.Dd $Mdocdate: August 6 2015 $ +.\" $OpenBSD: sshd_config.5,v 1.211 2015/08/14 15:32:41 jmc Exp $ +.Dd $Mdocdate: August 14 2015 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -476,9 +476,9 @@ chacha20-poly1305@openssh.com .Pp The default is: .Bd -literal -offset indent +chacha20-poly1305@openssh.com, aes128-ctr,aes192-ctr,aes256-ctr, -aes128-gcm@openssh.com,aes256-gcm@openssh.com, -chacha20-poly1305@openssh.com +aes128-gcm@openssh.com,aes256-gcm@openssh.com .Ed .Pp The list of available ciphers may also be obtained using the @@ -1528,7 +1528,7 @@ If this option is set to .Pa ~/.ssh/known_hosts .Cm from and -.Xr sshd_config 5 +.Nm .Cm Match .Cm Host directives. diff --git a/sshkey.c b/sshkey.c index dbb16e2fd1b..32dd8f2254a 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.20 2015/07/03 03:43:18 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.21 2015/08/19 23:19:01 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -1556,7 +1556,6 @@ dsa_generate_private_key(u_int bits, DSA **dsap) *dsap = NULL; if (!DSA_generate_parameters_ex(private, bits, NULL, 0, NULL, NULL, NULL) || !DSA_generate_key(private)) { - DSA_free(private); ret = SSH_ERR_LIBCRYPTO_ERROR; goto out; } diff --git a/version.h b/version.h index 7a5dbc8a230..d917ca1f6cc 100644 --- a/version.h +++ b/version.h @@ -1,6 +1,6 @@ -/* $OpenBSD: version.h,v 1.74 2015/08/02 09:56:42 djm Exp $ */ +/* $OpenBSD: version.h,v 1.75 2015/08/21 03:45:26 djm Exp $ */ -#define SSH_VERSION "OpenSSH_7.0" +#define SSH_VERSION "OpenSSH_7.1" #define SSH_PORTABLE "p1" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE From 4cb2962809c63c51f6f7e029b95f2bdb622f1e4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= Date: Tue, 19 Jan 2016 10:10:58 +0000 Subject: [PATCH 003/154] Vendor import of OpenSSH 7.1p2. --- ChangeLog | 1684 ++--------------------------------- README | 2 +- bitmap.c | 2 +- contrib/redhat/openssh.spec | 2 +- contrib/suse/openssh.spec | 2 +- kex.c | 10 +- packet.c | 1 + readconf.c | 5 +- ssh.c | 3 - sshbuf-getput-crypto.c | 12 +- sshbuf-misc.c | 10 +- sshbuf.c | 12 +- sshd.c | 6 + version.h | 2 +- 14 files changed, 119 insertions(+), 1634 deletions(-) diff --git a/ChangeLog b/ChangeLog index 0e0dd8787da..35a1a76b146 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,86 @@ +commit c88ac102f0eb89f2eaa314cb2e2e0ca3c890c443 +Author: Damien Miller +Date: Thu Jan 14 11:08:19 2016 +1100 + + bump version numbers + +commit 302bc21e6fadacb04b665868cd69b625ef69df90 +Author: Damien Miller +Date: Thu Jan 14 11:04:04 2016 +1100 + + openssh-7.1p2 + +commit 6b33763242c063e4e0593877e835eeb1fd1b60aa +Author: Damien Miller +Date: Thu Jan 14 11:02:58 2016 +1100 + + forcibly disable roaming support in the client + +commit 34d364f0d2e1e30a444009f0e04299bb7c94ba13 +Author: djm@openbsd.org +Date: Mon Oct 5 17:11:21 2015 +0000 + + upstream commit + + some more bzero->explicit_bzero, from Michael McConville + + Upstream-ID: 17f19545685c33327db2efdc357c1c9225ff00d0 + +commit 8f5b93026797b9f7fba90d0c717570421ccebbd3 +Author: guenther@openbsd.org +Date: Fri Sep 11 08:50:04 2015 +0000 + + upstream commit + + Use explicit_bzero() when zeroing before free() + + from Michael McConville (mmcconv1 (at) sccs.swarthmore.edu) + ok millert@ djm@ + + Upstream-ID: 2e3337db046c3fe70c7369ee31515ac73ec00f50 + +commit d77148e3a3ef6c29b26ec74331455394581aa257 +Author: djm@openbsd.org +Date: Sun Nov 8 21:59:11 2015 +0000 + + upstream commit + + fix OOB read in packet code caused by missing return + statement found by Ben Hawkes; ok markus@ deraadt@ + + Upstream-ID: a3e3a85434ebfa0690d4879091959591f30efc62 + +commit 076d849e17ab12603627f87b301e2dca71bae518 +Author: Damien Miller +Date: Sat Nov 14 18:44:49 2015 +1100 + + read back from libcrypto RAND when privdropping + + makes certain libcrypto implementations cache a /dev/urandom fd + in preparation of sandboxing. Based on patch by Greg Hartman. + +commit f72adc0150011a28f177617a8456e1f83733099d +Author: djm@openbsd.org +Date: Sun Dec 13 22:42:23 2015 +0000 + + upstream commit + + unbreak connections with peers that set + first_kex_follows; fix from Matt Johnston va bz#2515 + + Upstream-ID: decc88ec4fc7515594fdb42b04aa03189a44184b + +commit 04bd8d019ccd906cac1a2b362517b8505f3759e6 +Author: djm@openbsd.org +Date: Tue Jan 12 23:42:54 2016 +0000 + + upstream commit + + use explicit_bzero() more liberally in the buffer code; ok + deraadt + + Upstream-ID: 0ece37069fd66bc6e4f55eb1321f93df372b65bf + commit e91346dc2bbf460246df2ab591b7613908c1b0ad Author: Damien Miller Date: Fri Aug 21 14:49:03 2015 +1000 @@ -7530,1604 +7613,3 @@ Date: Thu Jan 16 18:42:10 2014 +1100 [sftp-client.c] needless and incorrect cast to size_t can break resumption of large download; patch from tobias@ - -commit 91b580e4bec55118bf96ab3cdbe5a50839e75d0a -Author: Damien Miller -Date: Sun Jan 12 19:21:22 2014 +1100 - - - djm@cvs.openbsd.org 2014/01/12 08:13:13 - [bufaux.c buffer.h kex.c kex.h kexc25519.c kexc25519c.c kexc25519s.c] - [kexdhc.c kexdhs.c kexecdhc.c kexecdhs.c kexgexc.c kexgexs.c] - avoid use of OpenSSL BIGNUM type and functions for KEX with - Curve25519 by adding a buffer_put_bignum2_from_string() that stores - a string using the bignum encoding rules. Will make it easier to - build a reduced-feature OpenSSH without OpenSSL in the future; - ok markus@ - -commit af5d4481f4c7c8c3c746e68b961bb85ef907800e -Author: Damien Miller -Date: Sun Jan 12 19:20:47 2014 +1100 - - - djm@cvs.openbsd.org 2014/01/10 05:59:19 - [sshd_config] - the /etc/ssh/ssh_host_ed25519_key is loaded by default too - -commit 58cd63bc63038acddfb4051ed14e11179d8f4941 -Author: Damien Miller -Date: Fri Jan 10 10:59:24 2014 +1100 - - - djm@cvs.openbsd.org 2014/01/09 23:26:48 - [sshconnect.c sshd.c] - ban clients/servers that suffer from SSH_BUG_DERIVEKEY, they are ancient, - deranged and might make some attacks on KEX easier; ok markus@ - -commit b3051d01e505c9c2dc00faab472a0d06fa6b0e65 -Author: Damien Miller -Date: Fri Jan 10 10:58:53 2014 +1100 - - - djm@cvs.openbsd.org 2014/01/09 23:20:00 - [digest.c digest.h hostfile.c kex.c kex.h kexc25519.c kexc25519c.c] - [kexc25519s.c kexdh.c kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c] - [kexgexs.c key.c key.h roaming_client.c roaming_common.c schnorr.c] - [schnorr.h ssh-dss.c ssh-ecdsa.c ssh-rsa.c sshconnect2.c] - Introduce digest API and use it to perform all hashing operations - rather than calling OpenSSL EVP_Digest* directly. Will make it easier - to build a reduced-feature OpenSSH without OpenSSL in future; - feedback, ok markus@ - -commit e00e413dd16eb747fb2c15a099971d91c13cf70f -Author: Damien Miller -Date: Fri Jan 10 10:40:45 2014 +1100 - - - guenther@cvs.openbsd.org 2014/01/09 03:26:00 - [sftp-common.c] - When formating the time for "ls -l"-style output, show dates in the future - with the year, and rearrange a comparison to avoid a potentional signed - arithmetic overflow that would give the wrong result. - - ok djm@ - -commit 3e49853650448883685cfa32fa382d0ba6d51d48 -Author: Damien Miller -Date: Fri Jan 10 10:37:05 2014 +1100 - - - tedu@cvs.openbsd.org 2014/01/04 17:50:55 - [mac.c monitor_mm.c monitor_mm.h xmalloc.c] - use standard types and formats for size_t like variables. ok dtucker - -commit a9c1e500ef609795cbc662848edb1a1dca279c81 -Author: Damien Miller -Date: Wed Jan 8 16:13:12 2014 +1100 - - - (djm) [regress/.cvsignore] Ignore regress test droppings; ok dtucker@ - -commit 324541e5264e1489ca0babfaf2b39612eb80dfb3 -Author: Damien Miller -Date: Tue Dec 31 12:25:40 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/30 23:52:28 - [auth2-hostbased.c auth2-pubkey.c compat.c compat.h ssh-rsa.c] - [sshconnect.c sshconnect2.c sshd.c] - refuse RSA keys from old proprietary clients/servers that use the - obsolete RSA+MD5 signature scheme. it will still be possible to connect - with these clients/servers but only DSA keys will be accepted, and we'll - deprecate them entirely in a future release. ok markus@ - -commit 9f4c8e797ea002a883307ca906f1f1f815010e78 -Author: Damien Miller -Date: Sun Dec 29 17:57:46 2013 +1100 - - - (djm) [regress/Makefile] Add some generated files for cleaning - -commit 106bf1ca3c7a5fdc34f9fd7a1fe651ca53085bc5 -Author: Damien Miller -Date: Sun Dec 29 17:54:03 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/29 05:57:02 - [sshconnect.c] - when showing other hostkeys, don't forget Ed25519 keys - -commit 0fa47cfb32c239117632cab41e4db7d3e6de5e91 -Author: Damien Miller -Date: Sun Dec 29 17:53:39 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/29 05:42:16 - [ssh.c] - don't forget to load Ed25519 certs too - -commit b9a95490daa04cc307589897f95bfaff324ad2c9 -Author: Damien Miller -Date: Sun Dec 29 17:50:15 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/29 04:35:50 - [authfile.c] - don't refuse to load Ed25519 certificates - -commit f72cdde6e6fabc51d2a62f4e75b8b926d9d7ee89 -Author: Damien Miller -Date: Sun Dec 29 17:49:55 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/29 04:29:25 - [authfd.c] - allow deletion of ed25519 keys from the agent - -commit 29ace1cb68cc378a464c72c0fd67aa5f9acd6b5b -Author: Damien Miller -Date: Sun Dec 29 17:49:31 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/29 04:20:04 - [key.c] - to make sure we don't omit any key types as valid CA keys again, - factor the valid key type check into a key_type_is_valid_ca() - function - -commit 9de4fcdc5a9cff48d49a3e2f6194d3fb2d7ae34d -Author: Damien Miller -Date: Sun Dec 29 17:49:13 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/29 02:49:52 - [key.c] - correct comment for key_drop_cert() - -commit 5baeacf8a80f054af40731c6f92435f9164b8e02 -Author: Damien Miller -Date: Sun Dec 29 17:48:55 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/29 02:37:04 - [key.c] - correct comment for key_to_certified() - -commit 83f2fe26cb19330712c952eddbd3c0b621674adc -Author: Damien Miller -Date: Sun Dec 29 17:48:38 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/29 02:28:10 - [key.c] - allow ed25519 keys to appear as certificate authorities - -commit 06122e9a74bb488b0fe0a8f64e1135de870f9cc0 -Author: Damien Miller -Date: Sun Dec 29 17:48:15 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/27 22:37:18 - [ssh-rsa.c] - correct comment - -commit 3e19295c3a253c8dc8660cf45baad7f45fccb969 -Author: Damien Miller -Date: Sun Dec 29 17:47:50 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/27 22:30:17 - [ssh-dss.c ssh-ecdsa.c ssh-rsa.c] - make the original RSA and DSA signing/verification code look more like - the ECDSA/Ed25519 ones: use key_type_plain() when checking the key type - rather than tediously listing all variants, use __func__ for debug/ - error messages - -commit 137977180be6254639e2c90245763e6965f8d815 -Author: Damien Miller -Date: Sun Dec 29 17:47:14 2013 +1100 - - - tedu@cvs.openbsd.org 2013/12/21 07:10:47 - [ssh-keygen.1] - small typo - -commit 339a48fe7ffb3186d22bbaa9efbbc3a053e602fd -Author: Damien Miller -Date: Sun Dec 29 17:46:49 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/19 22:57:13 - [poly1305.c poly1305.h] - use full name for author, with his permission - -commit 0b36c83148976c7c8268f4f41497359e2fb26251 -Author: Damien Miller -Date: Sun Dec 29 17:45:51 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/19 01:19:41 - [ssh-agent.c] - bz#2186: don't crash (NULL deref) when deleting PKCS#11 keys from an agent - that has a mix of normal and PKCS#11 keys; fix from jay AT slushpupie.com; - ok dtucker - -commit 4def184e9b6c36be6d965a9705632fc4c0c2a8af -Author: Damien Miller -Date: Sun Dec 29 17:45:26 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/19 01:04:36 - [channels.c] - bz#2147: fix multiple remote forwardings with dynamically assigned - listen ports. In the s->c message to open the channel we were sending - zero (the magic number to request a dynamic port) instead of the actual - listen port. The client therefore had no way of discriminating between - them. - - Diagnosis and fix by ronf AT timeheart.net - -commit bf25d114e23a803f8feca8926281b1aaedb6191b -Author: Damien Miller -Date: Sun Dec 29 17:44:56 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/19 00:27:57 - [auth-options.c] - simplify freeing of source-address certificate restriction - -commit bb3dafe7024a5b4e851252e65ee35d45b965e4a8 -Author: Damien Miller -Date: Sun Dec 29 17:44:29 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/12/19 00:19:12 - [serverloop.c] - Cast client_alive_interval to u_int64_t before assinging to - max_time_milliseconds to avoid potential integer overflow in the timeout. - bz#2170, patch from Loganaden Velvindron, ok djm@ - -commit ef275ead3dcadde4db1efe7a0aa02b5e618ed40c -Author: Damien Miller -Date: Sun Dec 29 17:44:07 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/19 00:10:30 - [ssh-add.c] - skip requesting smartcard PIN when removing keys from agent; bz#2187 - patch from jay AT slushpupie.com; ok dtucker - -commit 7d97fd9a1cae778c3eacf16e09f5da3689d616c6 -Author: Damien Miller -Date: Sun Dec 29 17:40:18 2013 +1100 - - - (djm) [loginrec.c] Check for username truncation when looking up lastlog - entries - -commit 77244afe3b6d013b485e0952eaab89b9db83380f -Author: Darren Tucker -Date: Sat Dec 21 17:02:39 2013 +1100 - - 20131221 - - (dtucker) [regress/keytype.sh] Actually test ecdsa key types. - -commit 53f8e784dc431a82d31c9b0e95b144507f9330e9 -Author: Darren Tucker -Date: Thu Dec 19 11:31:44 2013 +1100 - - - (dtucker) [auth-pam.c] bz#2163: check return value from pam_get_item(). - Patch from Loganaden Velvindron. - -commit 1fcec9d4f265e38af248c4c845986ca8c174bd68 -Author: Darren Tucker -Date: Thu Dec 19 11:00:12 2013 +1100 - - - (dtucker) [configure.ac] bz#2178: Don't try to use BSM on Solaris versions - greater than 11 either rather than just 11. Patch from Tomas Kuthan. - -commit 6674eb9683afd1ea4eb35670b5e66815543a759e -Author: Damien Miller -Date: Wed Dec 18 17:50:39 2013 +1100 - - - markus@cvs.openbsd.org 2013/12/17 10:36:38 - [crypto_api.h] - I've assempled the header file by cut&pasting from generated headers - and the source files. - -commit d58a5964426ee014384d67d775d16712e93057f3 -Author: Damien Miller -Date: Wed Dec 18 17:50:13 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/15 21:42:35 - [cipher-chachapoly.c] - add some comments and constify a constant - -commit 059321d19af24d87420de3193f79dfab23556078 -Author: Damien Miller -Date: Wed Dec 18 17:49:48 2013 +1100 - - - pascal@cvs.openbsd.org 2013/12/15 18:17:26 - [ssh-add.c] - Make ssh-add also add .ssh/id_ed25519; fixes lie in manual page. - ok markus@ - -commit 155b5a5bf158767f989215479ded2a57f331e1c6 -Author: Damien Miller -Date: Wed Dec 18 17:48:32 2013 +1100 - - - markus@cvs.openbsd.org 2013/12/09 11:08:17 - [crypto_api.h] - remove unused defines - -commit 8a56dc2b6b48b05590810e7f4c3567508410000c -Author: Damien Miller -Date: Wed Dec 18 17:48:11 2013 +1100 - - - markus@cvs.openbsd.org 2013/12/09 11:03:45 - [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h] - [ge25519_base.data hash.c sc25519.c sc25519.h verify.c] - Add Authors for the public domain ed25519/nacl code. - see also http://nacl.cr.yp.to/features.html - All of the NaCl software is in the public domain. - and http://ed25519.cr.yp.to/software.html - The Ed25519 software is in the public domain. - -commit 6575c3acf31fca117352f31f37b16ae46e664837 -Author: Damien Miller -Date: Wed Dec 18 17:47:02 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/12/08 09:53:27 - [sshd_config.5] - Use a literal for the default value of KEXAlgorithms. ok deraadt jmc - -commit 8ba0ead6985ea14999265136b14ffd5aeec516f9 -Author: Damien Miller -Date: Wed Dec 18 17:46:27 2013 +1100 - - - naddy@cvs.openbsd.org 2013/12/07 11:58:46 - [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8 ssh.1] - [ssh_config.5 sshd.8 sshd_config.5] - add missing mentions of ed25519; ok djm@ - -commit 4f752cf71cf44bf4bc777541156c2bf56daf9ce9 -Author: Damien Miller -Date: Wed Dec 18 17:45:35 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/07 08:08:26 - [ssh-keygen.1] - document -a and -o wrt new key format - -commit 6d6fcd14e23a9053198342bb379815b15e504084 -Author: Damien Miller -Date: Sun Dec 8 15:53:28 2013 +1100 - - - (djm) [Makefile.in regress/Makefile regress/agent-ptrace.sh] - [regress/setuid-allowed.c] Check that ssh-agent is not on a no-setuid - filesystem before running agent-ptrace.sh; ok dtucker - -commit 7e6e42fb532c7dafd7078ef5e9e2d3e47fcf6752 -Author: Damien Miller -Date: Sun Dec 8 08:23:08 2013 +1100 - - - (djm) [openbsd-compat/bsd-setres_id.c] Missing header; from Corinna - Vinschen - -commit da3ca351b49d52ae85db2e3998265dc3c6617068 -Author: Damien Miller -Date: Sat Dec 7 21:43:46 2013 +1100 - - - (djm) [Makefile.in] PATHSUBS and keygen bits for Ed25519; from - Loganaden Velvindron @ AfriNIC in bz#2179 - -commit eb401585bb8336cbf81fe4fc58eb9f7cac3ab874 -Author: Damien Miller -Date: Sat Dec 7 17:07:15 2013 +1100 - - - (djm) [regress/cert-hostkey.sh] Fix merge botch - -commit f54542af3ad07532188b10136ae302314ec69ed6 -Author: Damien Miller -Date: Sat Dec 7 16:32:44 2013 +1100 - - - markus@cvs.openbsd.org 2013/12/06 13:52:46 - [regress/Makefile regress/agent.sh regress/cert-hostkey.sh] - [regress/cert-userkey.sh regress/keytype.sh] - test ed25519 support; from djm@ - -commit f104da263de995f66b6861b4f3368264ee483d7f -Author: Damien Miller -Date: Sat Dec 7 12:37:53 2013 +1100 - - - (djm) [ed25519.c ssh-ed25519.c openbsd-compat/Makefile.in] - [openbsd-compat/bcrypt_pbkdf.c] Make ed25519/new key format compile on - Linux - -commit 1ff130dac9b7aea0628f4ad30683431fe35e0020 -Author: Damien Miller -Date: Sat Dec 7 11:51:51 2013 +1100 - - - [configure.ac openbsd-compat/Makefile.in openbsd-compat/bcrypt_pbkdf.c] - [openbsd-compat/blf.h openbsd-compat/blowfish.c] - [openbsd-compat/openbsd-compat.h] Start at supporting bcrypt_pbkdf in - portable. - -commit 4260828a2958ebe8c96f66d8301dac53f4cde556 -Author: Damien Miller -Date: Sat Dec 7 11:38:03 2013 +1100 - - - [authfile.c] Conditionalise inclusion of util.h - -commit a913442bac8a26fd296a3add51293f8f6f9b3b4c -Author: Damien Miller -Date: Sat Dec 7 11:35:36 2013 +1100 - - - [Makefile.in] Add ed25519 sources - -commit ca570a519cb846da61d002c7f46fa92e39c83e45 -Author: Damien Miller -Date: Sat Dec 7 11:29:09 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/07 00:19:15 - [key.c] - set k->cert = NULL after freeing it - -commit 3cccc0e155229a2f2d86b6df40bd4559b4f960ff -Author: Damien Miller -Date: Sat Dec 7 11:27:47 2013 +1100 - - - [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h] - [ge25519_base.data hash.c sc25519.c sc25519.h verify.c] Fix RCS idents - -commit a7827c11b3f0380b7e593664bd62013ff9c131db -Author: Damien Miller -Date: Sat Dec 7 11:24:30 2013 +1100 - - - jmc@cvs.openbsd.org 2013/12/06 15:29:07 - [sshd.8] - missing comma; - -commit 5be9d9e3cbd9c66f24745d25bf2e809c1d158ee0 -Author: Damien Miller -Date: Sat Dec 7 11:24:01 2013 +1100 - - - markus@cvs.openbsd.org 2013/12/06 13:39:49 - [authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c] - [servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c] - [ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c] - [sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c] - [fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c] - support ed25519 keys (hostkeys and user identities) using the public - domain ed25519 reference code from SUPERCOP, see - http://ed25519.cr.yp.to/software.html - feedback, help & ok djm@ - -commit bcd00abd8451f36142ae2ee10cc657202149201e -Author: Damien Miller -Date: Sat Dec 7 10:41:55 2013 +1100 - - - markus@cvs.openbsd.org 2013/12/06 13:34:54 - [authfile.c authfile.h cipher.c cipher.h key.c packet.c ssh-agent.c] - [ssh-keygen.c PROTOCOL.key] new private key format, bcrypt as KDF by - default; details in PROTOCOL.key; feedback and lots help from djm; - ok djm@ - -commit f0e9060d236c0e38bec2fa1c6579fb0a2ea6458d -Author: Damien Miller -Date: Sat Dec 7 10:40:26 2013 +1100 - - - markus@cvs.openbsd.org 2013/12/06 13:30:08 - [authfd.c key.c key.h ssh-agent.c] - move private key (de)serialization to key.c; ok djm - -commit 0f8536da23a6ef26e6495177c0d8a4242b710289 -Author: Damien Miller -Date: Sat Dec 7 10:31:37 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/06 03:40:51 - [ssh-keygen.c] - remove duplicated character ('g') in getopt() string; - document the (few) remaining option characters so we don't have to - rummage next time. - -commit 393920745fd328d3fe07f739a3cf7e1e6db45b60 -Author: Damien Miller -Date: Sat Dec 7 10:31:08 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/05 22:59:45 - [sftp-client.c] - fix memory leak in error path in do_readdir(); pointed out by - Loganaden Velvindron @ AfriNIC in bz#2163 - -commit 534b2ccadea5e5e9a8b27226e6faac3ed5552e97 -Author: Damien Miller -Date: Thu Dec 5 14:07:27 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/05 01:16:41 - [servconf.c servconf.h] - bz#2161 - fix AuthorizedKeysCommand inside a Match block and - rearrange things so the same error is harder to make next time; - with and ok dtucker@ - -commit 8369c8e61a3408ec6bb75755fad4ffce29b5fdbe -Author: Darren Tucker -Date: Thu Dec 5 11:00:16 2013 +1100 - - - (dtucker) [configure.ac] bz#2173: use pkg-config --libs to include correct - -L location for libedit. Patch from Serge van den Boom. - -commit 9275df3e0a2a3bc3897f7d664ea86a425c8a092d -Author: Damien Miller -Date: Thu Dec 5 10:26:32 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/04 04:20:01 - [sftp-client.c] - bz#2171: don't leak local_fd on error; from Loganaden Velvindron @ - AfriNIC - -commit 960f6a2b5254e4da082d8aa3700302ed12dc769a -Author: Damien Miller -Date: Thu Dec 5 10:26:14 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/02 03:13:14 - [cipher.c] - correct bzero of chacha20+poly1305 key context. bz#2177 from - Loganaden Velvindron @ AfriNIC - - Also make it a memset for consistency with the rest of cipher.c - -commit f7e8a8796d661c9d6692ab837e1effd4f5ada1c2 -Author: Damien Miller -Date: Thu Dec 5 10:25:51 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/02 03:09:22 - [key.c] - make key_to_blob() return a NULL blob on failure; part of - bz#2175 from Loganaden Velvindron @ AfriNIC - -commit f1e44ea9d9a6d4c1a95a0024132e603bd1778c9c -Author: Damien Miller -Date: Thu Dec 5 10:23:21 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/02 02:56:17 - [ssh-pkcs11-helper.c] - use-after-free; bz#2175 patch from Loganaden Velvindron @ AfriNIC - -commit 114e540b15d57618f9ebf624264298f80bbd8c77 -Author: Damien Miller -Date: Thu Dec 5 10:22:57 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/02 02:50:27 - [PROTOCOL.chacha20poly1305] - typo; from Jon Cave - -commit e4870c090629e32f2cb649dc16d575eeb693f4a8 -Author: Damien Miller -Date: Thu Dec 5 10:22:39 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/01 23:19:05 - [PROTOCOL] - mention curve25519-sha256@libssh.org key exchange algorithm - -commit 1d2f8804a6d33a4e908b876b2e1266b8260ec76b -Author: Damien Miller -Date: Thu Dec 5 10:22:03 2013 +1100 - - - deraadt@cvs.openbsd.org 2013/11/26 19:15:09 - [pkcs11.h] - cleanup 1 << 31 idioms. Resurrection of this issue pointed out by - Eitan Adler ok markus for ssh, implies same change in kerberosV - -commit bdb352a54f82df94a548e3874b22f2d6ae90328d -Author: Damien Miller -Date: Thu Dec 5 10:20:52 2013 +1100 - - - jmc@cvs.openbsd.org 2013/11/26 12:14:54 - [ssh.1 ssh.c] - - put -Q in the right place - - Ar was a poor choice for the arguments to -Q. i've chosen an - admittedly equally poor Cm, at least consistent with the rest - of the docs. also no need for multiple instances - - zap a now redundant Nm - - usage() sync - -commit d937dc084a087090f1cf5395822c3ac958d33759 -Author: Damien Miller -Date: Thu Dec 5 10:19:54 2013 +1100 - - - deraadt@cvs.openbsd.org 2013/11/25 18:04:21 - [ssh.1 ssh.c] - improve -Q usage and such. One usage change is that the option is now - case-sensitive - ok dtucker markus djm - -commit dec0393f7ee8aabc7d9d0fc2c5fddb4bc649112e -Author: Damien Miller -Date: Thu Dec 5 10:18:43 2013 +1100 - - - jmc@cvs.openbsd.org 2013/11/21 08:05:09 - [ssh_config.5 sshd_config.5] - no need for .Pp before displays; - -commit 8a073cf57940aabf85e49799f89f5d5e9b072c1b -Author: Damien Miller -Date: Thu Nov 21 14:26:18 2013 +1100 - - - djm@cvs.openbsd.org 2013/11/21 03:18:51 - [regress/cipher-speed.sh regress/integrity.sh regress/rekey.sh] - [regress/try-ciphers.sh] - use new "ssh -Q cipher-auth" query to obtain lists of authenticated - encryption ciphers instead of specifying them manually; ensures that - the new chacha20poly1305@openssh.com mode is tested; - - ok markus@ and naddy@ as part of the diff to add - chacha20poly1305@openssh.com - -commit ea61b2179f63d48968dd2c9617621002bb658bfe -Author: Damien Miller -Date: Thu Nov 21 14:25:15 2013 +1100 - - - djm@cvs.openbsd.org 2013/11/21 03:16:47 - [regress/modpipe.c] - use unsigned long long instead of u_int64_t here to avoid warnings - on some systems portable OpenSSH is built on. - -commit 36aba25b0409d2db6afc84d54bc47a2532d38424 -Author: Damien Miller -Date: Thu Nov 21 14:24:42 2013 +1100 - - - djm@cvs.openbsd.org 2013/11/21 03:15:46 - [regress/krl.sh] - add some reminders for additional tests that I'd like to implement - -commit fa7a20bc289f09b334808d988746bc260a2f60c9 -Author: Damien Miller -Date: Thu Nov 21 14:24:08 2013 +1100 - - - naddy@cvs.openbsd.org 2013/11/18 05:09:32 - [regress/forward-control.sh] - bump timeout to 10 seconds to allow slow machines (e.g. Alpha PC164) - to successfully run this; ok djm@ - (ID sync only; our timeouts are already longer) - -commit 0fde8acdad78a4d20cadae974376cc0165f645ee -Author: Damien Miller -Date: Thu Nov 21 14:12:23 2013 +1100 - - - djm@cvs.openbsd.org 2013/11/21 00:45:44 - [Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c] - [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h] - [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1] - [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport - cipher "chacha20-poly1305@openssh.com" that combines Daniel - Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an - authenticated encryption mode. - - Inspired by and similar to Adam Langley's proposal for TLS: - http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 - but differs in layout used for the MAC calculation and the use of a - second ChaCha20 instance to separately encrypt packet lengths. - Details are in the PROTOCOL.chacha20poly1305 file. - - Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC - ok markus@ naddy@ - -commit fdb2306acdc3eb2bc46b6dfdaaf6005c650af22a -Author: Damien Miller -Date: Thu Nov 21 13:57:15 2013 +1100 - - - deraadt@cvs.openbsd.org 2013/11/20 20:54:10 - [canohost.c clientloop.c match.c readconf.c sftp.c] - unsigned casts for ctype macros where neccessary - ok guenther millert markus - -commit e00167307e4d3692695441e9bd712f25950cb894 -Author: Damien Miller -Date: Thu Nov 21 13:56:49 2013 +1100 - - - deraadt@cvs.openbsd.org 2013/11/20 20:53:10 - [scp.c] - unsigned casts for ctype macros where neccessary - ok guenther millert markus - -commit 23e00aa6ba9eee0e0c218f2026bf405ad4625832 -Author: Damien Miller -Date: Thu Nov 21 13:56:28 2013 +1100 - - - djm@cvs.openbsd.org 2013/11/20 02:19:01 - [sshd.c] - delay closure of in/out fds until after "Bad protocol version - identification..." message, as get_remote_ipaddr/get_remote_port - require them open. - -commit 867e6934be6521f87f04a5ab86702e2d1b314245 -Author: Damien Miller -Date: Thu Nov 21 13:56:06 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/13 13:48:20 - [ssh-pkcs11.c] - add missing braces found by pedro - -commit 0600c7020f4fe68a780bd7cf21ff541a8d4b568a -Author: Damien Miller -Date: Thu Nov 21 13:55:43 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/08 11:15:19 - [bufaux.c bufbn.c buffer.c sftp-client.c sftp-common.c sftp-glob.c] - [uidswap.c] Include stdlib.h for free() as per the man page. - -commit b6a75b0b93b8faa6f79c3a395ab6c71f3f880b80 -Author: Darren Tucker -Date: Sun Nov 10 20:25:22 2013 +1100 - - - (dtucker) [regress/keytype.sh] Populate ECDSA key types to be tested by - querying the ones that are compiled in. - -commit 2c89430119367eb1bc96ea5ee55de83357e4c926 -Author: Darren Tucker -Date: Sun Nov 10 12:38:42 2013 +1100 - - - (dtucker) [key.c] Check for the correct defines for NID_secp521r1. - -commit dd5264db5f641dbd03186f9e5e83e4b14b3d0003 -Author: Darren Tucker -Date: Sat Nov 9 22:32:51 2013 +1100 - - - (dtucker) [configure.ac] Add missing "test". - -commit 95cb2d4eb08117be061f3ff076adef3e9a5372c3 -Author: Darren Tucker -Date: Sat Nov 9 22:02:31 2013 +1100 - - - (dtucker) [configure.ac] Fix brackets in NID_secp521r1 test. - -commit 37bcef51b3d9d496caecea6394814d2f49a1357f -Author: Darren Tucker -Date: Sat Nov 9 18:39:25 2013 +1100 - - - (dtucker) [configure.ac kex.c key.c myproposal.h] Test for the presence of - NID_X9_62_prime256v1, NID_secp384r1 and NID_secp521r1 and test that the - latter actually works before using it. Fedora (at least) has NID_secp521r1 - that doesn't work (see https://bugzilla.redhat.com/show_bug.cgi?id=1021897). - -commit 6e2fe81f926d995bae4be4a6b5b3c88c1c525187 -Author: Darren Tucker -Date: Sat Nov 9 16:55:03 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/09 05:41:34 - [regress/test-exec.sh regress/rekey.sh] - Use smaller test data files to speed up tests. Grow test datafiles - where necessary for a specific test. - -commit aff7ef1bb8b7c1eeb1f4812129091c5adbf51848 -Author: Darren Tucker -Date: Sat Nov 9 00:19:22 2013 +1100 - - - (dtucker) [contrib/cygwin/ssh-host-config] Simplify host key generation: - rather than testing and generating each key, call ssh-keygen -A. - Patch from vinschen at redhat.com. - -commit 882abfd3fb3c98cfe70b4fc79224770468b570a5 -Author: Darren Tucker -Date: Sat Nov 9 00:17:41 2013 +1100 - - - (dtucker) [Makefile.in configure.ac] Set MALLOC_OPTIONS per platform - and pass in TEST_ENV. Unknown options cause stderr to get polluted - and the stderr-data test to fail. - -commit 8c333ec23bdf7da917aa20ac6803a2cdd79182c5 -Author: Darren Tucker -Date: Fri Nov 8 21:12:58 2013 +1100 - - - (dtucker) [openbsd-compat/bsd-poll.c] Add headers to prevent compile - warnings. - -commit d94240b2f6b376b6e9de187e4a0cd4b89dfc48cb -Author: Darren Tucker -Date: Fri Nov 8 21:10:04 2013 +1100 - - - (dtucker) [myproposal.h] Conditionally enable CURVE25519_SHA256. - -commit 1c8ce34909886288a3932dce770deec5449f7bb5 -Author: Darren Tucker -Date: Fri Nov 8 19:50:32 2013 +1100 - - - (dtucker) [kex.c] Only enable CURVE25519_SHA256 if we actually have - EVP_sha256. - -commit ccdb9bec46bcc88549b26a94aa0bae2b9f51031c -Author: Darren Tucker -Date: Fri Nov 8 18:54:38 2013 +1100 - - - (dtucker) [openbsd-compat/openbsd-compat.h] Add null implementation of - arc4random_stir for platforms that have arc4random but don't have - arc4random_stir (right now this is only OpenBSD -current). - -commit 3420a50169b52cc8d2775d51316f9f866c73398f -Author: Damien Miller -Date: Fri Nov 8 16:48:13 2013 +1100 - - - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] - [contrib/suse/openssh.spec] Update version numbers following release. - -commit 3ac4a234df842fd8c94d9cb0ad198e1fe84b895b -Author: Damien Miller -Date: Fri Nov 8 12:39:49 2013 +1100 - - - djm@cvs.openbsd.org 2013/11/08 01:38:11 - [version.h] - openssh-6.4 - -commit 6c81fee693038de7d4a5559043350391db2a2761 -Author: Damien Miller -Date: Fri Nov 8 12:19:55 2013 +1100 - - - djm@cvs.openbsd.org 2013/11/08 00:39:15 - [auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c] - [clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c] - [sftp-client.c sftp-glob.c] - use calloc for all structure allocations; from markus@ - -commit 690d989008e18af3603a5e03f1276c9bad090370 -Author: Damien Miller -Date: Fri Nov 8 12:16:49 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/07 11:58:27 - [cipher.c cipher.h kex.c kex.h mac.c mac.h servconf.c ssh.c] - Output the effective values of Ciphers, MACs and KexAlgorithms when - the default has not been overridden. ok markus@ - -commit 08998c5fb9c7c1d248caa73b76e02ca0482e6d85 -Author: Darren Tucker -Date: Fri Nov 8 12:11:46 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/08 01:06:14 - [regress/rekey.sh] - Rekey less frequently during tests to speed them up - -commit 4bf7e50e533aa956366df7402c132f202e841a48 -Author: Darren Tucker -Date: Thu Nov 7 22:33:48 2013 +1100 - - - (dtucker) [Makefile.in configure.ac] Remove TEST_SSH_SHA256 environment - variable. It's no longer used now that we get the supported MACs from - ssh -Q. - -commit 6e9d6f411288374d1dee4b7debbfa90bc7e73035 -Author: Darren Tucker -Date: Thu Nov 7 15:32:37 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/07 04:26:56 - [regress/kextype.sh] - trailing space - -commit 74cbc22529f3e5de756e1b7677b7624efb28f62c -Author: Darren Tucker -Date: Thu Nov 7 15:26:12 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/07 03:55:41 - [regress/kextype.sh] - Use ssh -Q to get kex types instead of a static list. - -commit a955041c930e63405159ff7d25ef14272f36eab3 -Author: Darren Tucker -Date: Thu Nov 7 15:21:19 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/07 02:48:38 - [regress/integrity.sh regress/cipher-speed.sh regress/try-ciphers.sh] - Use ssh -Q instead of hardcoding lists of ciphers or MACs. - -commit 06595d639577577bc15d359e037a31eb83563269 -Author: Darren Tucker -Date: Thu Nov 7 15:08:02 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/07 01:12:51 - [regress/rekey.sh] - Factor out the data transfer rekey tests - -commit 651dc8b2592202dac6b16ee3b82ce5b331be7da3 -Author: Darren Tucker -Date: Thu Nov 7 15:04:44 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/07 00:12:05 - [regress/rekey.sh] - Test rekeying for every Cipher, MAC and KEX, plus test every KEX with - the GCM ciphers. - -commit 234557762ba1096a867ca6ebdec07efebddb5153 -Author: Darren Tucker -Date: Thu Nov 7 15:00:51 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/04 12:27:42 - [regress/rekey.sh] - Test rekeying with all KexAlgorithms. - -commit bbfb9b0f386aab0c3e19d11f136199ef1b9ad0ef -Author: Darren Tucker -Date: Thu Nov 7 14:56:43 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/02 22:39:53 - [regress/kextype.sh] - add curve25519-sha256@libssh.org - -commit aa19548a98c0f89283ebd7354abd746ca6bc4fdf -Author: Darren Tucker -Date: Thu Nov 7 14:50:09 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/09 23:44:14 - [regress/Makefile] (ID sync only) - regression test for sftp request white/blacklisting and readonly mode. - -commit c8908aabff252f5da772d4e679479c2b7d18cac1 -Author: Damien Miller -Date: Thu Nov 7 13:38:35 2013 +1100 - - - djm@cvs.openbsd.org 2013/11/06 23:05:59 - [ssh-pkcs11.c] - from portable: s/true/true_val/ to avoid name collisions on dump platforms - RCSID sync only - -commit 49c145c5e89b9d7d48e84328d6347d5ad640b567 -Author: Damien Miller -Date: Thu Nov 7 13:35:39 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/06 16:52:11 - [monitor_wrap.c] - fix rekeying for AES-GCM modes; ok deraadt - -commit 67a8800f290b39fd60e379988c700656ae3f2539 -Author: Damien Miller -Date: Thu Nov 7 13:32:51 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/04 11:51:16 - [monitor.c] - fix rekeying for KEX_C25519_SHA256; noted by dtucker@ - RCSID sync only; I thought this was a merge botch and fixed it already - -commit df8b030b15fcec7baf38ec7944f309f9ca8cc9a7 -Author: Damien Miller -Date: Thu Nov 7 13:28:16 2013 +1100 - - - (djm) [configure.ac defines.h] Skip arc4random_stir() calls on platforms - that lack it but have arc4random_uniform() - -commit a6fd1d3c38a562709374a70fa76423859160aa90 -Author: Damien Miller -Date: Thu Nov 7 12:03:26 2013 +1100 - - - (djm) [regress/modpipe.c regress/rekey.sh] Never intended to commit these - -commit c98319750b0bbdd0d1794420ec97d65dd9244613 -Author: Damien Miller -Date: Thu Nov 7 12:00:23 2013 +1100 - - - (djm) [Makefile.in monitor.c] Missed chunks of curve25519 KEX diff - -commit 61c5c2319e84a58210810d39b062c8b8e3321160 -Author: Damien Miller -Date: Thu Nov 7 11:34:14 2013 +1100 - - - (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5) - that got lost in recent merge. - -commit 094003f5454a9f5a607674b2739824a7e91835f4 -Author: Damien Miller -Date: Mon Nov 4 22:59:27 2013 +1100 - - - (djm) [kexc25519.c kexc25519c.c kexc25519s.c] Import missed files from - KEX/curve25519 change - -commit ca67a7eaf8766499ba67801d0be8cdaa550b9a50 -Author: Damien Miller -Date: Mon Nov 4 09:05:17 2013 +1100 - - - djm@cvs.openbsd.org 2013/11/03 10:37:19 - [roaming_common.c] - fix a couple of function definitions foo() -> foo(void) - (-Wold-style-definition) - -commit 0bd8f1519d51af8d4229be81e8f2f4903a1d440b -Author: Damien Miller -Date: Mon Nov 4 08:55:43 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/02 22:39:19 - [ssh_config.5 sshd_config.5] - the default kex is now curve25519-sha256@libssh.org - -commit 4c3ba0767fbe4a8a2a748df4035aaf86651f6b30 -Author: Damien Miller -Date: Mon Nov 4 08:40:13 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/02 22:34:01 - [auth-options.c] - no need to include monitor_wrap.h and ssh-gss.h - -commit 660621b2106b987b874c2f120218bec249d0f6ba -Author: Damien Miller -Date: Mon Nov 4 08:37:51 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/02 22:24:24 - [kexdhs.c kexecdhs.c] - no need to include ssh-gss.h - -commit abdca986decfbbc008c895195b85e879ed460ada -Author: Damien Miller -Date: Mon Nov 4 08:30:05 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/02 22:10:15 - [kexdhs.c kexecdhs.c] - no need to include monitor_wrap.h - -commit 1e1242604eb0fd510fe93f81245c529237ffc513 -Author: Damien Miller -Date: Mon Nov 4 08:26:52 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/02 21:59:15 - [kex.c kex.h myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] - use curve25519 for default key exchange (curve25519-sha256@libssh.org); - initial patch from Aris Adamantiadis; ok djm@ - -commit d2252c79191d069372ed6effce7c7a2de93448cd -Author: Damien Miller -Date: Mon Nov 4 07:41:48 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/02 20:03:54 - [ssh-pkcs11.c] - support pkcs#11 tokes that only provide x509 zerts instead of raw pubkeys; - fixes bz#1908; based on patch from Laurent Barbe; ok djm - -commit 007e3b357e880caa974d5adf9669298ba0751c78 -Author: Darren Tucker -Date: Sun Nov 3 18:43:55 2013 +1100 - - - (dtucker) [configure.ac defines.h] Add typedefs for intmax_t and uintmax_t - for platforms that don't have them. - -commit 710f3747352fb93a63e5b69b12379da37f5b3fa9 -Author: Darren Tucker -Date: Sun Nov 3 17:20:34 2013 +1100 - - - (dtucker) [openbsd-compat/setproctitle.c] Handle error case form the 2nd - vsnprintf. From eric at openbsd via chl@. - -commit d52770452308e5c2e99f4da6edaaa77ef078b610 -Author: Darren Tucker -Date: Sun Nov 3 16:30:46 2013 +1100 - - - (dtucker) [openbsd-compat/bsd-misc.c] Include time.h for nanosleep. - From OpenSMTPD where it prevents "implicit declaration" warnings (it's - a no-op in OpenSSH). From chl at openbsd. - -commit 63857c9340d3482746a5622ffdacc756751f6448 -Author: Damien Miller -Date: Wed Oct 30 22:31:06 2013 +1100 - - - jmc@cvs.openbsd.org 2013/10/29 18:49:32 - [sshd_config.5] - pty(4), not pty(7); - -commit 5ff30c6b68adeee767dd29bf2369763c6a13c0b3 -Author: Damien Miller -Date: Wed Oct 30 22:21:50 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/29 09:48:02 - [servconf.c servconf.h session.c sshd_config sshd_config.5] - shd_config PermitTTY to disallow TTY allocation, mirroring the - longstanding no-pty authorized_keys option; - bz#2070, patch from Teran McKinney; ok markus@ - -commit 4a3a9d4bbf8048473f5cc202cd8db7164d5e6b8d -Author: Damien Miller -Date: Wed Oct 30 22:19:47 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/29 09:42:11 - [key.c key.h] - fix potential stack exhaustion caused by nested certificates; - report by Mateusz Kocielski; ok dtucker@ markus@ - -commit 28631ceaa7acd9bc500f924614431542893c6a21 -Author: Damien Miller -Date: Sat Oct 26 10:07:56 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/25 23:04:51 - [ssh.c] - fix crash when using ProxyCommand caused by previous commit - was calling - freeaddrinfo(NULL); spotted by sthen@ and Tim Ruehsen, patch by sthen@ - -commit 26506ad29350c5681815745cc90b3952a84cf118 -Author: Damien Miller -Date: Sat Oct 26 10:05:46 2013 +1100 - - - (djm) [ssh-keygen.c ssh-keysign.c sshconnect1.c sshd.c] Remove - unnecessary arc4random_stir() calls. The only ones left are to ensure - that the PRNG gets a different state after fork() for platforms that - have broken the API. - -commit bd43e8872325e9bbb3319c89da593614709f317c -Author: Tim Rice -Date: Thu Oct 24 12:22:49 2013 -0700 - - - (tim) [regress/sftp-perm.sh] We need a shell that understands "! somecmd" - -commit a90c0338083ee0e4064c4bdf61f497293a699be0 -Author: Damien Miller -Date: Thu Oct 24 21:03:17 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/24 08:19:36 - [ssh.c] - fix bug introduced in hostname canonicalisation commit: don't try to - resolve hostnames when a ProxyCommand is set unless the user has forced - canonicalisation; spotted by Iain Morgan - -commit cf31f3863425453ffcda540fbefa9df80088c8d1 -Author: Damien Miller -Date: Thu Oct 24 21:02:56 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/10/24 00:51:48 - [readconf.c servconf.c ssh_config.5 sshd_config.5] - Disallow empty Match statements and add "Match all" which matches - everything. ok djm, man page help jmc@ - -commit 4bedd4032a09ce87322ae5ea80f193f109e5c607 -Author: Damien Miller -Date: Thu Oct 24 21:02:26 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/10/24 00:49:49 - [moduli.c] - Periodically print progress and, if possible, expected time to completion - when screening moduli for DH groups. ok deraadt djm - -commit 5ecb41629860687b145be63b8877fabb6bae5eda -Author: Damien Miller -Date: Thu Oct 24 21:02:02 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/23 23:35:32 - [sshd.c] - include local address and port in "Connection from ..." message (only - shown at loglevel>=verbose) - -commit 03bf2e61ad6ac59a362a1f11b105586cb755c147 -Author: Damien Miller -Date: Thu Oct 24 21:01:26 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/10/23 05:40:58 - [servconf.c] - fix comment - -commit 8f1873191478847773906af961c8984d02a49dd6 -Author: Damien Miller -Date: Thu Oct 24 10:53:02 2013 +1100 - - - (djm) [auth-krb5.c] bz#2032 - use local username in krb5_kuserok check - rather than full client name which may be of form user@REALM; - patch from Miguel Sanders; ok dtucker@ - -commit 5b01b0dcb417eb615df77e7ce1b59319bf04342c -Author: Damien Miller -Date: Wed Oct 23 16:31:31 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/23 04:16:22 - [ssh-keygen.c] - Make code match documentation: relative-specified certificate expiry time - should be relative to current time and not the validity start time. - Reported by Petr Lautrbach; ok deraadt@ - -commit eff5cada589f25793dbe63a76aba9da39837a148 -Author: Damien Miller -Date: Wed Oct 23 16:31:10 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/23 03:05:19 - [readconf.c ssh.c] - comment - -commit 084bcd24e9fe874020e4df4e073e7408e1b17fb7 -Author: Damien Miller -Date: Wed Oct 23 16:30:51 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/23 03:03:07 - [readconf.c] - Hostname may have %h sequences that should be expanded prior to Match - evaluation; spotted by Iain Morgan - -commit 8e5a67f46916def40b2758bb7755350dd2eee843 -Author: Damien Miller -Date: Wed Oct 23 16:30:25 2013 +1100 - - - jmc@cvs.openbsd.org 2013/10/20 18:00:13 - [ssh_config.5] - tweak the "exec" description, as worded by djm; - -commit c0049bd0bca02890cd792babc594771c563f91f2 -Author: Damien Miller -Date: Wed Oct 23 16:29:59 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/20 09:51:26 - [scp.1 sftp.1] - add canonicalisation options to -o lists - -commit 8a04be795fc28514a09e55a54b2e67968f2e1b3a -Author: Damien Miller -Date: Wed Oct 23 16:29:40 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/20 06:19:28 - [readconf.c ssh_config.5] - rename "command" subclause of the recently-added "Match" keyword to - "exec"; it's shorter, clearer in intent and we might want to add the - ability to match against the command being executed at the remote end in - the future. - -commit 5c86ebdf83b636b6741db4b03569ef4a53b89a58 -Author: Damien Miller -Date: Wed Oct 23 16:29:12 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/20 04:39:28 - [ssh_config.5] - document % expansions performed by "Match command ..." - -commit 4502f88774edc56194707167443f94026d3c7cfa -Author: Damien Miller -Date: Fri Oct 18 10:17:36 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/17 22:08:04 - [sshd.c] - include remote port in bad banner message; bz#2162 - -commit 1edcbf65ebd2febeaf10a836468f35e519eed7ca -Author: Damien Miller -Date: Fri Oct 18 10:17:17 2013 +1100 - - - jmc@cvs.openbsd.org 2013/10/17 07:35:48 - [sftp.1 sftp.c] - tweak previous; - -commit a176e1823013dd8533a20235b3a5131f0626f46b -Author: Damien Miller -Date: Fri Oct 18 09:05:41 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/09 23:44:14 - [regress/Makefile regress/sftp-perm.sh] - regression test for sftp request white/blacklisting and readonly mode. - -commit e3ea09494dcfe7ba76536e95765c8328ecfc18fb -Author: Damien Miller -Date: Thu Oct 17 11:57:23 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/17 00:46:49 - [ssh.c] - rearrange check to reduce diff against -portable - (Id sync only) - -commit f29238e67471a7f1088a99c3c3dbafce76b790cf -Author: Damien Miller -Date: Thu Oct 17 11:48:52 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/17 00:30:13 - [PROTOCOL sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c] - fsync@openssh.com protocol extension for sftp-server - client support to allow calling fsync() faster successful transfer - patch mostly by imorgan AT nas.nasa.gov; bz#1798 - "fine" markus@ "grumble OK" deraadt@ "doesn't sound bad to me" millert@ - -commit 51682faa599550a69d8120e5e2bdbdc0625ef4be -Author: Damien Miller -Date: Thu Oct 17 11:48:31 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/16 22:58:01 - [ssh.c ssh_config.5] - one I missed in previous: s/isation/ization/ - -commit 3850559be93f1a442ae9ed370e8c389889dd5f72 -Author: Damien Miller -Date: Thu Oct 17 11:48:13 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/16 22:49:39 - [readconf.c readconf.h ssh.1 ssh.c ssh_config.5] - s/canonicalise/canonicalize/ for consistency with existing spelling, - e.g. authorized_keys; pointed out by naddy@ - -commit 607af3434b75acc7199a5d99d5a9c11068c01f27 -Author: Damien Miller -Date: Thu Oct 17 11:47:51 2013 +1100 - - - jmc@cvs.openbsd.org 2013/10/16 06:42:25 - [ssh_config.5] - tweak previous; - -commit 0faf747e2f77f0f7083bcd59cbed30c4b5448444 -Author: Damien Miller -Date: Thu Oct 17 11:47:23 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/16 02:31:47 - [readconf.c readconf.h roaming_client.c ssh.1 ssh.c ssh_config.5] - [sshconnect.c sshconnect.h] - Implement client-side hostname canonicalisation to allow an explicit - search path of domain suffixes to use to convert unqualified host names - to fully-qualified ones for host key matching. - This is particularly useful for host certificates, which would otherwise - need to list unqualified names alongside fully-qualified ones (and this - causes a number of problems). - "looks fine" markus@ - -commit d77b81f856e078714ec6b0f86f61c20249b7ead4 -Author: Damien Miller -Date: Thu Oct 17 11:39:00 2013 +1100 - - - jmc@cvs.openbsd.org 2013/10/15 14:10:25 - [ssh.1 ssh_config.5] - tweak previous; - -commit dcd39f29ce3308dc74a0ff27a9056205a932ce05 -Author: Damien Miller -Date: Thu Oct 17 11:31:40 2013 +1100 - - - [ssh.c] g/c unused variable. - -commit 5359a628ce3763408da25d83271a8eddec597a0c -Author: Damien Miller -Date: Tue Oct 15 12:20:37 2013 +1100 - - - [ssh.c] g/c unused variable. - -commit 386feab0c4736b054585ee8ee372865d5cde8d69 -Author: Damien Miller -Date: Tue Oct 15 12:14:49 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/14 23:31:01 - [ssh.c] - whitespace at EOL; pointed out by markus@ - -commit e9fc72edd6c313b670558cd5219601c38a949b67 -Author: Damien Miller -Date: Tue Oct 15 12:14:12 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/14 23:28:23 - [canohost.c misc.c misc.h readconf.c sftp-server.c ssh.c] - refactor client config code a little: - add multistate option partsing to readconf.c, similar to servconf.c's - existing code. - move checking of options that accept "none" as an argument to readconf.c - add a lowercase() function and use it instead of explicit tolower() in - loops - part of a larger diff that was ok markus@ - -commit 194fd904d8597a274b93e075b2047afdf5a175d4 -Author: Damien Miller -Date: Tue Oct 15 12:13:05 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/14 22:22:05 - [readconf.c readconf.h ssh-keysign.c ssh.c ssh_config.5] - add a "Match" keyword to ssh_config that allows matching on hostname, - user and result of arbitrary commands. "nice work" markus@ - -commit 71df752de2a04f423b1cd18d961a79f4fbccbcee -Author: Damien Miller -Date: Tue Oct 15 12:12:02 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/14 21:20:52 - [session.c session.h] - Add logging of session starts in a useful format; ok markus@ feedback and - ok dtucker@ - -commit 6efab27109b82820e8d32a5d811adb7bfc354f65 -Author: Damien Miller -Date: Tue Oct 15 12:07:05 2013 +1100 - - - jmc@cvs.openbsd.org 2013/10/14 14:18:56 - [sftp-server.8 sftp-server.c] - tweak previous; - ok djm - -commit 61c7de8a94156f6d7e9718ded9be8c65bb902b66 -Author: Damien Miller -Date: Tue Oct 15 12:06:45 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/11 02:53:45 - [sftp-client.h] - obsolete comment - -commit 2f93d0556e4892208c9b072624caa8cc5ddd839d -Author: Damien Miller -Date: Tue Oct 15 12:06:27 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/11 02:52:23 - [sftp-client.c] - missed one arg reorder - -commit bda5c8445713ae592d969a5105ed1a65da22bc96 -Author: Damien Miller -Date: Tue Oct 15 12:05:58 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/11 02:45:36 - [sftp-client.c] - rename flag arguments to be more clear and consistent. - reorder some internal function arguments to make adding additional flags - easier. - no functional change - -commit 61ee4d68ca0fcc793a826fc7ec70f3b8ffd12ab6 -Author: Damien Miller -Date: Tue Oct 15 11:56:47 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/10 01:43:03 - [sshd.c] - bz#2139: fix re-exec fallback by ensuring that startup_pipe is correctly - updated; ok dtucker@ - -commit 73600e51af9ee734a19767e0c084bbbc5eb5b8da -Author: Damien Miller -Date: Tue Oct 15 11:56:25 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/10 00:53:25 - [sftp-server.c] - add -Q, -P and -p to usage() before jmc@ catches me - -commit 6eaeebf27d92f39a38c772aa3f20c2250af2dd29 -Author: Damien Miller -Date: Tue Oct 15 11:55:57 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/09 23:42:17 - [sftp-server.8 sftp-server.c] - Add ability to whitelist and/or blacklist sftp protocol requests by name. - Refactor dispatch loop and consolidate read-only mode checks. - Make global variables static, since sftp-server is linked into sshd(8). - ok dtucker@ - -commit df62d71e64d29d1054e7a53d1a801075ef70335f -Author: Darren Tucker -Date: Thu Oct 10 10:32:39 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/10/08 11:42:13 - [dh.c dh.h] - Increase the size of the Diffie-Hellman groups requested for a each - symmetric key size. New values from NIST Special Publication 800-57 with - the upper limit specified by RFC4419. Pointed out by Peter Backes, ok - djm@. - -commit e6e52f8c5dc89a6767702e65bb595aaf7bc8991c -Author: Darren Tucker -Date: Thu Oct 10 10:28:07 2013 +1100 - - - djm@cvs.openbsd.org 2013/09/19 01:26:29 - [sshconnect.c] - bz#1211: make BindAddress work with UsePrivilegedPort=yes; patch from - swp AT swp.pp.ru; ok dtucker@ - -commit 71152bc9911bc34a98810b2398dac20df3fe8de3 -Author: Darren Tucker -Date: Thu Oct 10 10:27:21 2013 +1100 - - - djm@cvs.openbsd.org 2013/09/19 01:24:46 - [channels.c] - bz#1297 - tell the client (via packet_send_debug) when their preferred - listen address has been overridden by the server's GatewayPorts; - ok dtucker@ - -commit b59aaf3c4f3f449a4b86d8528668bd979be9aa5f -Author: Darren Tucker -Date: Thu Oct 10 10:26:21 2013 +1100 - - - djm@cvs.openbsd.org 2013/09/19 00:49:12 - [sftp-client.c] - fix swapped pflag and printflag in sftp upload_dir; from Iain Morgan - -commit 5d80e4522d6238bdefe9d0c634f0e6d35a241e41 -Author: Darren Tucker -Date: Thu Oct 10 10:25:09 2013 +1100 - - - djm@cvs.openbsd.org 2013/09/19 00:24:52 - [progressmeter.c] - store the initial file offset so the progress meter doesn't freak out - when resuming sftp transfers. bz#2137; patch from Iain Morgan; ok dtucker@ - -commit ad92df7e5ed26fea85adfb3f95352d6cd8e86344 -Author: Darren Tucker -Date: Thu Oct 10 10:24:11 2013 +1100 - - - sthen@cvs.openbsd.org 2013/09/16 11:35:43 - [ssh_config] - Remove gssapi config parts from ssh_config, as was already done for - sshd_config. Req by/ok ajacoutot@ - ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular - -commit 720711960b130d36dfdd3d50eb25ef482bdd000e -Author: Damien Miller -Date: Wed Oct 9 10:44:47 2013 +1100 - - - (djm) [openbsd-compat/Makefile.in openbsd-compat/arc4random.c] - [openbsd-compat/bsd-arc4random.c] Replace old RC4-based arc4random - implementation with recent OpenBSD's ChaCha-based PRNG. ok dtucker@, - tested tim@ - -commit 9159310087a218e28940a592896808b8eb76a039 -Author: Damien Miller -Date: Wed Oct 9 10:42:32 2013 +1100 - - - (djm) [openbsd-compat/arc4random.c openbsd-compat/chacha_private.h] Pull - in OpenBSD implementation of arc4random, shortly to replace the existing - bsd-arc4random.c - -commit 67f1d557a68d6fa8966a327d7b6dee3408cf0e72 -Author: Damien Miller -Date: Wed Oct 9 09:33:08 2013 +1100 - - correct incorrect years in datestamps; from des - -commit f2bf36c3eb4d969f85ec8aa342e9aecb61cc8bb1 -Author: Darren Tucker -Date: Sun Sep 22 19:02:40 2013 +1000 - - - (dtucker) [platform.c platform.h sshd.c] bz#2156: restore Linux oom_adj - setting when handling SIGHUP to maintain behaviour over retart. Patch - from Matthew Ife. - -commit e90a06ae570fd259a2f5ced873c7f17390f535a5 -Author: Darren Tucker -Date: Wed Sep 18 15:09:38 2013 +1000 - - - (dtucker) [sshd_config] Trailing whitespace; from jstjohn at purdue edu. - -commit 13840e0103946982cee2a05c40697be7e57dca41 -Author: Damien Miller -Date: Sat Sep 14 09:49:43 2013 +1000 - - - djm@cvs.openbsd.org 2013/09/13 06:54:34 - [channels.c] - avoid unaligned access in code that reused a buffer to send a - struct in_addr in a reply; simpler just use use buffer_put_int(); - from portable; spotted by and ok dtucker@ - -commit 70182522a47d283513a010338cd028cb80dac2ab -Author: Damien Miller -Date: Sat Sep 14 09:49:19 2013 +1000 - - - djm@cvs.openbsd.org 2013/09/12 01:41:12 - [clientloop.c] - fix connection crash when sending break (~B) on ControlPersist'd session; - ok dtucker@ - -commit ff9d6c2a4171ee32e8fe28fc3b86eb33bd5c845b -Author: Damien Miller -Date: Sat Sep 14 09:48:55 2013 +1000 - - - sthen@cvs.openbsd.org 2013/09/07 13:53:11 - [sshd_config] - Remove commented-out kerberos/gssapi config options from sample config, - kerberos support is currently not enabled in ssh in OpenBSD. Discussed with - various people; ok deraadt@ - ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular - -commit 8bab5e7b5ff6721d926b5ebf05a3a24489889c58 -Author: Damien Miller -Date: Sat Sep 14 09:47:00 2013 +1000 - - - deraadt@cvs.openbsd.org 2013/09/02 22:00:34 - [ssh-keygen.c sshconnect1.c sshd.c] - All the instances of arc4random_stir() are bogus, since arc4random() - does this itself, inside itself, and has for a very long time.. Actually, - this was probably reducing the entropy available. - ok djm - ID SYNC ONLY for portable; we don't trust other arc4random implementations - to do this right. - -commit 61353b3208d548fab863e0e0ac5d2400ee5bb340 -Author: Damien Miller -Date: Sat Sep 14 09:45:32 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/31 00:13:54 - [sftp.c] - make ^w match ksh behaviour (delete previous word instead of entire line) - -commit 660854859cad31d234edb9353fb7ca2780df8128 -Author: Damien Miller -Date: Sat Sep 14 09:45:03 2013 +1000 - - - mikeb@cvs.openbsd.org 2013/08/28 12:34:27 - [ssh-keygen.c] - improve batch processing a bit by making use of the quite flag a bit - more often and exit with a non zero code if asked to find a hostname - in a known_hosts file and it wasn't there; - originally from reyk@, ok djm - -commit 045bda5cb8acf0eb9d71c275ee1247e3154fc9e5 -Author: Damien Miller -Date: Sat Sep 14 09:44:37 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/22 19:02:21 - [sshd.c] - Stir PRNG after post-accept fork. The child gets a different PRNG state - anyway via rexec and explicit privsep reseeds, but it's good to be sure. - ok markus@ - -commit ed4af412da60a084891b20412433a27966613fb8 -Author: Damien Miller -Date: Sat Sep 14 09:40:51 2013 +1000 - - add marker for 6.3p1 release at the point of the last included change - -commit 43968a8e66a0aa1afefb11665bf96f86b113f5d9 -Author: Damien Miller -Date: Wed Aug 28 14:00:54 2013 +1000 - - - (djm) [openbsd-compat/bsd-snprintf.c] #ifdef noytet for intmax_t bits - until we have configure support. - -commit 04be8b9e53f8388c94b531ebc5d1bd6e10e930d1 -Author: Damien Miller -Date: Wed Aug 28 12:49:43 2013 +1000 - - - (djm) [openbsd-compat/bsd-snprintf.c] teach our local snprintf code the - 'j' (intmax_t/uintmax_t) and 'z' (size_t/ssize_t) conversions in case we - start to use them in the future. diff --git a/README b/README index 9bbd3bac2bc..ea6e228dda9 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -See http://www.openssh.com/txt/release-7.1 for the release notes. +See http://www.openssh.com/txt/release-7.1p2 for the release notes. Please read http://www.openssh.com/report.html for bug reporting instructions and note that we do not use Github for bug reporting or diff --git a/bitmap.c b/bitmap.c index 19cd2e8e379..f95032250e7 100644 --- a/bitmap.c +++ b/bitmap.c @@ -53,7 +53,7 @@ void bitmap_free(struct bitmap *b) { if (b != NULL && b->d != NULL) { - memset(b->d, 0, b->len); + explicit_bzero(b->d, b->len); free(b->d); } free(b); diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index 5b27106fb10..4c55227e5e9 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec @@ -1,4 +1,4 @@ -%define ver 7.1p1 +%define ver 7.1p2 %define rel 1 # OpenSSH privilege separation requires a user & group ID diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index 59689588282..3ee526805d8 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec @@ -13,7 +13,7 @@ Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation Name: openssh -Version: 7.1p1 +Version: 7.1p2 URL: http://www.openssh.com/ Release: 1 Source0: openssh-%{version}.tar.gz diff --git a/kex.c b/kex.c index 5100c661d79..b777b7d50f8 100644 --- a/kex.c +++ b/kex.c @@ -270,13 +270,13 @@ kex_buf2prop(struct sshbuf *raw, int *first_kex_follows, char ***propp) debug2("kex_parse_kexinit: %s", proposal[i]); } /* first kex follows / reserved */ - if ((r = sshbuf_get_u8(b, &v)) != 0 || - (r = sshbuf_get_u32(b, &i)) != 0) + if ((r = sshbuf_get_u8(b, &v)) != 0 || /* first_kex_follows */ + (r = sshbuf_get_u32(b, &i)) != 0) /* reserved */ goto out; if (first_kex_follows != NULL) - *first_kex_follows = i; - debug2("kex_parse_kexinit: first_kex_follows %d ", v); - debug2("kex_parse_kexinit: reserved %u ", i); + *first_kex_follows = v; + debug2("first_kex_follows %d ", v); + debug2("reserved %u ", i); r = 0; *propp = proposal; out: diff --git a/packet.c b/packet.c index 01d3e297079..7b5c419eb15 100644 --- a/packet.c +++ b/packet.c @@ -1581,6 +1581,7 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) logit("Bad packet length %u.", state->packlen); if ((r = sshpkt_disconnect(ssh, "Packet corrupt")) != 0) return r; + return SSH_ERR_CONN_CORRUPT; } sshbuf_reset(state->incoming_packet); } else if (state->packlen == 0) { diff --git a/readconf.c b/readconf.c index 1d03bdf72d9..cd014821aef 100644 --- a/readconf.c +++ b/readconf.c @@ -1660,7 +1660,7 @@ initialize_options(Options * options) options->tun_remote = -1; options->local_command = NULL; options->permit_local_command = -1; - options->use_roaming = -1; + options->use_roaming = 0; options->visual_host_key = -1; options->ip_qos_interactive = -1; options->ip_qos_bulk = -1; @@ -1833,8 +1833,7 @@ fill_default_options(Options * options) options->tun_remote = SSH_TUNID_ANY; if (options->permit_local_command == -1) options->permit_local_command = 0; - if (options->use_roaming == -1) - options->use_roaming = 1; + options->use_roaming = 0; if (options->visual_host_key == -1) options->visual_host_key = 0; if (options->ip_qos_interactive == -1) diff --git a/ssh.c b/ssh.c index 59c1f931cb0..67c1ebfa2e0 100644 --- a/ssh.c +++ b/ssh.c @@ -1932,9 +1932,6 @@ ssh_session2(void) fork_postauth(); } - if (options.use_roaming) - request_roaming(); - return client_loop(tty_flag, tty_flag ? options.escape_char : SSH_ESCAPECHAR_NONE, id); } diff --git a/sshbuf-getput-crypto.c b/sshbuf-getput-crypto.c index e2e093c002f..d0d791b50a3 100644 --- a/sshbuf-getput-crypto.c +++ b/sshbuf-getput-crypto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-getput-crypto.c,v 1.4 2015/01/14 15:02:39 djm Exp $ */ +/* $OpenBSD: sshbuf-getput-crypto.c,v 1.5 2016/01/12 23:42:54 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -158,10 +158,10 @@ sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v) if (len > 0 && (d[1] & 0x80) != 0) prepend = 1; if ((r = sshbuf_put_string(buf, d + 1 - prepend, len + prepend)) < 0) { - bzero(d, sizeof(d)); + explicit_bzero(d, sizeof(d)); return r; } - bzero(d, sizeof(d)); + explicit_bzero(d, sizeof(d)); return 0; } @@ -177,13 +177,13 @@ sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v) if (BN_bn2bin(v, d) != (int)len_bytes) return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */ if ((r = sshbuf_reserve(buf, len_bytes + 2, &dp)) < 0) { - bzero(d, sizeof(d)); + explicit_bzero(d, sizeof(d)); return r; } POKE_U16(dp, len_bits); if (len_bytes != 0) memcpy(dp + 2, d, len_bytes); - bzero(d, sizeof(d)); + explicit_bzero(d, sizeof(d)); return 0; } @@ -210,7 +210,7 @@ sshbuf_put_ec(struct sshbuf *buf, const EC_POINT *v, const EC_GROUP *g) } BN_CTX_free(bn_ctx); ret = sshbuf_put_string(buf, d, len); - bzero(d, len); + explicit_bzero(d, len); return ret; } diff --git a/sshbuf-misc.c b/sshbuf-misc.c index d022065f92a..3da4b80e765 100644 --- a/sshbuf-misc.c +++ b/sshbuf-misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-misc.c,v 1.4 2015/03/24 20:03:44 markus Exp $ */ +/* $OpenBSD: sshbuf-misc.c,v 1.5 2015/10/05 17:11:21 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -103,7 +103,7 @@ sshbuf_dtob64(struct sshbuf *buf) if (SIZE_MAX / 2 <= len || (ret = malloc(plen)) == NULL) return NULL; if ((r = b64_ntop(p, len, ret, plen)) == -1) { - bzero(ret, plen); + explicit_bzero(ret, plen); free(ret); return NULL; } @@ -122,16 +122,16 @@ sshbuf_b64tod(struct sshbuf *buf, const char *b64) if ((p = malloc(plen)) == NULL) return SSH_ERR_ALLOC_FAIL; if ((nlen = b64_pton(b64, p, plen)) < 0) { - bzero(p, plen); + explicit_bzero(p, plen); free(p); return SSH_ERR_INVALID_FORMAT; } if ((r = sshbuf_put(buf, p, nlen)) < 0) { - bzero(p, plen); + explicit_bzero(p, plen); free(p); return r; } - bzero(p, plen); + explicit_bzero(p, plen); free(p); return 0; } diff --git a/sshbuf.c b/sshbuf.c index dbe0c9192e2..19e162c0748 100644 --- a/sshbuf.c +++ b/sshbuf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf.c,v 1.3 2015/01/20 23:14:00 deraadt Exp $ */ +/* $OpenBSD: sshbuf.c,v 1.4 2015/10/05 17:11:21 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -134,7 +134,7 @@ sshbuf_fromb(struct sshbuf *buf) void sshbuf_init(struct sshbuf *ret) { - bzero(ret, sizeof(*ret)); + explicit_bzero(ret, sizeof(*ret)); ret->alloc = SSHBUF_SIZE_INIT; ret->max_size = SSHBUF_SIZE_MAX; ret->readonly = 0; @@ -177,10 +177,10 @@ sshbuf_free(struct sshbuf *buf) return; dont_free = buf->dont_free; if (!buf->readonly) { - bzero(buf->d, buf->alloc); + explicit_bzero(buf->d, buf->alloc); free(buf->d); } - bzero(buf, sizeof(*buf)); + explicit_bzero(buf, sizeof(*buf)); if (!dont_free) free(buf); } @@ -196,7 +196,7 @@ sshbuf_reset(struct sshbuf *buf) return; } if (sshbuf_check_sanity(buf) == 0) - bzero(buf->d, buf->alloc); + explicit_bzero(buf->d, buf->alloc); buf->off = buf->size = 0; if (buf->alloc != SSHBUF_SIZE_INIT) { if ((d = realloc(buf->d, SSHBUF_SIZE_INIT)) != NULL) { @@ -255,7 +255,7 @@ sshbuf_set_max_size(struct sshbuf *buf, size_t max_size) rlen = roundup(buf->size, SSHBUF_SIZE_INC); if (rlen > max_size) rlen = max_size; - bzero(buf->d + buf->size, buf->alloc - buf->size); + explicit_bzero(buf->d + buf->size, buf->alloc - buf->size); SSHBUF_DBG(("new alloc = %zu", rlen)); if ((dp = realloc(buf->d, rlen)) == NULL) return SSH_ERR_ALLOC_FAIL; diff --git a/sshd.c b/sshd.c index 65ef7e85070..43d46508526 100644 --- a/sshd.c +++ b/sshd.c @@ -624,6 +624,8 @@ privsep_preauth_child(void) arc4random_buf(rnd, sizeof(rnd)); #ifdef WITH_OPENSSL RAND_seed(rnd, sizeof(rnd)); + if ((RAND_bytes((u_char *)rnd, 1)) != 1) + fatal("%s: RAND_bytes failed", __func__); #endif explicit_bzero(rnd, sizeof(rnd)); @@ -767,6 +769,8 @@ privsep_postauth(Authctxt *authctxt) arc4random_buf(rnd, sizeof(rnd)); #ifdef WITH_OPENSSL RAND_seed(rnd, sizeof(rnd)); + if ((RAND_bytes((u_char *)rnd, 1)) != 1) + fatal("%s: RAND_bytes failed", __func__); #endif explicit_bzero(rnd, sizeof(rnd)); @@ -1436,6 +1440,8 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) arc4random_buf(rnd, sizeof(rnd)); #ifdef WITH_OPENSSL RAND_seed(rnd, sizeof(rnd)); + if ((RAND_bytes((u_char *)rnd, 1)) != 1) + fatal("%s: RAND_bytes failed", __func__); #endif explicit_bzero(rnd, sizeof(rnd)); } diff --git a/version.h b/version.h index d917ca1f6cc..41e1ea931b7 100644 --- a/version.h +++ b/version.h @@ -2,5 +2,5 @@ #define SSH_VERSION "OpenSSH_7.1" -#define SSH_PORTABLE "p1" +#define SSH_PORTABLE "p2" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE From 7a73d15e90f1d9bdc8e4398ecccd49423f1109e8 Mon Sep 17 00:00:00 2001 From: Ed Maste Date: Wed, 20 Jan 2016 18:35:43 +0000 Subject: [PATCH 004/154] Increase BERI boot components section alignment to 16 The .text, .bss, and .data sections claimed 16-byte alignment, but were only aligned to 8 by the linker script. Discovered with elfcopy(1) from elftoolchain, which performs validation absent from the binutils strip(1). ELF tool chain ticket #512. Reported by: brooks Reviewed by: brooks Sponsored by: DARPA, AFRL --- sys/boot/mips/beri/boot2/flashboot.ldscript | 6 +++--- sys/boot/mips/beri/boot2/jtagboot.ldscript | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/sys/boot/mips/beri/boot2/flashboot.ldscript b/sys/boot/mips/beri/boot2/flashboot.ldscript index 0c820fa7bbb..4d61438bd9b 100644 --- a/sys/boot/mips/beri/boot2/flashboot.ldscript +++ b/sys/boot/mips/beri/boot2/flashboot.ldscript @@ -49,13 +49,13 @@ SECTIONS { . = __boot2_base_vaddr__; . += SIZEOF_HEADERS; - .text ALIGN(0x8): { + .text ALIGN(0x10): { relocate.o(.text) start.o(.text) *(EXCLUDE_FILE (relocate.o start.o) .text) } - .data ALIGN(0x8): { *(.data)} - .bss ALIGN(0x8): { *(.bss) } + .data ALIGN(0x10): { *(.data)} + .bss ALIGN(0x10): { *(.bss) } __heap = ALIGN(0x8); /* 64-bit aligned heap pointer */ __data_end = .; diff --git a/sys/boot/mips/beri/boot2/jtagboot.ldscript b/sys/boot/mips/beri/boot2/jtagboot.ldscript index 25fb61d0f53..064c6e15d03 100644 --- a/sys/boot/mips/beri/boot2/jtagboot.ldscript +++ b/sys/boot/mips/beri/boot2/jtagboot.ldscript @@ -49,12 +49,12 @@ SECTIONS { . = __boot2_base_vaddr__; . += SIZEOF_HEADERS; - .text ALIGN(0x8): { + .text ALIGN(0x10): { start.o(.text) *(EXCLUDE_FILE (start.o) .text) } - .data ALIGN(0x8): { *(.data)} - .bss ALIGN(0x8): { *(.bss) } + .data ALIGN(0x10): { *(.data)} + .bss ALIGN(0x10): { *(.bss) } __heap = ALIGN(0x8); /* 64-bit aligned heap pointer */ __data_end = .; From 159da0bcfd8e415f93867b69cfd87c38ee507bb4 Mon Sep 17 00:00:00 2001 From: Brooks Davis Date: Wed, 20 Jan 2016 18:47:33 +0000 Subject: [PATCH 005/154] Add a simple manpage for the cfi(4) and associated cfid(4) drivers. MFC after: 1 week Sponsored by: DARPA, AFRL --- share/man/man4/Makefile | 2 + share/man/man4/cfi.4 | 94 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 96 insertions(+) create mode 100644 share/man/man4/cfi.4 diff --git a/share/man/man4/Makefile b/share/man/man4/Makefile index d5050ac45a6..2c04dd3071c 100644 --- a/share/man/man4/Makefile +++ b/share/man/man4/Makefile @@ -94,6 +94,7 @@ MAN= aac.4 \ ${_ccd.4} \ cd.4 \ cdce.4 \ + cfi.4 \ ch.4 \ ciss.4 \ cloudabi.4 \ @@ -592,6 +593,7 @@ MLINKS+=bwn.4 if_bwn.4 MLINKS+=${_bxe.4} ${_if_bxe.4} MLINKS+=cas.4 if_cas.4 MLINKS+=cdce.4 if_cdce.4 +MLINKS+=cfi.4 cfid.4 MLINKS+=cloudabi.4 cloudabi64.4 MLINKS+=crypto.4 cryptodev.4 MLINKS+=cue.4 if_cue.4 diff --git a/share/man/man4/cfi.4 b/share/man/man4/cfi.4 new file mode 100644 index 00000000000..c5a9703c2b0 --- /dev/null +++ b/share/man/man4/cfi.4 @@ -0,0 +1,94 @@ +.\"- +.\" Copyright (c) 2015-2016 SRI International +.\" All rights reserved. +.\" +.\" This software was developed by SRI International and the University of +.\" Cambridge Computer Laboratory under DARPA/AFRL contract (FA8750-10-C-0237) +.\" ("CTSRD"), as part of the DARPA CRASH research programme. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $FreeBSD$ +.\" +.Dd January 20, 2016 +.Dt CFI 4 +.Os +.Sh NAME +.Nm cfi , +.Nm cfid +.Nd driver for Common Flash Interface (CFI) NOR flash +.Sh SYNOPSIS +.Cd "device cfi" +.Cd "device cfid" +.Cd "options CFI_SUPPORT_STRATAFLASH" +.Cd "options CFI_ARMEDANDDANGEROUS" +.Pp +In +.Pa /boot/device.hints : +.Cd hint.cfi.0.at="nexus0" +.Cd hint.cfi.0.maddr=0x74000000 +.Cd hint.cfi.0.msize=0x4000000 +.Pp +In DTS file: +.Cd flash@74000000 { +.Cd " compatible =" Qo cfi-flash Qc ; +.Cd " reg = <0x74000000 0x4000000>;" +.Cd }; +.Sh DESCRIPTION +The +.Nm +device driver provides a management interface to NOR flash devices supporting +the Common Flash Interface (CFI) specification. +Its companion device +.Nm cfid +provides a +.Xr geom 4 +disk interface to the device. +.Pp +Special support for features of the Intel StrataFlash line are available +with the +.Cd CFI_SUPPORT_STRATAFLASH +kernel option. +Additional support for write-once bits to switch part of Intel StrataFlash +devices to read-only can be enabled by the +.Cd CFI_ARMEDANDDANGEROUS +kernel option. +.El +.Sh SEE ALSO +.Xr led 4 +.Sh HISTORY +The +.Nm +device driver first appeared in +.Fx 8.0 . +.Sh AUTHORS +The +.Nm +driver was written by +.An Juniper Networks +with StrataFlash support by +.An Sam Leffler . +This manual page was written by SRI International and the University of +Cambridge Computer Laboratory under DARPA/AFRL contract +.Pq FA8750-10-C-0237 +.Pq Do CTSRD Dc , +as part of the DARPA CRASH research programme. From 628c4b98fba9c44869a9d1b7515323c6ce183b4c Mon Sep 17 00:00:00 2001 From: Bryan Drewery Date: Wed, 20 Jan 2016 20:58:42 +0000 Subject: [PATCH 006/154] Add .NOMETA missed in r291320. Sponsored by: EMC / Isilon Storage Division --- lib/libc/stdlib/jemalloc/Makefile.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/libc/stdlib/jemalloc/Makefile.inc b/lib/libc/stdlib/jemalloc/Makefile.inc index a04ccf25b17..f322f98e2bd 100644 --- a/lib/libc/stdlib/jemalloc/Makefile.inc +++ b/lib/libc/stdlib/jemalloc/Makefile.inc @@ -20,7 +20,7 @@ jemalloc_${src}: ${LIBC_SRCTOP}/../../contrib/jemalloc/src/${src} .NOMETA MAN+=jemalloc.3 CLEANFILES+=jemalloc.3 -jemalloc.3: ${LIBC_SRCTOP}/../../contrib/jemalloc/doc/jemalloc.3 +jemalloc.3: ${LIBC_SRCTOP}/../../contrib/jemalloc/doc/jemalloc.3 .NOMETA ln -sf ${.ALLSRC} ${.TARGET} MLINKS+= \ From 3380918a2aca0a719978ca7cf97b4403a38681ce Mon Sep 17 00:00:00 2001 From: Brooks Davis Date: Wed, 20 Jan 2016 21:54:43 +0000 Subject: [PATCH 007/154] MIPS also needs ofw_bus_if.h in some cases. --- sys/modules/i2c/iicbb/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/modules/i2c/iicbb/Makefile b/sys/modules/i2c/iicbb/Makefile index d192e68e44b..b2263107e5f 100644 --- a/sys/modules/i2c/iicbb/Makefile +++ b/sys/modules/i2c/iicbb/Makefile @@ -2,7 +2,7 @@ .PATH: ${.CURDIR}/../../../dev/iicbus .if ${MACHINE_CPUARCH} == "aarch64" || ${MACHINE_CPUARCH} == "arm" || \ - ${MACHINE_CPUARCH} == "powerpc" + ${MACHINE_CPUARCH} == "mips" || ${MACHINE_CPUARCH} == "powerpc" ofw_bus_if= ofw_bus_if.h .endif KMOD = iicbb From bd3f34d4ba691b1bbc79269f992c5ae666b9404e Mon Sep 17 00:00:00 2001 From: Brooks Davis Date: Wed, 20 Jan 2016 22:23:08 +0000 Subject: [PATCH 008/154] Shift saved floating point registers up in jmp_buf. sigmask_t is 128-bits so requires two slots. Approved by: CheriBSD (93699cb9b6e73980ac369e379cea9772c9494ccc) MFC after: 1 week Sponsored by: DARPA, AFRL --- sys/mips/include/asm.h | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/sys/mips/include/asm.h b/sys/mips/include/asm.h index 1a48adfd442..9e7e7719076 100644 --- a/sys/mips/include/asm.h +++ b/sys/mips/include/asm.h @@ -666,20 +666,21 @@ _C_LABEL(x): /* Only valid with the _JB_MAGIC_SETJMP magic */ #define _JB_SIGMASK 13 +#define __JB_SIGMASK_REMAINDER 14 /* sigmask_t is 128-bits */ -#define _JB_FPREG_F20 14 -#define _JB_FPREG_F21 15 -#define _JB_FPREG_F22 16 -#define _JB_FPREG_F23 17 -#define _JB_FPREG_F24 18 -#define _JB_FPREG_F25 19 -#define _JB_FPREG_F26 20 -#define _JB_FPREG_F27 21 -#define _JB_FPREG_F28 22 -#define _JB_FPREG_F29 23 -#define _JB_FPREG_F30 24 -#define _JB_FPREG_F31 25 -#define _JB_FPREG_FCSR 26 +#define _JB_FPREG_F20 15 +#define _JB_FPREG_F21 16 +#define _JB_FPREG_F22 17 +#define _JB_FPREG_F23 18 +#define _JB_FPREG_F24 19 +#define _JB_FPREG_F25 20 +#define _JB_FPREG_F26 21 +#define _JB_FPREG_F27 22 +#define _JB_FPREG_F28 23 +#define _JB_FPREG_F29 24 +#define _JB_FPREG_F30 25 +#define _JB_FPREG_F31 26 +#define _JB_FPREG_FCSR 27 /* * Various macros for dealing with TLB hazards From 783c605101d83451a512fcea533a984a6c493dd4 Mon Sep 17 00:00:00 2001 From: Andriy Voskoboinyk Date: Wed, 20 Jan 2016 23:01:33 +0000 Subject: [PATCH 009/154] urtwn: use ic_updateslot method to handle slot time change (by default it was set to 9us). Tested with RTL8188EU / RTL8188CUS in STA mode. Reviewed by: kevlo Approved by: adrian (mentor) Differential Revision: https://reviews.freebsd.org/D4535 --- sys/dev/usb/wlan/if_urtwn.c | 39 +++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/sys/dev/usb/wlan/if_urtwn.c b/sys/dev/usb/wlan/if_urtwn.c index 7466d1aeabf..682238a5d7f 100644 --- a/sys/dev/usb/wlan/if_urtwn.c +++ b/sys/dev/usb/wlan/if_urtwn.c @@ -319,6 +319,10 @@ static void urtwn_scan_start(struct ieee80211com *); static void urtwn_scan_end(struct ieee80211com *); static void urtwn_set_channel(struct ieee80211com *); static int urtwn_wme_update(struct ieee80211com *); +static void urtwn_update_slot(struct ieee80211com *); +static void urtwn_update_slot_cb(struct urtwn_softc *, + union sec_param *); +static void urtwn_update_aifs(struct urtwn_softc *, uint8_t); static void urtwn_set_promisc(struct urtwn_softc *); static void urtwn_update_promisc(struct ieee80211com *); static void urtwn_update_mcast(struct ieee80211com *); @@ -540,6 +544,7 @@ urtwn_attach(device_t self) ic->ic_vap_create = urtwn_vap_create; ic->ic_vap_delete = urtwn_vap_delete; ic->ic_wme.wme_update = urtwn_wme_update; + ic->ic_updateslot = urtwn_update_slot; ic->ic_update_promisc = urtwn_update_promisc; ic->ic_update_mcast = urtwn_update_mcast; if (sc->chip & URTWN_CHIP_88E) { @@ -4194,6 +4199,40 @@ urtwn_wme_update(struct ieee80211com *ic) return 0; } +static void +urtwn_update_slot(struct ieee80211com *ic) +{ + urtwn_cmd_sleepable(ic->ic_softc, NULL, 0, urtwn_update_slot_cb); +} + +static void +urtwn_update_slot_cb(struct urtwn_softc *sc, union sec_param *data) +{ + struct ieee80211com *ic = &sc->sc_ic; + uint8_t slottime; + + slottime = IEEE80211_GET_SLOTTIME(ic); + + DPRINTFN(10, "setting slot time to %uus\n", slottime); + + urtwn_write_1(sc, R92C_SLOT, slottime); + urtwn_update_aifs(sc, slottime); +} + +static void +urtwn_update_aifs(struct urtwn_softc *sc, uint8_t slottime) +{ + const struct wmeParams *wmep = + sc->sc_ic.ic_wme.wme_chanParams.cap_wmeParams; + uint8_t aifs, ac; + + for (ac = WME_AC_BE; ac < WME_NUM_AC; ac++) { + /* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */ + aifs = wmep[ac].wmep_aifsn * slottime + IEEE80211_DUR_SIFS; + urtwn_write_1(sc, wme2queue[ac].reg, aifs); + } +} + static void urtwn_set_promisc(struct urtwn_softc *sc) { From 8688f98d232a3d48e8821d4d3898531552d33d18 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= Date: Wed, 20 Jan 2016 23:08:57 +0000 Subject: [PATCH 010/154] Remove a number of generated files which are either out-of-date (because they are never regenerated to reflect our changes) or in the way of freebsd-configure.sh. --- crypto/openssh/config.h.in | 1729 --- crypto/openssh/configure | 20111 --------------------------- crypto/openssh/moduli.0 | 74 - crypto/openssh/scp.0 | 165 - crypto/openssh/sftp-server.0 | 96 - crypto/openssh/sftp.0 | 383 - crypto/openssh/ssh-add.0 | 129 - crypto/openssh/ssh-agent.0 | 112 - crypto/openssh/ssh-keygen.0 | 566 - crypto/openssh/ssh-keyscan.0 | 109 - crypto/openssh/ssh-keysign.0 | 53 - crypto/openssh/ssh-pkcs11-helper.0 | 25 - crypto/openssh/ssh.0 | 972 -- crypto/openssh/ssh_config.0 | 1026 -- crypto/openssh/sshd.0 | 640 - crypto/openssh/sshd_config.0 | 1052 -- 16 files changed, 27242 deletions(-) delete mode 100644 crypto/openssh/config.h.in delete mode 100755 crypto/openssh/configure delete mode 100644 crypto/openssh/moduli.0 delete mode 100644 crypto/openssh/scp.0 delete mode 100644 crypto/openssh/sftp-server.0 delete mode 100644 crypto/openssh/sftp.0 delete mode 100644 crypto/openssh/ssh-add.0 delete mode 100644 crypto/openssh/ssh-agent.0 delete mode 100644 crypto/openssh/ssh-keygen.0 delete mode 100644 crypto/openssh/ssh-keyscan.0 delete mode 100644 crypto/openssh/ssh-keysign.0 delete mode 100644 crypto/openssh/ssh-pkcs11-helper.0 delete mode 100644 crypto/openssh/ssh.0 delete mode 100644 crypto/openssh/ssh_config.0 delete mode 100644 crypto/openssh/sshd.0 delete mode 100644 crypto/openssh/sshd_config.0 diff --git a/crypto/openssh/config.h.in b/crypto/openssh/config.h.in deleted file mode 100644 index 86d32d485c4..00000000000 --- a/crypto/openssh/config.h.in +++ /dev/null @@ -1,1729 +0,0 @@ -/* config.h.in. Generated from configure.ac by autoheader. */ - -/* Define if building universal (internal helper macro) */ -#undef AC_APPLE_UNIVERSAL_BUILD - -/* Define if you have a getaddrinfo that fails for the all-zeros IPv6 address - */ -#undef AIX_GETNAMEINFO_HACK - -/* Define if your AIX loginfailed() function takes 4 arguments (AIX >= 5.2) */ -#undef AIX_LOGINFAILED_4ARG - -/* System only supports IPv4 audit records */ -#undef AU_IPv4 - -/* Define if your resolver libs need this for getrrsetbyname */ -#undef BIND_8_COMPAT - -/* The system has incomplete BSM API */ -#undef BROKEN_BSM_API - -/* Define if cmsg_type is not passed correctly */ -#undef BROKEN_CMSG_TYPE - -/* getaddrinfo is broken (if present) */ -#undef BROKEN_GETADDRINFO - -/* getgroups(0,NULL) will return -1 */ -#undef BROKEN_GETGROUPS - -/* FreeBSD glob does not do what we need */ -#undef BROKEN_GLOB - -/* Define if you system's inet_ntoa is busted (e.g. Irix gcc issue) */ -#undef BROKEN_INET_NTOA - -/* ia_uinfo routines not supported by OS yet */ -#undef BROKEN_LIBIAF - -/* Ultrix mmap can't map files */ -#undef BROKEN_MMAP - -/* Define if your struct dirent expects you to allocate extra space for d_name - */ -#undef BROKEN_ONE_BYTE_DIRENT_D_NAME - -/* Can't do comparisons on readv */ -#undef BROKEN_READV_COMPARISON - -/* NetBSD read function is sometimes redirected, breaking atomicio comparisons - against it */ -#undef BROKEN_READ_COMPARISON - -/* realpath does not work with nonexistent files */ -#undef BROKEN_REALPATH - -/* Needed for NeXT */ -#undef BROKEN_SAVED_UIDS - -/* Define if your setregid() is broken */ -#undef BROKEN_SETREGID - -/* Define if your setresgid() is broken */ -#undef BROKEN_SETRESGID - -/* Define if your setresuid() is broken */ -#undef BROKEN_SETRESUID - -/* Define if your setreuid() is broken */ -#undef BROKEN_SETREUID - -/* LynxOS has broken setvbuf() implementation */ -#undef BROKEN_SETVBUF - -/* QNX shadow support is broken */ -#undef BROKEN_SHADOW_EXPIRE - -/* Define if your snprintf is busted */ -#undef BROKEN_SNPRINTF - -/* FreeBSD strnvis argument order is swapped compared to OpenBSD */ -#undef BROKEN_STRNVIS - -/* tcgetattr with ICANON may hang */ -#undef BROKEN_TCGETATTR_ICANON - -/* updwtmpx is broken (if present) */ -#undef BROKEN_UPDWTMPX - -/* Define if you have BSD auth support */ -#undef BSD_AUTH - -/* Define if you want to specify the path to your lastlog file */ -#undef CONF_LASTLOG_FILE - -/* Define if you want to specify the path to your utmp file */ -#undef CONF_UTMP_FILE - -/* Define if you want to specify the path to your wtmpx file */ -#undef CONF_WTMPX_FILE - -/* Define if you want to specify the path to your wtmp file */ -#undef CONF_WTMP_FILE - -/* Define if your platform needs to skip post auth file descriptor passing */ -#undef DISABLE_FD_PASSING - -/* Define if you don't want to use lastlog */ -#undef DISABLE_LASTLOG - -/* Define if you don't want to use your system's login() call */ -#undef DISABLE_LOGIN - -/* Define if you don't want to use pututline() etc. to write [uw]tmp */ -#undef DISABLE_PUTUTLINE - -/* Define if you don't want to use pututxline() etc. to write [uw]tmpx */ -#undef DISABLE_PUTUTXLINE - -/* Define if you want to disable shadow passwords */ -#undef DISABLE_SHADOW - -/* Define if you don't want to use utmp */ -#undef DISABLE_UTMP - -/* Define if you don't want to use utmpx */ -#undef DISABLE_UTMPX - -/* Define if you don't want to use wtmp */ -#undef DISABLE_WTMP - -/* Define if you don't want to use wtmpx */ -#undef DISABLE_WTMPX - -/* Enable for PKCS#11 support */ -#undef ENABLE_PKCS11 - -/* File names may not contain backslash characters */ -#undef FILESYSTEM_NO_BACKSLASH - -/* fsid_t has member val */ -#undef FSID_HAS_VAL - -/* fsid_t has member __val */ -#undef FSID_HAS___VAL - -/* Define to 1 if the `getpgrp' function requires zero arguments. */ -#undef GETPGRP_VOID - -/* Conflicting defs for getspnam */ -#undef GETSPNAM_CONFLICTING_DEFS - -/* Define if your system glob() function has the GLOB_ALTDIRFUNC extension */ -#undef GLOB_HAS_ALTDIRFUNC - -/* Define if your system glob() function has gl_matchc options in glob_t */ -#undef GLOB_HAS_GL_MATCHC - -/* Define if your system glob() function has gl_statv options in glob_t */ -#undef GLOB_HAS_GL_STATV - -/* Define this if you want GSSAPI support in the version 2 protocol */ -#undef GSSAPI - -/* Define if you want to use shadow password expire field */ -#undef HAS_SHADOW_EXPIRE - -/* Define if your system uses access rights style file descriptor passing */ -#undef HAVE_ACCRIGHTS_IN_MSGHDR - -/* Define if you have ut_addr in utmp.h */ -#undef HAVE_ADDR_IN_UTMP - -/* Define if you have ut_addr in utmpx.h */ -#undef HAVE_ADDR_IN_UTMPX - -/* Define if you have ut_addr_v6 in utmp.h */ -#undef HAVE_ADDR_V6_IN_UTMP - -/* Define if you have ut_addr_v6 in utmpx.h */ -#undef HAVE_ADDR_V6_IN_UTMPX - -/* Define to 1 if you have the `arc4random' function. */ -#undef HAVE_ARC4RANDOM - -/* Define to 1 if you have the `arc4random_buf' function. */ -#undef HAVE_ARC4RANDOM_BUF - -/* Define to 1 if you have the `arc4random_stir' function. */ -#undef HAVE_ARC4RANDOM_STIR - -/* Define to 1 if you have the `arc4random_uniform' function. */ -#undef HAVE_ARC4RANDOM_UNIFORM - -/* Define to 1 if you have the `asprintf' function. */ -#undef HAVE_ASPRINTF - -/* OpenBSD's gcc has bounded */ -#undef HAVE_ATTRIBUTE__BOUNDED__ - -/* Have attribute nonnull */ -#undef HAVE_ATTRIBUTE__NONNULL__ - -/* OpenBSD's gcc has sentinel */ -#undef HAVE_ATTRIBUTE__SENTINEL__ - -/* Define to 1 if you have the `aug_get_machine' function. */ -#undef HAVE_AUG_GET_MACHINE - -/* Define to 1 if you have the `b64_ntop' function. */ -#undef HAVE_B64_NTOP - -/* Define to 1 if you have the `b64_pton' function. */ -#undef HAVE_B64_PTON - -/* Define if you have the basename function. */ -#undef HAVE_BASENAME - -/* Define to 1 if you have the `bcopy' function. */ -#undef HAVE_BCOPY - -/* Define to 1 if you have the `bcrypt_pbkdf' function. */ -#undef HAVE_BCRYPT_PBKDF - -/* Define to 1 if you have the `bindresvport_sa' function. */ -#undef HAVE_BINDRESVPORT_SA - -/* Define to 1 if you have the `blf_enc' function. */ -#undef HAVE_BLF_ENC - -/* Define to 1 if you have the header file. */ -#undef HAVE_BLF_H - -/* Define to 1 if you have the `Blowfish_expand0state' function. */ -#undef HAVE_BLOWFISH_EXPAND0STATE - -/* Define to 1 if you have the `Blowfish_expandstate' function. */ -#undef HAVE_BLOWFISH_EXPANDSTATE - -/* Define to 1 if you have the `Blowfish_initstate' function. */ -#undef HAVE_BLOWFISH_INITSTATE - -/* Define to 1 if you have the `Blowfish_stream2word' function. */ -#undef HAVE_BLOWFISH_STREAM2WORD - -/* Define to 1 if you have the `BN_is_prime_ex' function. */ -#undef HAVE_BN_IS_PRIME_EX - -/* Define to 1 if you have the header file. */ -#undef HAVE_BSD_LIBUTIL_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_BSM_AUDIT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_BSTRING_H - -/* Define to 1 if you have the `cap_rights_limit' function. */ -#undef HAVE_CAP_RIGHTS_LIMIT - -/* Define to 1 if you have the `clock' function. */ -#undef HAVE_CLOCK - -/* Have clock_gettime */ -#undef HAVE_CLOCK_GETTIME - -/* define if you have clock_t data type */ -#undef HAVE_CLOCK_T - -/* Define to 1 if you have the `closefrom' function. */ -#undef HAVE_CLOSEFROM - -/* Define if gai_strerror() returns const char * */ -#undef HAVE_CONST_GAI_STRERROR_PROTO - -/* Define if your system uses ancillary data style file descriptor passing */ -#undef HAVE_CONTROL_IN_MSGHDR - -/* Define to 1 if you have the `crypt' function. */ -#undef HAVE_CRYPT - -/* Define to 1 if you have the header file. */ -#undef HAVE_CRYPTO_SHA2_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_CRYPT_H - -/* Define if you are on Cygwin */ -#undef HAVE_CYGWIN - -/* Define if your libraries define daemon() */ -#undef HAVE_DAEMON - -/* Define to 1 if you have the declaration of `AI_NUMERICSERV', and to 0 if - you don't. */ -#undef HAVE_DECL_AI_NUMERICSERV - -/* Define to 1 if you have the declaration of `authenticate', and to 0 if you - don't. */ -#undef HAVE_DECL_AUTHENTICATE - -/* Define to 1 if you have the declaration of `GLOB_NOMATCH', and to 0 if you - don't. */ -#undef HAVE_DECL_GLOB_NOMATCH - -/* Define to 1 if you have the declaration of `GSS_C_NT_HOSTBASED_SERVICE', - and to 0 if you don't. */ -#undef HAVE_DECL_GSS_C_NT_HOSTBASED_SERVICE - -/* Define to 1 if you have the declaration of `howmany', and to 0 if you - don't. */ -#undef HAVE_DECL_HOWMANY - -/* Define to 1 if you have the declaration of `h_errno', and to 0 if you - don't. */ -#undef HAVE_DECL_H_ERRNO - -/* Define to 1 if you have the declaration of `loginfailed', and to 0 if you - don't. */ -#undef HAVE_DECL_LOGINFAILED - -/* Define to 1 if you have the declaration of `loginrestrictions', and to 0 if - you don't. */ -#undef HAVE_DECL_LOGINRESTRICTIONS - -/* Define to 1 if you have the declaration of `loginsuccess', and to 0 if you - don't. */ -#undef HAVE_DECL_LOGINSUCCESS - -/* Define to 1 if you have the declaration of `MAXSYMLINKS', and to 0 if you - don't. */ -#undef HAVE_DECL_MAXSYMLINKS - -/* Define to 1 if you have the declaration of `NFDBITS', and to 0 if you - don't. */ -#undef HAVE_DECL_NFDBITS - -/* Define to 1 if you have the declaration of `offsetof', and to 0 if you - don't. */ -#undef HAVE_DECL_OFFSETOF - -/* Define to 1 if you have the declaration of `O_NONBLOCK', and to 0 if you - don't. */ -#undef HAVE_DECL_O_NONBLOCK - -/* Define to 1 if you have the declaration of `passwdexpired', and to 0 if you - don't. */ -#undef HAVE_DECL_PASSWDEXPIRED - -/* Define to 1 if you have the declaration of `setauthdb', and to 0 if you - don't. */ -#undef HAVE_DECL_SETAUTHDB - -/* Define to 1 if you have the declaration of `SHUT_RD', and to 0 if you - don't. */ -#undef HAVE_DECL_SHUT_RD - -/* Define to 1 if you have the declaration of `writev', and to 0 if you don't. - */ -#undef HAVE_DECL_WRITEV - -/* Define to 1 if you have the declaration of `_getlong', and to 0 if you - don't. */ -#undef HAVE_DECL__GETLONG - -/* Define to 1 if you have the declaration of `_getshort', and to 0 if you - don't. */ -#undef HAVE_DECL__GETSHORT - -/* Define to 1 if you have the `DES_crypt' function. */ -#undef HAVE_DES_CRYPT - -/* Define if you have /dev/ptmx */ -#undef HAVE_DEV_PTMX - -/* Define if you have /dev/ptc */ -#undef HAVE_DEV_PTS_AND_PTC - -/* Define to 1 if you have the header file. */ -#undef HAVE_DIRENT_H - -/* Define to 1 if you have the `dirfd' function. */ -#undef HAVE_DIRFD - -/* Define to 1 if you have the `dirname' function. */ -#undef HAVE_DIRNAME - -/* Define to 1 if you have the `DSA_generate_parameters_ex' function. */ -#undef HAVE_DSA_GENERATE_PARAMETERS_EX - -/* Define to 1 if you have the header file. */ -#undef HAVE_ELF_H - -/* Define to 1 if you have the `endgrent' function. */ -#undef HAVE_ENDGRENT - -/* Define to 1 if you have the header file. */ -#undef HAVE_ENDIAN_H - -/* Define to 1 if you have the `endutent' function. */ -#undef HAVE_ENDUTENT - -/* Define to 1 if you have the `endutxent' function. */ -#undef HAVE_ENDUTXENT - -/* Define if your system has /etc/default/login */ -#undef HAVE_ETC_DEFAULT_LOGIN - -/* Define if libcrypto has EVP_CIPHER_CTX_ctrl */ -#undef HAVE_EVP_CIPHER_CTX_CTRL - -/* Define to 1 if you have the `EVP_DigestFinal_ex' function. */ -#undef HAVE_EVP_DIGESTFINAL_EX - -/* Define to 1 if you have the `EVP_DigestInit_ex' function. */ -#undef HAVE_EVP_DIGESTINIT_EX - -/* Define to 1 if you have the `EVP_MD_CTX_cleanup' function. */ -#undef HAVE_EVP_MD_CTX_CLEANUP - -/* Define to 1 if you have the `EVP_MD_CTX_copy_ex' function. */ -#undef HAVE_EVP_MD_CTX_COPY_EX - -/* Define to 1 if you have the `EVP_MD_CTX_init' function. */ -#undef HAVE_EVP_MD_CTX_INIT - -/* Define to 1 if you have the `EVP_ripemd160' function. */ -#undef HAVE_EVP_RIPEMD160 - -/* Define to 1 if you have the `EVP_sha256' function. */ -#undef HAVE_EVP_SHA256 - -/* Define if you have ut_exit in utmp.h */ -#undef HAVE_EXIT_IN_UTMP - -/* Define to 1 if you have the `explicit_bzero' function. */ -#undef HAVE_EXPLICIT_BZERO - -/* Define to 1 if you have the `fchmod' function. */ -#undef HAVE_FCHMOD - -/* Define to 1 if you have the `fchown' function. */ -#undef HAVE_FCHOWN - -/* Use F_CLOSEM fcntl for closefrom */ -#undef HAVE_FCNTL_CLOSEM - -/* Define to 1 if you have the header file. */ -#undef HAVE_FCNTL_H - -/* Define to 1 if the system has the type `fd_mask'. */ -#undef HAVE_FD_MASK - -/* Define to 1 if you have the header file. */ -#undef HAVE_FEATURES_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_FLOATINGPOINT_H - -/* Define to 1 if you have the `fmt_scaled' function. */ -#undef HAVE_FMT_SCALED - -/* Define to 1 if you have the `freeaddrinfo' function. */ -#undef HAVE_FREEADDRINFO - -/* Define to 1 if the system has the type `fsblkcnt_t'. */ -#undef HAVE_FSBLKCNT_T - -/* Define to 1 if the system has the type `fsfilcnt_t'. */ -#undef HAVE_FSFILCNT_T - -/* Define to 1 if you have the `fstatfs' function. */ -#undef HAVE_FSTATFS - -/* Define to 1 if you have the `fstatvfs' function. */ -#undef HAVE_FSTATVFS - -/* Define to 1 if you have the `futimes' function. */ -#undef HAVE_FUTIMES - -/* Define to 1 if you have the `gai_strerror' function. */ -#undef HAVE_GAI_STRERROR - -/* Define to 1 if you have the `getaddrinfo' function. */ -#undef HAVE_GETADDRINFO - -/* Define to 1 if you have the `getaudit' function. */ -#undef HAVE_GETAUDIT - -/* Define to 1 if you have the `getaudit_addr' function. */ -#undef HAVE_GETAUDIT_ADDR - -/* Define to 1 if you have the `getcwd' function. */ -#undef HAVE_GETCWD - -/* Define to 1 if you have the `getgrouplist' function. */ -#undef HAVE_GETGROUPLIST - -/* Define to 1 if you have the `getgrset' function. */ -#undef HAVE_GETGRSET - -/* Define to 1 if you have the `getlastlogxbyname' function. */ -#undef HAVE_GETLASTLOGXBYNAME - -/* Define to 1 if you have the `getluid' function. */ -#undef HAVE_GETLUID - -/* Define to 1 if you have the `getnameinfo' function. */ -#undef HAVE_GETNAMEINFO - -/* Define to 1 if you have the `getopt' function. */ -#undef HAVE_GETOPT - -/* Define to 1 if you have the header file. */ -#undef HAVE_GETOPT_H - -/* Define if your getopt(3) defines and uses optreset */ -#undef HAVE_GETOPT_OPTRESET - -/* Define if your libraries define getpagesize() */ -#undef HAVE_GETPAGESIZE - -/* Define to 1 if you have the `getpeereid' function. */ -#undef HAVE_GETPEEREID - -/* Define to 1 if you have the `getpeerucred' function. */ -#undef HAVE_GETPEERUCRED - -/* Define to 1 if you have the `getpgid' function. */ -#undef HAVE_GETPGID - -/* Define to 1 if you have the `getpgrp' function. */ -#undef HAVE_GETPGRP - -/* Define to 1 if you have the `getpwanam' function. */ -#undef HAVE_GETPWANAM - -/* Define to 1 if you have the `getrlimit' function. */ -#undef HAVE_GETRLIMIT - -/* Define if getrrsetbyname() exists */ -#undef HAVE_GETRRSETBYNAME - -/* Define to 1 if you have the `getrusage' function. */ -#undef HAVE_GETRUSAGE - -/* Define to 1 if you have the `getseuserbyname' function. */ -#undef HAVE_GETSEUSERBYNAME - -/* Define to 1 if you have the `gettimeofday' function. */ -#undef HAVE_GETTIMEOFDAY - -/* Define to 1 if you have the `getttyent' function. */ -#undef HAVE_GETTTYENT - -/* Define to 1 if you have the `getutent' function. */ -#undef HAVE_GETUTENT - -/* Define to 1 if you have the `getutid' function. */ -#undef HAVE_GETUTID - -/* Define to 1 if you have the `getutline' function. */ -#undef HAVE_GETUTLINE - -/* Define to 1 if you have the `getutxent' function. */ -#undef HAVE_GETUTXENT - -/* Define to 1 if you have the `getutxid' function. */ -#undef HAVE_GETUTXID - -/* Define to 1 if you have the `getutxline' function. */ -#undef HAVE_GETUTXLINE - -/* Define to 1 if you have the `getutxuser' function. */ -#undef HAVE_GETUTXUSER - -/* Define to 1 if you have the `get_default_context_with_level' function. */ -#undef HAVE_GET_DEFAULT_CONTEXT_WITH_LEVEL - -/* Define to 1 if you have the `glob' function. */ -#undef HAVE_GLOB - -/* Define to 1 if you have the header file. */ -#undef HAVE_GLOB_H - -/* Define to 1 if you have the `group_from_gid' function. */ -#undef HAVE_GROUP_FROM_GID - -/* Define to 1 if you have the header file. */ -#undef HAVE_GSSAPI_GENERIC_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_GSSAPI_GSSAPI_GENERIC_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_GSSAPI_GSSAPI_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_GSSAPI_GSSAPI_KRB5_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_GSSAPI_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_GSSAPI_KRB5_H - -/* Define if HEADER.ad exists in arpa/nameser.h */ -#undef HAVE_HEADER_AD - -/* Define to 1 if you have the `HMAC_CTX_init' function. */ -#undef HAVE_HMAC_CTX_INIT - -/* Define if you have ut_host in utmp.h */ -#undef HAVE_HOST_IN_UTMP - -/* Define if you have ut_host in utmpx.h */ -#undef HAVE_HOST_IN_UTMPX - -/* Define to 1 if you have the header file. */ -#undef HAVE_IAF_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_IA_H - -/* Define if you have ut_id in utmp.h */ -#undef HAVE_ID_IN_UTMP - -/* Define if you have ut_id in utmpx.h */ -#undef HAVE_ID_IN_UTMPX - -/* Define to 1 if you have the `inet_aton' function. */ -#undef HAVE_INET_ATON - -/* Define to 1 if you have the `inet_ntoa' function. */ -#undef HAVE_INET_NTOA - -/* Define to 1 if you have the `inet_ntop' function. */ -#undef HAVE_INET_NTOP - -/* Define to 1 if you have the `innetgr' function. */ -#undef HAVE_INNETGR - -/* define if you have int64_t data type */ -#undef HAVE_INT64_T - -/* Define to 1 if the system has the type `intmax_t'. */ -#undef HAVE_INTMAX_T - -/* Define to 1 if you have the header file. */ -#undef HAVE_INTTYPES_H - -/* define if you have intxx_t data type */ -#undef HAVE_INTXX_T - -/* Define to 1 if the system has the type `in_addr_t'. */ -#undef HAVE_IN_ADDR_T - -/* Define to 1 if the system has the type `in_port_t'. */ -#undef HAVE_IN_PORT_T - -/* Define if you have isblank(3C). */ -#undef HAVE_ISBLANK - -/* Define to 1 if you have the `krb5_cc_new_unique' function. */ -#undef HAVE_KRB5_CC_NEW_UNIQUE - -/* Define to 1 if you have the `krb5_free_error_message' function. */ -#undef HAVE_KRB5_FREE_ERROR_MESSAGE - -/* Define to 1 if you have the `krb5_get_error_message' function. */ -#undef HAVE_KRB5_GET_ERROR_MESSAGE - -/* Define to 1 if you have the header file. */ -#undef HAVE_LASTLOG_H - -/* Define if you want ldns support */ -#undef HAVE_LDNS - -/* Define to 1 if you have the header file. */ -#undef HAVE_LIBAUDIT_H - -/* Define to 1 if you have the `bsm' library (-lbsm). */ -#undef HAVE_LIBBSM - -/* Define to 1 if you have the `crypt' library (-lcrypt). */ -#undef HAVE_LIBCRYPT - -/* Define to 1 if you have the `dl' library (-ldl). */ -#undef HAVE_LIBDL - -/* Define to 1 if you have the header file. */ -#undef HAVE_LIBGEN_H - -/* Define if system has libiaf that supports set_id */ -#undef HAVE_LIBIAF - -/* Define to 1 if you have the `network' library (-lnetwork). */ -#undef HAVE_LIBNETWORK - -/* Define to 1 if you have the `nsl' library (-lnsl). */ -#undef HAVE_LIBNSL - -/* Define to 1 if you have the `pam' library (-lpam). */ -#undef HAVE_LIBPAM - -/* Define to 1 if you have the `socket' library (-lsocket). */ -#undef HAVE_LIBSOCKET - -/* Define to 1 if you have the header file. */ -#undef HAVE_LIBUTIL_H - -/* Define to 1 if you have the `xnet' library (-lxnet). */ -#undef HAVE_LIBXNET - -/* Define to 1 if you have the `z' library (-lz). */ -#undef HAVE_LIBZ - -/* Define to 1 if you have the header file. */ -#undef HAVE_LIMITS_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_LINUX_AUDIT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_LINUX_FILTER_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_LINUX_IF_TUN_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_LINUX_SECCOMP_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_LOCALE_H - -/* Define to 1 if you have the `login' function. */ -#undef HAVE_LOGIN - -/* Define to 1 if you have the header file. */ -#undef HAVE_LOGIN_CAP_H - -/* Define to 1 if you have the `login_getcapbool' function. */ -#undef HAVE_LOGIN_GETCAPBOOL - -/* Define to 1 if you have the header file. */ -#undef HAVE_LOGIN_H - -/* Define to 1 if you have the `logout' function. */ -#undef HAVE_LOGOUT - -/* Define to 1 if you have the `logwtmp' function. */ -#undef HAVE_LOGWTMP - -/* Define to 1 if the system has the type `long double'. */ -#undef HAVE_LONG_DOUBLE - -/* Define to 1 if the system has the type `long long'. */ -#undef HAVE_LONG_LONG - -/* Define to 1 if you have the header file. */ -#undef HAVE_MAILLOCK_H - -/* Define to 1 if you have the `mblen' function. */ -#undef HAVE_MBLEN - -/* Define to 1 if you have the `md5_crypt' function. */ -#undef HAVE_MD5_CRYPT - -/* Define if you want to allow MD5 passwords */ -#undef HAVE_MD5_PASSWORDS - -/* Define to 1 if you have the `memmove' function. */ -#undef HAVE_MEMMOVE - -/* Define to 1 if you have the header file. */ -#undef HAVE_MEMORY_H - -/* Define to 1 if you have the `memset_s' function. */ -#undef HAVE_MEMSET_S - -/* Define to 1 if you have the `mkdtemp' function. */ -#undef HAVE_MKDTEMP - -/* Define to 1 if you have the `mmap' function. */ -#undef HAVE_MMAP - -/* define if you have mode_t data type */ -#undef HAVE_MODE_T - -/* Some systems put nanosleep outside of libc */ -#undef HAVE_NANOSLEEP - -/* Define to 1 if you have the header file. */ -#undef HAVE_NDIR_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_NETDB_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_NETGROUP_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_NET_IF_TUN_H - -/* Define if you are on NeXT */ -#undef HAVE_NEXT - -/* Define to 1 if you have the `ngetaddrinfo' function. */ -#undef HAVE_NGETADDRINFO - -/* Define to 1 if you have the `nsleep' function. */ -#undef HAVE_NSLEEP - -/* Define to 1 if you have the `ogetaddrinfo' function. */ -#undef HAVE_OGETADDRINFO - -/* Define if you have an old version of PAM which takes only one argument to - pam_strerror */ -#undef HAVE_OLD_PAM - -/* Define to 1 if you have the `openlog_r' function. */ -#undef HAVE_OPENLOG_R - -/* Define to 1 if you have the `openpty' function. */ -#undef HAVE_OPENPTY - -/* Define if your ssl headers are included with #include */ -#undef HAVE_OPENSSL - -/* Define if you have Digital Unix Security Integration Architecture */ -#undef HAVE_OSF_SIA - -/* Define to 1 if you have the `pam_getenvlist' function. */ -#undef HAVE_PAM_GETENVLIST - -/* Define to 1 if you have the header file. */ -#undef HAVE_PAM_PAM_APPL_H - -/* Define to 1 if you have the `pam_putenv' function. */ -#undef HAVE_PAM_PUTENV - -/* Define to 1 if you have the header file. */ -#undef HAVE_PATHS_H - -/* Define if you have ut_pid in utmp.h */ -#undef HAVE_PID_IN_UTMP - -/* define if you have pid_t data type */ -#undef HAVE_PID_T - -/* Define to 1 if you have the `poll' function. */ -#undef HAVE_POLL - -/* Define to 1 if you have the header file. */ -#undef HAVE_POLL_H - -/* Define to 1 if you have the `prctl' function. */ -#undef HAVE_PRCTL - -/* Define if you have /proc/$pid/fd */ -#undef HAVE_PROC_PID - -/* Define to 1 if you have the `pstat' function. */ -#undef HAVE_PSTAT - -/* Define to 1 if you have the header file. */ -#undef HAVE_PTY_H - -/* Define to 1 if you have the `pututline' function. */ -#undef HAVE_PUTUTLINE - -/* Define to 1 if you have the `pututxline' function. */ -#undef HAVE_PUTUTXLINE - -/* Define to 1 if you have the `readpassphrase' function. */ -#undef HAVE_READPASSPHRASE - -/* Define to 1 if you have the header file. */ -#undef HAVE_READPASSPHRASE_H - -/* Define to 1 if you have the `reallocarray' function. */ -#undef HAVE_REALLOCARRAY - -/* Define to 1 if you have the `realpath' function. */ -#undef HAVE_REALPATH - -/* Define to 1 if you have the `recvmsg' function. */ -#undef HAVE_RECVMSG - -/* sys/resource.h has RLIMIT_NPROC */ -#undef HAVE_RLIMIT_NPROC - -/* Define to 1 if you have the header file. */ -#undef HAVE_RPC_TYPES_H - -/* Define to 1 if you have the `rresvport_af' function. */ -#undef HAVE_RRESVPORT_AF - -/* Define to 1 if you have the `RSA_generate_key_ex' function. */ -#undef HAVE_RSA_GENERATE_KEY_EX - -/* Define to 1 if you have the `RSA_get_default_method' function. */ -#undef HAVE_RSA_GET_DEFAULT_METHOD - -/* Define to 1 if you have the header file. */ -#undef HAVE_SANDBOX_H - -/* Define to 1 if you have the `sandbox_init' function. */ -#undef HAVE_SANDBOX_INIT - -/* define if you have sa_family_t data type */ -#undef HAVE_SA_FAMILY_T - -/* Define to 1 if you have the `scan_scaled' function. */ -#undef HAVE_SCAN_SCALED - -/* Define if you have SecureWare-based protected password database */ -#undef HAVE_SECUREWARE - -/* Define to 1 if you have the header file. */ -#undef HAVE_SECURITY_PAM_APPL_H - -/* Define to 1 if you have the `sendmsg' function. */ -#undef HAVE_SENDMSG - -/* Define to 1 if you have the `setauthdb' function. */ -#undef HAVE_SETAUTHDB - -/* Define to 1 if you have the `setdtablesize' function. */ -#undef HAVE_SETDTABLESIZE - -/* Define to 1 if you have the `setegid' function. */ -#undef HAVE_SETEGID - -/* Define to 1 if you have the `setenv' function. */ -#undef HAVE_SETENV - -/* Define to 1 if you have the `seteuid' function. */ -#undef HAVE_SETEUID - -/* Define to 1 if you have the `setgroupent' function. */ -#undef HAVE_SETGROUPENT - -/* Define to 1 if you have the `setgroups' function. */ -#undef HAVE_SETGROUPS - -/* Define to 1 if you have the `setlinebuf' function. */ -#undef HAVE_SETLINEBUF - -/* Define to 1 if you have the `setlogin' function. */ -#undef HAVE_SETLOGIN - -/* Define to 1 if you have the `setluid' function. */ -#undef HAVE_SETLUID - -/* Define to 1 if you have the `setpassent' function. */ -#undef HAVE_SETPASSENT - -/* Define to 1 if you have the `setpcred' function. */ -#undef HAVE_SETPCRED - -/* Define to 1 if you have the `setproctitle' function. */ -#undef HAVE_SETPROCTITLE - -/* Define to 1 if you have the `setregid' function. */ -#undef HAVE_SETREGID - -/* Define to 1 if you have the `setresgid' function. */ -#undef HAVE_SETRESGID - -/* Define to 1 if you have the `setresuid' function. */ -#undef HAVE_SETRESUID - -/* Define to 1 if you have the `setreuid' function. */ -#undef HAVE_SETREUID - -/* Define to 1 if you have the `setrlimit' function. */ -#undef HAVE_SETRLIMIT - -/* Define to 1 if you have the `setsid' function. */ -#undef HAVE_SETSID - -/* Define to 1 if you have the `setutent' function. */ -#undef HAVE_SETUTENT - -/* Define to 1 if you have the `setutxdb' function. */ -#undef HAVE_SETUTXDB - -/* Define to 1 if you have the `setutxent' function. */ -#undef HAVE_SETUTXENT - -/* Define to 1 if you have the `setvbuf' function. */ -#undef HAVE_SETVBUF - -/* Define to 1 if you have the `set_id' function. */ -#undef HAVE_SET_ID - -/* Define to 1 if you have the `SHA256_Update' function. */ -#undef HAVE_SHA256_UPDATE - -/* Define to 1 if you have the header file. */ -#undef HAVE_SHA2_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SHADOW_H - -/* Define to 1 if you have the `sigaction' function. */ -#undef HAVE_SIGACTION - -/* Define to 1 if you have the `sigvec' function. */ -#undef HAVE_SIGVEC - -/* Define to 1 if the system has the type `sig_atomic_t'. */ -#undef HAVE_SIG_ATOMIC_T - -/* define if you have size_t data type */ -#undef HAVE_SIZE_T - -/* Define to 1 if you have the `snprintf' function. */ -#undef HAVE_SNPRINTF - -/* Define to 1 if you have the `socketpair' function. */ -#undef HAVE_SOCKETPAIR - -/* Have PEERCRED socket option */ -#undef HAVE_SO_PEERCRED - -/* define if you have ssize_t data type */ -#undef HAVE_SSIZE_T - -/* Fields in struct sockaddr_storage */ -#undef HAVE_SS_FAMILY_IN_SS - -/* Define to 1 if you have the `statfs' function. */ -#undef HAVE_STATFS - -/* Define to 1 if you have the `statvfs' function. */ -#undef HAVE_STATVFS - -/* Define to 1 if you have the header file. */ -#undef HAVE_STDDEF_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_STDINT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_STDLIB_H - -/* Define to 1 if you have the `strdup' function. */ -#undef HAVE_STRDUP - -/* Define to 1 if you have the `strerror' function. */ -#undef HAVE_STRERROR - -/* Define to 1 if you have the `strftime' function. */ -#undef HAVE_STRFTIME - -/* Silly mkstemp() */ -#undef HAVE_STRICT_MKSTEMP - -/* Define to 1 if you have the header file. */ -#undef HAVE_STRINGS_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_STRING_H - -/* Define to 1 if you have the `strlcat' function. */ -#undef HAVE_STRLCAT - -/* Define to 1 if you have the `strlcpy' function. */ -#undef HAVE_STRLCPY - -/* Define to 1 if you have the `strmode' function. */ -#undef HAVE_STRMODE - -/* Define to 1 if you have the `strnlen' function. */ -#undef HAVE_STRNLEN - -/* Define to 1 if you have the `strnvis' function. */ -#undef HAVE_STRNVIS - -/* Define to 1 if you have the `strptime' function. */ -#undef HAVE_STRPTIME - -/* Define to 1 if you have the `strsep' function. */ -#undef HAVE_STRSEP - -/* Define to 1 if you have the `strtoll' function. */ -#undef HAVE_STRTOLL - -/* Define to 1 if you have the `strtonum' function. */ -#undef HAVE_STRTONUM - -/* Define to 1 if you have the `strtoul' function. */ -#undef HAVE_STRTOUL - -/* Define to 1 if you have the `strtoull' function. */ -#undef HAVE_STRTOULL - -/* define if you have struct addrinfo data type */ -#undef HAVE_STRUCT_ADDRINFO - -/* define if you have struct in6_addr data type */ -#undef HAVE_STRUCT_IN6_ADDR - -/* Define to 1 if `pw_change' is a member of `struct passwd'. */ -#undef HAVE_STRUCT_PASSWD_PW_CHANGE - -/* Define to 1 if `pw_class' is a member of `struct passwd'. */ -#undef HAVE_STRUCT_PASSWD_PW_CLASS - -/* Define to 1 if `pw_expire' is a member of `struct passwd'. */ -#undef HAVE_STRUCT_PASSWD_PW_EXPIRE - -/* Define to 1 if `pw_gecos' is a member of `struct passwd'. */ -#undef HAVE_STRUCT_PASSWD_PW_GECOS - -/* define if you have struct sockaddr_in6 data type */ -#undef HAVE_STRUCT_SOCKADDR_IN6 - -/* Define to 1 if `sin6_scope_id' is a member of `struct sockaddr_in6'. */ -#undef HAVE_STRUCT_SOCKADDR_IN6_SIN6_SCOPE_ID - -/* define if you have struct sockaddr_storage data type */ -#undef HAVE_STRUCT_SOCKADDR_STORAGE - -/* Define to 1 if `st_blksize' is a member of `struct stat'. */ -#undef HAVE_STRUCT_STAT_ST_BLKSIZE - -/* Define to 1 if the system has the type `struct timespec'. */ -#undef HAVE_STRUCT_TIMESPEC - -/* define if you have struct timeval */ -#undef HAVE_STRUCT_TIMEVAL - -/* Define to 1 if you have the `swap32' function. */ -#undef HAVE_SWAP32 - -/* Define to 1 if you have the `sysconf' function. */ -#undef HAVE_SYSCONF - -/* Define if you have syslen in utmpx.h */ -#undef HAVE_SYSLEN_IN_UTMPX - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_AUDIT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_BITYPES_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_BSDTTY_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_CAPSICUM_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_CDEFS_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_DIR_H - -/* Define if your system defines sys_errlist[] */ -#undef HAVE_SYS_ERRLIST - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_MMAN_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_MOUNT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_NDIR_H - -/* Define if your system defines sys_nerr */ -#undef HAVE_SYS_NERR - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_POLL_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_PRCTL_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_PSTAT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_PTMS_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_SELECT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_STATVFS_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_STAT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_STREAM_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_STROPTS_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_STRTIO_H - -/* Force use of sys/syslog.h on Ultrix */ -#undef HAVE_SYS_SYSLOG_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_SYSMACROS_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_TIMERS_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_TIME_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_TYPES_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_UN_H - -/* Define to 1 if you have the `tcgetpgrp' function. */ -#undef HAVE_TCGETPGRP - -/* Define to 1 if you have the `tcsendbreak' function. */ -#undef HAVE_TCSENDBREAK - -/* Define to 1 if you have the `time' function. */ -#undef HAVE_TIME - -/* Define to 1 if you have the header file. */ -#undef HAVE_TIME_H - -/* Define if you have ut_time in utmp.h */ -#undef HAVE_TIME_IN_UTMP - -/* Define if you have ut_time in utmpx.h */ -#undef HAVE_TIME_IN_UTMPX - -/* Define to 1 if you have the `timingsafe_bcmp' function. */ -#undef HAVE_TIMINGSAFE_BCMP - -/* Define to 1 if you have the header file. */ -#undef HAVE_TMPDIR_H - -/* Define to 1 if you have the `truncate' function. */ -#undef HAVE_TRUNCATE - -/* Define to 1 if you have the header file. */ -#undef HAVE_TTYENT_H - -/* Define if you have ut_tv in utmp.h */ -#undef HAVE_TV_IN_UTMP - -/* Define if you have ut_tv in utmpx.h */ -#undef HAVE_TV_IN_UTMPX - -/* Define if you have ut_type in utmp.h */ -#undef HAVE_TYPE_IN_UTMP - -/* Define if you have ut_type in utmpx.h */ -#undef HAVE_TYPE_IN_UTMPX - -/* Define to 1 if you have the header file. */ -#undef HAVE_UCRED_H - -/* Define to 1 if the system has the type `uintmax_t'. */ -#undef HAVE_UINTMAX_T - -/* define if you have uintxx_t data type */ -#undef HAVE_UINTXX_T - -/* Define to 1 if you have the header file. */ -#undef HAVE_UNISTD_H - -/* Define to 1 if you have the `unsetenv' function. */ -#undef HAVE_UNSETENV - -/* Define to 1 if the system has the type `unsigned long long'. */ -#undef HAVE_UNSIGNED_LONG_LONG - -/* Define to 1 if you have the `updwtmp' function. */ -#undef HAVE_UPDWTMP - -/* Define to 1 if you have the `updwtmpx' function. */ -#undef HAVE_UPDWTMPX - -/* Define to 1 if you have the header file. */ -#undef HAVE_USERSEC_H - -/* Define to 1 if you have the `user_from_uid' function. */ -#undef HAVE_USER_FROM_UID - -/* Define to 1 if you have the `usleep' function. */ -#undef HAVE_USLEEP - -/* Define to 1 if you have the header file. */ -#undef HAVE_UTIL_H - -/* Define to 1 if you have the `utimes' function. */ -#undef HAVE_UTIMES - -/* Define to 1 if you have the header file. */ -#undef HAVE_UTIME_H - -/* Define to 1 if you have the `utmpname' function. */ -#undef HAVE_UTMPNAME - -/* Define to 1 if you have the `utmpxname' function. */ -#undef HAVE_UTMPXNAME - -/* Define to 1 if you have the header file. */ -#undef HAVE_UTMPX_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_UTMP_H - -/* define if you have u_char data type */ -#undef HAVE_U_CHAR - -/* define if you have u_int data type */ -#undef HAVE_U_INT - -/* define if you have u_int64_t data type */ -#undef HAVE_U_INT64_T - -/* define if you have u_intxx_t data type */ -#undef HAVE_U_INTXX_T - -/* Define to 1 if you have the `vasprintf' function. */ -#undef HAVE_VASPRINTF - -/* Define if va_copy exists */ -#undef HAVE_VA_COPY - -/* Define to 1 if you have the header file. */ -#undef HAVE_VIS_H - -/* Define to 1 if you have the `vsnprintf' function. */ -#undef HAVE_VSNPRINTF - -/* Define to 1 if you have the `waitpid' function. */ -#undef HAVE_WAITPID - -/* Define to 1 if you have the `_getlong' function. */ -#undef HAVE__GETLONG - -/* Define to 1 if you have the `_getpty' function. */ -#undef HAVE__GETPTY - -/* Define to 1 if you have the `_getshort' function. */ -#undef HAVE__GETSHORT - -/* Define if you have struct __res_state _res as an extern */ -#undef HAVE__RES_EXTERN - -/* Define to 1 if you have the `__b64_ntop' function. */ -#undef HAVE___B64_NTOP - -/* Define to 1 if you have the `__b64_pton' function. */ -#undef HAVE___B64_PTON - -/* Define if compiler implements __FUNCTION__ */ -#undef HAVE___FUNCTION__ - -/* Define if libc defines __progname */ -#undef HAVE___PROGNAME - -/* Fields in struct sockaddr_storage */ -#undef HAVE___SS_FAMILY_IN_SS - -/* Define if __va_copy exists */ -#undef HAVE___VA_COPY - -/* Define if compiler implements __func__ */ -#undef HAVE___func__ - -/* Define this if you are using the Heimdal version of Kerberos V5 */ -#undef HEIMDAL - -/* Define if you need to use IP address instead of hostname in $DISPLAY */ -#undef IPADDR_IN_DISPLAY - -/* Detect IPv4 in IPv6 mapped addresses and treat as IPv4 */ -#undef IPV4_IN_IPV6 - -/* Define if your system choked on IP TOS setting */ -#undef IP_TOS_IS_BROKEN - -/* Define if you want Kerberos 5 support */ -#undef KRB5 - -/* Define if pututxline updates lastlog too */ -#undef LASTLOG_WRITE_PUTUTXLINE - -/* Define if you want TCP Wrappers support */ -#undef LIBWRAP - -/* Define to whatever link() returns for "not supported" if it doesn't return - EOPNOTSUPP. */ -#undef LINK_OPNOTSUPP_ERRNO - -/* Adjust Linux out-of-memory killer */ -#undef LINUX_OOM_ADJUST - -/* max value of long long calculated by configure */ -#undef LLONG_MAX - -/* min value of long long calculated by configure */ -#undef LLONG_MIN - -/* Account locked with pw(1) */ -#undef LOCKED_PASSWD_PREFIX - -/* String used in /etc/passwd to denote locked account */ -#undef LOCKED_PASSWD_STRING - -/* String used in /etc/passwd to denote locked account */ -#undef LOCKED_PASSWD_SUBSTR - -/* Some versions of /bin/login need the TERM supplied on the commandline */ -#undef LOGIN_NEEDS_TERM - -/* Some systems need a utmpx entry for /bin/login to work */ -#undef LOGIN_NEEDS_UTMPX - -/* Define if your login program cannot handle end of options ("--") */ -#undef LOGIN_NO_ENDOPT - -/* If your header files don't define LOGIN_PROGRAM, then use this (detected) - from environment and PATH */ -#undef LOGIN_PROGRAM_FALLBACK - -/* Set this to your mail directory if you do not have _PATH_MAILDIR */ -#undef MAIL_DIRECTORY - -/* Need setpgrp to acquire controlling tty */ -#undef NEED_SETPGRP - -/* compiler does not accept __attribute__ on return types */ -#undef NO_ATTRIBUTE_ON_RETURN_TYPE - -/* Define if the concept of ports only accessible to superusers isn't known */ -#undef NO_IPPORT_RESERVED_CONCEPT - -/* Define if you don't want to use lastlog in session.c */ -#undef NO_SSH_LASTLOG - -/* Define if X11 doesn't support AF_UNIX sockets on that system */ -#undef NO_X11_UNIX_SOCKETS - -/* Define if EVP_DigestUpdate returns void */ -#undef OPENSSL_EVP_DIGESTUPDATE_VOID - -/* OpenSSL has ECC */ -#undef OPENSSL_HAS_ECC - -/* libcrypto has NID_X9_62_prime256v1 */ -#undef OPENSSL_HAS_NISTP256 - -/* libcrypto has NID_secp384r1 */ -#undef OPENSSL_HAS_NISTP384 - -/* libcrypto has NID_secp521r1 */ -#undef OPENSSL_HAS_NISTP521 - -/* libcrypto has EVP AES CTR */ -#undef OPENSSL_HAVE_EVPCTR - -/* libcrypto has EVP AES GCM */ -#undef OPENSSL_HAVE_EVPGCM - -/* libcrypto is missing AES 192 and 256 bit functions */ -#undef OPENSSL_LOBOTOMISED_AES - -/* Define if you want the OpenSSL internally seeded PRNG only */ -#undef OPENSSL_PRNG_ONLY - -/* Define to the address where bug reports for this package should be sent. */ -#undef PACKAGE_BUGREPORT - -/* Define to the full name of this package. */ -#undef PACKAGE_NAME - -/* Define to the full name and version of this package. */ -#undef PACKAGE_STRING - -/* Define to the one symbol short name of this package. */ -#undef PACKAGE_TARNAME - -/* Define to the home page for this package. */ -#undef PACKAGE_URL - -/* Define to the version of this package. */ -#undef PACKAGE_VERSION - -/* Define if you are using Solaris-derived PAM which passes pam_messages to - the conversation function with an extra level of indirection */ -#undef PAM_SUN_CODEBASE - -/* Work around problematic Linux PAM modules handling of PAM_TTY */ -#undef PAM_TTY_KLUDGE - -/* must supply username to passwd */ -#undef PASSWD_NEEDS_USERNAME - -/* System dirs owned by bin (uid 2) */ -#undef PLATFORM_SYS_DIR_UID - -/* Port number of PRNGD/EGD random number socket */ -#undef PRNGD_PORT - -/* Location of PRNGD/EGD random number socket */ -#undef PRNGD_SOCKET - -/* read(1) can return 0 for a non-closed fd */ -#undef PTY_ZEROREAD - -/* Sandbox using capsicum */ -#undef SANDBOX_CAPSICUM - -/* Sandbox using Darwin sandbox_init(3) */ -#undef SANDBOX_DARWIN - -/* no privsep sandboxing */ -#undef SANDBOX_NULL - -/* Sandbox using setrlimit(2) */ -#undef SANDBOX_RLIMIT - -/* Sandbox using seccomp filter */ -#undef SANDBOX_SECCOMP_FILTER - -/* setrlimit RLIMIT_FSIZE works */ -#undef SANDBOX_SKIP_RLIMIT_FSIZE - -/* define if setrlimit RLIMIT_NOFILE breaks things */ -#undef SANDBOX_SKIP_RLIMIT_NOFILE - -/* Sandbox using systrace(4) */ -#undef SANDBOX_SYSTRACE - -/* Specify the system call convention in use */ -#undef SECCOMP_AUDIT_ARCH - -/* Define if your platform breaks doing a seteuid before a setuid */ -#undef SETEUID_BREAKS_SETUID - -/* The size of `int', as computed by sizeof. */ -#undef SIZEOF_INT - -/* The size of `long int', as computed by sizeof. */ -#undef SIZEOF_LONG_INT - -/* The size of `long long int', as computed by sizeof. */ -#undef SIZEOF_LONG_LONG_INT - -/* The size of `short int', as computed by sizeof. */ -#undef SIZEOF_SHORT_INT - -/* Define if you want S/Key support */ -#undef SKEY - -/* Define if your skeychallenge() function takes 4 arguments (NetBSD) */ -#undef SKEYCHALLENGE_4ARG - -/* Define as const if snprintf() can declare const char *fmt */ -#undef SNPRINTF_CONST - -/* Define to a Set Process Title type if your system is supported by - bsd-setproctitle.c */ -#undef SPT_TYPE - -/* Define if sshd somehow reacquires a controlling TTY after setsid() */ -#undef SSHD_ACQUIRES_CTTY - -/* Define if pam_chauthtok wants real uid set to the unpriv'ed user */ -#undef SSHPAM_CHAUTHTOK_NEEDS_RUID - -/* Use audit debugging module */ -#undef SSH_AUDIT_EVENTS - -/* Windows is sensitive to read buffer size */ -#undef SSH_IOBUFSZ - -/* non-privileged user for privilege separation */ -#undef SSH_PRIVSEP_USER - -/* Use tunnel device compatibility to OpenBSD */ -#undef SSH_TUN_COMPAT_AF - -/* Open tunnel devices the FreeBSD way */ -#undef SSH_TUN_FREEBSD - -/* Open tunnel devices the Linux tun/tap way */ -#undef SSH_TUN_LINUX - -/* No layer 2 tunnel support */ -#undef SSH_TUN_NO_L2 - -/* Open tunnel devices the OpenBSD way */ -#undef SSH_TUN_OPENBSD - -/* Prepend the address family to IP tunnel traffic */ -#undef SSH_TUN_PREPEND_AF - -/* Define to 1 if you have the ANSI C header files. */ -#undef STDC_HEADERS - -/* Define if you want a different $PATH for the superuser */ -#undef SUPERUSER_PATH - -/* syslog_r function is safe to use in in a signal handler */ -#undef SYSLOG_R_SAFE_IN_SIGHAND - -/* Support passwords > 8 chars */ -#undef UNIXWARE_LONG_PASSWORDS - -/* Specify default $PATH */ -#undef USER_PATH - -/* Define this if you want to use libkafs' AFS support */ -#undef USE_AFS - -/* Use BSM audit module */ -#undef USE_BSM_AUDIT - -/* Use btmp to log bad logins */ -#undef USE_BTMP - -/* Use libedit for sftp */ -#undef USE_LIBEDIT - -/* Use Linux audit module */ -#undef USE_LINUX_AUDIT - -/* Enable OpenSSL engine support */ -#undef USE_OPENSSL_ENGINE - -/* Define if you want to enable PAM support */ -#undef USE_PAM - -/* Use PIPES instead of a socketpair() */ -#undef USE_PIPES - -/* Define if you have Solaris process contracts */ -#undef USE_SOLARIS_PROCESS_CONTRACTS - -/* Define if you have Solaris projects */ -#undef USE_SOLARIS_PROJECTS - -/* Define if you shouldn't strip 'tty' from your ttyname in [uw]tmp */ -#undef WITH_ABBREV_NO_TTY - -/* Define if you want to enable AIX4's authenticate function */ -#undef WITH_AIXAUTHENTICATE - -/* Define if you have/want arrays (cluster-wide session managment, not C - arrays) */ -#undef WITH_IRIX_ARRAY - -/* Define if you want IRIX audit trails */ -#undef WITH_IRIX_AUDIT - -/* Define if you want IRIX kernel jobs */ -#undef WITH_IRIX_JOBS - -/* Define if you want IRIX project management */ -#undef WITH_IRIX_PROJECT - -/* use libcrypto for cryptography */ -#undef WITH_OPENSSL - -/* Define if you want SELinux support. */ -#undef WITH_SELINUX - -/* include SSH protocol version 1 support */ -#undef WITH_SSH1 - -/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most - significant byte first (like Motorola and SPARC, unlike Intel). */ -#if defined AC_APPLE_UNIVERSAL_BUILD -# if defined __BIG_ENDIAN__ -# define WORDS_BIGENDIAN 1 -# endif -#else -# ifndef WORDS_BIGENDIAN -# undef WORDS_BIGENDIAN -# endif -#endif - -/* Define if xauth is found in your path */ -#undef XAUTH_PATH - -/* Enable large inode numbers on Mac OS X 10.5. */ -#ifndef _DARWIN_USE_64_BIT_INODE -# define _DARWIN_USE_64_BIT_INODE 1 -#endif - -/* Number of bits in a file offset, on hosts where this is settable. */ -#undef _FILE_OFFSET_BITS - -/* Define for large files, on AIX-style hosts. */ -#undef _LARGE_FILES - -/* log for bad login attempts */ -#undef _PATH_BTMP - -/* Full path of your "passwd" program */ -#undef _PATH_PASSWD_PROG - -/* Specify location of ssh.pid */ -#undef _PATH_SSH_PIDDIR - -/* Define if we don't have struct __res_state in resolv.h */ -#undef __res_state - -/* Define to `__inline__' or `__inline' if that's what the C compiler - calls it, or to nothing if 'inline' is not supported under any name. */ -#ifndef __cplusplus -#undef inline -#endif - -/* type to use in place of socklen_t if not defined */ -#undef socklen_t diff --git a/crypto/openssh/configure b/crypto/openssh/configure deleted file mode 100755 index bb2fb9b3575..00000000000 --- a/crypto/openssh/configure +++ /dev/null @@ -1,20111 +0,0 @@ -#! /bin/sh -# From configure.ac Revision: 1.583 . -# Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for OpenSSH Portable. -# -# Report bugs to . -# -# -# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. -# -# -# This configure script is free software; the Free Software Foundation -# gives unlimited permission to copy, distribute and modify it. -## -------------------- ## -## M4sh Initialization. ## -## -------------------- ## - -# Be more Bourne compatible -DUALCASE=1; export DUALCASE # for MKS sh -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : - emulate sh - NULLCMD=: - # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' - setopt NO_GLOB_SUBST -else - case `(set -o) 2>/dev/null` in #( - *posix*) : - set -o posix ;; #( - *) : - ;; -esac -fi - - -as_nl=' -' -export as_nl -# Printing a long string crashes Solaris 7 /usr/bin/printf. -as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' -as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo -as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo -# Prefer a ksh shell builtin over an external printf program on Solaris, -# but without wasting forks for bash or zsh. -if test -z "$BASH_VERSION$ZSH_VERSION" \ - && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then - as_echo='print -r --' - as_echo_n='print -rn --' -elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then - as_echo='printf %s\n' - as_echo_n='printf %s' -else - if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then - as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' - as_echo_n='/usr/ucb/echo -n' - else - as_echo_body='eval expr "X$1" : "X\\(.*\\)"' - as_echo_n_body='eval - arg=$1; - case $arg in #( - *"$as_nl"*) - expr "X$arg" : "X\\(.*\\)$as_nl"; - arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; - esac; - expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" - ' - export as_echo_n_body - as_echo_n='sh -c $as_echo_n_body as_echo' - fi - export as_echo_body - as_echo='sh -c $as_echo_body as_echo' -fi - -# The user is always right. -if test "${PATH_SEPARATOR+set}" != set; then - PATH_SEPARATOR=: - (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { - (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || - PATH_SEPARATOR=';' - } -fi - - -# IFS -# We need space, tab and new line, in precisely that order. Quoting is -# there to prevent editors from complaining about space-tab. -# (If _AS_PATH_WALK were called with IFS unset, it would disable word -# splitting by setting IFS to empty value.) -IFS=" "" $as_nl" - -# Find who we are. Look in the path if we contain no directory separator. -as_myself= -case $0 in #(( - *[\\/]* ) as_myself=$0 ;; - *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break - done -IFS=$as_save_IFS - - ;; -esac -# We did not find ourselves, most probably we were run as `sh COMMAND' -# in which case we are not to be found in the path. -if test "x$as_myself" = x; then - as_myself=$0 -fi -if test ! -f "$as_myself"; then - $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 - exit 1 -fi - -# Unset variables that we do not need and which cause bugs (e.g. in -# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" -# suppresses any "Segmentation fault" message there. '((' could -# trigger a bug in pdksh 5.2.14. -for as_var in BASH_ENV ENV MAIL MAILPATH -do eval test x\${$as_var+set} = xset \ - && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : -done -PS1='$ ' -PS2='> ' -PS4='+ ' - -# NLS nuisances. -LC_ALL=C -export LC_ALL -LANGUAGE=C -export LANGUAGE - -# CDPATH. -(unset CDPATH) >/dev/null 2>&1 && unset CDPATH - -# Use a proper internal environment variable to ensure we don't fall - # into an infinite loop, continuously re-executing ourselves. - if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then - _as_can_reexec=no; export _as_can_reexec; - # We cannot yet assume a decent shell, so we have to provide a -# neutralization value for shells without unset; and this also -# works around shells that cannot unset nonexistent variables. -# Preserve -v and -x to the replacement shell. -BASH_ENV=/dev/null -ENV=/dev/null -(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV -case $- in # (((( - *v*x* | *x*v* ) as_opts=-vx ;; - *v* ) as_opts=-v ;; - *x* ) as_opts=-x ;; - * ) as_opts= ;; -esac -exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} -# Admittedly, this is quite paranoid, since all the known shells bail -# out after a failed `exec'. -$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 -as_fn_exit 255 - fi - # We don't want this to propagate to other subprocesses. - { _as_can_reexec=; unset _as_can_reexec;} -if test "x$CONFIG_SHELL" = x; then - as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : - emulate sh - NULLCMD=: - # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which - # is contrary to our usage. Disable this feature. - alias -g '\${1+\"\$@\"}'='\"\$@\"' - setopt NO_GLOB_SUBST -else - case \`(set -o) 2>/dev/null\` in #( - *posix*) : - set -o posix ;; #( - *) : - ;; -esac -fi -" - as_required="as_fn_return () { (exit \$1); } -as_fn_success () { as_fn_return 0; } -as_fn_failure () { as_fn_return 1; } -as_fn_ret_success () { return 0; } -as_fn_ret_failure () { return 1; } - -exitcode=0 -as_fn_success || { exitcode=1; echo as_fn_success failed.; } -as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } -as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } -as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } -if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : - -else - exitcode=1; echo positional parameters were not saved. -fi -test x\$exitcode = x0 || exit 1 -test -x / || exit 1" - as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO - as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO - eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && - test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1 -test \$(( 1 + 1 )) = 2 || exit 1" - if (eval "$as_required") 2>/dev/null; then : - as_have_required=yes -else - as_have_required=no -fi - if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then : - -else - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -as_found=false -for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - as_found=: - case $as_dir in #( - /*) - for as_base in sh bash ksh sh5; do - # Try only shells that exist, to save several forks. - as_shell=$as_dir/$as_base - if { test -f "$as_shell" || test -f "$as_shell.exe"; } && - { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then : - CONFIG_SHELL=$as_shell as_have_required=yes - if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then : - break 2 -fi -fi - done;; - esac - as_found=false -done -$as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } && - { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then : - CONFIG_SHELL=$SHELL as_have_required=yes -fi; } -IFS=$as_save_IFS - - - if test "x$CONFIG_SHELL" != x; then : - export CONFIG_SHELL - # We cannot yet assume a decent shell, so we have to provide a -# neutralization value for shells without unset; and this also -# works around shells that cannot unset nonexistent variables. -# Preserve -v and -x to the replacement shell. -BASH_ENV=/dev/null -ENV=/dev/null -(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV -case $- in # (((( - *v*x* | *x*v* ) as_opts=-vx ;; - *v* ) as_opts=-v ;; - *x* ) as_opts=-x ;; - * ) as_opts= ;; -esac -exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} -# Admittedly, this is quite paranoid, since all the known shells bail -# out after a failed `exec'. -$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 -exit 255 -fi - - if test x$as_have_required = xno; then : - $as_echo "$0: This script requires a shell more modern than all" - $as_echo "$0: the shells that I found on your system." - if test x${ZSH_VERSION+set} = xset ; then - $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should" - $as_echo "$0: be upgraded to zsh 4.3.4 or later." - else - $as_echo "$0: Please tell bug-autoconf@gnu.org and -$0: openssh-unix-dev@mindrot.org about your system, -$0: including any error possibly output before this -$0: message. Then install a modern shell, or manually run -$0: the script under such a shell if you do have one." - fi - exit 1 -fi -fi -fi -SHELL=${CONFIG_SHELL-/bin/sh} -export SHELL -# Unset more variables known to interfere with behavior of common tools. -CLICOLOR_FORCE= GREP_OPTIONS= -unset CLICOLOR_FORCE GREP_OPTIONS - -## --------------------- ## -## M4sh Shell Functions. ## -## --------------------- ## -# as_fn_unset VAR -# --------------- -# Portably unset VAR. -as_fn_unset () -{ - { eval $1=; unset $1;} -} -as_unset=as_fn_unset - -# as_fn_set_status STATUS -# ----------------------- -# Set $? to STATUS, without forking. -as_fn_set_status () -{ - return $1 -} # as_fn_set_status - -# as_fn_exit STATUS -# ----------------- -# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. -as_fn_exit () -{ - set +e - as_fn_set_status $1 - exit $1 -} # as_fn_exit - -# as_fn_mkdir_p -# ------------- -# Create "$as_dir" as a directory, including parents if necessary. -as_fn_mkdir_p () -{ - - case $as_dir in #( - -*) as_dir=./$as_dir;; - esac - test -d "$as_dir" || eval $as_mkdir_p || { - as_dirs= - while :; do - case $as_dir in #( - *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( - *) as_qdir=$as_dir;; - esac - as_dirs="'$as_qdir' $as_dirs" - as_dir=`$as_dirname -- "$as_dir" || -$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$as_dir" : 'X\(//\)[^/]' \| \ - X"$as_dir" : 'X\(//\)$' \| \ - X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X"$as_dir" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - test -d "$as_dir" && break - done - test -z "$as_dirs" || eval "mkdir $as_dirs" - } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" - - -} # as_fn_mkdir_p - -# as_fn_executable_p FILE -# ----------------------- -# Test if FILE is an executable regular file. -as_fn_executable_p () -{ - test -f "$1" && test -x "$1" -} # as_fn_executable_p -# as_fn_append VAR VALUE -# ---------------------- -# Append the text in VALUE to the end of the definition contained in VAR. Take -# advantage of any shell optimizations that allow amortized linear growth over -# repeated appends, instead of the typical quadratic growth present in naive -# implementations. -if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : - eval 'as_fn_append () - { - eval $1+=\$2 - }' -else - as_fn_append () - { - eval $1=\$$1\$2 - } -fi # as_fn_append - -# as_fn_arith ARG... -# ------------------ -# Perform arithmetic evaluation on the ARGs, and store the result in the -# global $as_val. Take advantage of shells that can avoid forks. The arguments -# must be portable across $(()) and expr. -if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : - eval 'as_fn_arith () - { - as_val=$(( $* )) - }' -else - as_fn_arith () - { - as_val=`expr "$@" || test $? -eq 1` - } -fi # as_fn_arith - - -# as_fn_error STATUS ERROR [LINENO LOG_FD] -# ---------------------------------------- -# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are -# provided, also output the error to LOG_FD, referencing LINENO. Then exit the -# script with STATUS, using 1 if that was 0. -as_fn_error () -{ - as_status=$1; test $as_status -eq 0 && as_status=1 - if test "$4"; then - as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 - fi - $as_echo "$as_me: error: $2" >&2 - as_fn_exit $as_status -} # as_fn_error - -if expr a : '\(a\)' >/dev/null 2>&1 && - test "X`expr 00001 : '.*\(...\)'`" = X001; then - as_expr=expr -else - as_expr=false -fi - -if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then - as_basename=basename -else - as_basename=false -fi - -if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then - as_dirname=dirname -else - as_dirname=false -fi - -as_me=`$as_basename -- "$0" || -$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ - X"$0" : 'X\(//\)$' \| \ - X"$0" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X/"$0" | - sed '/^.*\/\([^/][^/]*\)\/*$/{ - s//\1/ - q - } - /^X\/\(\/\/\)$/{ - s//\1/ - q - } - /^X\/\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - -# Avoid depending upon Character Ranges. -as_cr_letters='abcdefghijklmnopqrstuvwxyz' -as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' -as_cr_Letters=$as_cr_letters$as_cr_LETTERS -as_cr_digits='0123456789' -as_cr_alnum=$as_cr_Letters$as_cr_digits - - - as_lineno_1=$LINENO as_lineno_1a=$LINENO - as_lineno_2=$LINENO as_lineno_2a=$LINENO - eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && - test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { - # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) - sed -n ' - p - /[$]LINENO/= - ' <$as_myself | - sed ' - s/[$]LINENO.*/&-/ - t lineno - b - :lineno - N - :loop - s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ - t loop - s/-\n.*// - ' >$as_me.lineno && - chmod +x "$as_me.lineno" || - { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } - - # If we had to re-execute with $CONFIG_SHELL, we're ensured to have - # already done that, so ensure we don't try to do so again and fall - # in an infinite loop. This has already happened in practice. - _as_can_reexec=no; export _as_can_reexec - # Don't try to exec as it changes $[0], causing all sort of problems - # (the dirname of $[0] is not the place where we might find the - # original and so on. Autoconf is especially sensitive to this). - . "./$as_me.lineno" - # Exit status is that of the last command. - exit -} - -ECHO_C= ECHO_N= ECHO_T= -case `echo -n x` in #((((( --n*) - case `echo 'xy\c'` in - *c*) ECHO_T=' ';; # ECHO_T is single tab character. - xy) ECHO_C='\c';; - *) echo `echo ksh88 bug on AIX 6.1` > /dev/null - ECHO_T=' ';; - esac;; -*) - ECHO_N='-n';; -esac - -rm -f conf$$ conf$$.exe conf$$.file -if test -d conf$$.dir; then - rm -f conf$$.dir/conf$$.file -else - rm -f conf$$.dir - mkdir conf$$.dir 2>/dev/null -fi -if (echo >conf$$.file) 2>/dev/null; then - if ln -s conf$$.file conf$$ 2>/dev/null; then - as_ln_s='ln -s' - # ... but there are two gotchas: - # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. - # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -pR'. - ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -pR' - elif ln conf$$.file conf$$ 2>/dev/null; then - as_ln_s=ln - else - as_ln_s='cp -pR' - fi -else - as_ln_s='cp -pR' -fi -rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file -rmdir conf$$.dir 2>/dev/null - -if mkdir -p . 2>/dev/null; then - as_mkdir_p='mkdir -p "$as_dir"' -else - test -d ./-p && rmdir ./-p - as_mkdir_p=false -fi - -as_test_x='test -x' -as_executable_p=as_fn_executable_p - -# Sed expression to map a string onto a valid CPP name. -as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" - -# Sed expression to map a string onto a valid variable name. -as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" - - -test -n "$DJDIR" || exec 7<&0 &1 - -# Name of the host. -# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, -# so uname gets run too. -ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` - -# -# Initializations. -# -ac_default_prefix=/usr/local -ac_clean_files= -ac_config_libobj_dir=. -LIBOBJS= -cross_compiling=no -subdirs= -MFLAGS= -MAKEFLAGS= - -# Identity of this package. -PACKAGE_NAME='OpenSSH' -PACKAGE_TARNAME='openssh' -PACKAGE_VERSION='Portable' -PACKAGE_STRING='OpenSSH Portable' -PACKAGE_BUGREPORT='openssh-unix-dev@mindrot.org' -PACKAGE_URL='' - -ac_unique_file="ssh.c" -# Factoring default headers for most tests. -ac_includes_default="\ -#include -#ifdef HAVE_SYS_TYPES_H -# include -#endif -#ifdef HAVE_SYS_STAT_H -# include -#endif -#ifdef STDC_HEADERS -# include -# include -#else -# ifdef HAVE_STDLIB_H -# include -# endif -#endif -#ifdef HAVE_STRING_H -# if !defined STDC_HEADERS && defined HAVE_MEMORY_H -# include -# endif -# include -#endif -#ifdef HAVE_STRINGS_H -# include -#endif -#ifdef HAVE_INTTYPES_H -# include -#endif -#ifdef HAVE_STDINT_H -# include -#endif -#ifdef HAVE_UNISTD_H -# include -#endif" - -ac_subst_vars='LTLIBOBJS -LIBOBJS -UNSUPPORTED_ALGORITHMS -TEST_MALLOC_OPTIONS -TEST_SSH_IPV6 -piddir -user_path -mansubdir -MANTYPE -XAUTH_PATH -STRIP_OPT -xauth_path -PRIVSEP_PATH -K5LIBS -GSSLIBS -KRB5CONF -SSHDLIBS -SSHLIBS -SSH_PRIVSEP_USER -COMMENT_OUT_ECC -TEST_SSH_ECC -LIBEDIT -PKGCONFIG -LD -PATH_PASSWD_PROG -LOGIN_PROGRAM_FALLBACK -STARTUP_SCRIPT_SHELL -MAKE_PACKAGE_SUPPORTED -PATH_USERADD_PROG -PATH_GROUPADD_PROG -MANFMT -TEST_SHELL -MANDOC -NROFF -GROFF -SH -TEST_MINUS_S_SH -ENT -SED -PERL -KILL -CAT -ac_ct_AR -AR -INSTALL_DATA -INSTALL_SCRIPT -INSTALL_PROGRAM -RANLIB -AWK -EGREP -GREP -CPP -host_os -host_vendor -host_cpu -host -build_os -build_vendor -build_cpu -build -OBJEXT -EXEEXT -ac_ct_CC -CPPFLAGS -LDFLAGS -CFLAGS -CC -target_alias -host_alias -build_alias -LIBS -ECHO_T -ECHO_N -ECHO_C -DEFS -mandir -localedir -libdir -psdir -pdfdir -dvidir -htmldir -infodir -docdir -oldincludedir -includedir -localstatedir -sharedstatedir -sysconfdir -datadir -datarootdir -libexecdir -sbindir -bindir -program_transform_name -prefix -exec_prefix -PACKAGE_URL -PACKAGE_BUGREPORT -PACKAGE_STRING -PACKAGE_VERSION -PACKAGE_TARNAME -PACKAGE_NAME -PATH_SEPARATOR -SHELL' -ac_subst_files='' -ac_user_opts=' -enable_option_checking -enable_largefile -with_openssl -with_ssh1 -with_stackprotect -with_hardening -with_rpath -with_cflags -with_cppflags -with_ldflags -with_libs -with_Werror -with_solaris_contracts -with_solaris_projects -with_osfsia -with_zlib -with_zlib_version_check -with_skey -with_tcp_wrappers -with_ldns -with_libedit -with_audit -with_pie -with_ssl_dir -with_openssl_header_check -with_ssl_engine -with_prngd_port -with_prngd_socket -with_pam -with_privsep_user -with_sandbox -with_selinux -with_kerberos5 -with_privsep_path -with_xauth -enable_strip -with_maildir -with_mantype -with_md5_passwords -with_shadow -with_ipaddr_display -enable_etc_default_login -with_default_path -with_superuser_path -with_4in6 -with_bsd_auth -with_pid_dir -enable_lastlog -enable_utmp -enable_utmpx -enable_wtmp -enable_wtmpx -enable_libutil -enable_pututline -enable_pututxline -with_lastlog -' - ac_precious_vars='build_alias -host_alias -target_alias -CC -CFLAGS -LDFLAGS -LIBS -CPPFLAGS -CPP' - - -# Initialize some variables set by options. -ac_init_help= -ac_init_version=false -ac_unrecognized_opts= -ac_unrecognized_sep= -# The variables have the same names as the options, with -# dashes changed to underlines. -cache_file=/dev/null -exec_prefix=NONE -no_create= -no_recursion= -prefix=NONE -program_prefix=NONE -program_suffix=NONE -program_transform_name=s,x,x, -silent= -site= -srcdir= -verbose= -x_includes=NONE -x_libraries=NONE - -# Installation directory options. -# These are left unexpanded so users can "make install exec_prefix=/foo" -# and all the variables that are supposed to be based on exec_prefix -# by default will actually change. -# Use braces instead of parens because sh, perl, etc. also accept them. -# (The list follows the same order as the GNU Coding Standards.) -bindir='${exec_prefix}/bin' -sbindir='${exec_prefix}/sbin' -libexecdir='${exec_prefix}/libexec' -datarootdir='${prefix}/share' -datadir='${datarootdir}' -sysconfdir='${prefix}/etc' -sharedstatedir='${prefix}/com' -localstatedir='${prefix}/var' -includedir='${prefix}/include' -oldincludedir='/usr/include' -docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' -infodir='${datarootdir}/info' -htmldir='${docdir}' -dvidir='${docdir}' -pdfdir='${docdir}' -psdir='${docdir}' -libdir='${exec_prefix}/lib' -localedir='${datarootdir}/locale' -mandir='${datarootdir}/man' - -ac_prev= -ac_dashdash= -for ac_option -do - # If the previous option needs an argument, assign it. - if test -n "$ac_prev"; then - eval $ac_prev=\$ac_option - ac_prev= - continue - fi - - case $ac_option in - *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; - *=) ac_optarg= ;; - *) ac_optarg=yes ;; - esac - - # Accept the important Cygnus configure options, so we can diagnose typos. - - case $ac_dashdash$ac_option in - --) - ac_dashdash=yes ;; - - -bindir | --bindir | --bindi | --bind | --bin | --bi) - ac_prev=bindir ;; - -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) - bindir=$ac_optarg ;; - - -build | --build | --buil | --bui | --bu) - ac_prev=build_alias ;; - -build=* | --build=* | --buil=* | --bui=* | --bu=*) - build_alias=$ac_optarg ;; - - -cache-file | --cache-file | --cache-fil | --cache-fi \ - | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) - ac_prev=cache_file ;; - -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ - | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) - cache_file=$ac_optarg ;; - - --config-cache | -C) - cache_file=config.cache ;; - - -datadir | --datadir | --datadi | --datad) - ac_prev=datadir ;; - -datadir=* | --datadir=* | --datadi=* | --datad=*) - datadir=$ac_optarg ;; - - -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \ - | --dataroo | --dataro | --datar) - ac_prev=datarootdir ;; - -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \ - | --dataroot=* | --dataroo=* | --dataro=* | --datar=*) - datarootdir=$ac_optarg ;; - - -disable-* | --disable-*) - ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` - # Reject names that are not valid shell variable names. - expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error $? "invalid feature name: $ac_useropt" - ac_useropt_orig=$ac_useropt - ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` - case $ac_user_opts in - *" -"enable_$ac_useropt" -"*) ;; - *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig" - ac_unrecognized_sep=', ';; - esac - eval enable_$ac_useropt=no ;; - - -docdir | --docdir | --docdi | --doc | --do) - ac_prev=docdir ;; - -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*) - docdir=$ac_optarg ;; - - -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv) - ac_prev=dvidir ;; - -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*) - dvidir=$ac_optarg ;; - - -enable-* | --enable-*) - ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` - # Reject names that are not valid shell variable names. - expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error $? "invalid feature name: $ac_useropt" - ac_useropt_orig=$ac_useropt - ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` - case $ac_user_opts in - *" -"enable_$ac_useropt" -"*) ;; - *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig" - ac_unrecognized_sep=', ';; - esac - eval enable_$ac_useropt=\$ac_optarg ;; - - -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ - | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ - | --exec | --exe | --ex) - ac_prev=exec_prefix ;; - -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ - | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ - | --exec=* | --exe=* | --ex=*) - exec_prefix=$ac_optarg ;; - - -gas | --gas | --ga | --g) - # Obsolete; use --with-gas. - with_gas=yes ;; - - -help | --help | --hel | --he | -h) - ac_init_help=long ;; - -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) - ac_init_help=recursive ;; - -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) - ac_init_help=short ;; - - -host | --host | --hos | --ho) - ac_prev=host_alias ;; - -host=* | --host=* | --hos=* | --ho=*) - host_alias=$ac_optarg ;; - - -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht) - ac_prev=htmldir ;; - -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \ - | --ht=*) - htmldir=$ac_optarg ;; - - -includedir | --includedir | --includedi | --included | --include \ - | --includ | --inclu | --incl | --inc) - ac_prev=includedir ;; - -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ - | --includ=* | --inclu=* | --incl=* | --inc=*) - includedir=$ac_optarg ;; - - -infodir | --infodir | --infodi | --infod | --info | --inf) - ac_prev=infodir ;; - -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) - infodir=$ac_optarg ;; - - -libdir | --libdir | --libdi | --libd) - ac_prev=libdir ;; - -libdir=* | --libdir=* | --libdi=* | --libd=*) - libdir=$ac_optarg ;; - - -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ - | --libexe | --libex | --libe) - ac_prev=libexecdir ;; - -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ - | --libexe=* | --libex=* | --libe=*) - libexecdir=$ac_optarg ;; - - -localedir | --localedir | --localedi | --localed | --locale) - ac_prev=localedir ;; - -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*) - localedir=$ac_optarg ;; - - -localstatedir | --localstatedir | --localstatedi | --localstated \ - | --localstate | --localstat | --localsta | --localst | --locals) - ac_prev=localstatedir ;; - -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ - | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*) - localstatedir=$ac_optarg ;; - - -mandir | --mandir | --mandi | --mand | --man | --ma | --m) - ac_prev=mandir ;; - -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) - mandir=$ac_optarg ;; - - -nfp | --nfp | --nf) - # Obsolete; use --without-fp. - with_fp=no ;; - - -no-create | --no-create | --no-creat | --no-crea | --no-cre \ - | --no-cr | --no-c | -n) - no_create=yes ;; - - -no-recursion | --no-recursion | --no-recursio | --no-recursi \ - | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) - no_recursion=yes ;; - - -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ - | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ - | --oldin | --oldi | --old | --ol | --o) - ac_prev=oldincludedir ;; - -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ - | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ - | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) - oldincludedir=$ac_optarg ;; - - -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) - ac_prev=prefix ;; - -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) - prefix=$ac_optarg ;; - - -program-prefix | --program-prefix | --program-prefi | --program-pref \ - | --program-pre | --program-pr | --program-p) - ac_prev=program_prefix ;; - -program-prefix=* | --program-prefix=* | --program-prefi=* \ - | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) - program_prefix=$ac_optarg ;; - - -program-suffix | --program-suffix | --program-suffi | --program-suff \ - | --program-suf | --program-su | --program-s) - ac_prev=program_suffix ;; - -program-suffix=* | --program-suffix=* | --program-suffi=* \ - | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) - program_suffix=$ac_optarg ;; - - -program-transform-name | --program-transform-name \ - | --program-transform-nam | --program-transform-na \ - | --program-transform-n | --program-transform- \ - | --program-transform | --program-transfor \ - | --program-transfo | --program-transf \ - | --program-trans | --program-tran \ - | --progr-tra | --program-tr | --program-t) - ac_prev=program_transform_name ;; - -program-transform-name=* | --program-transform-name=* \ - | --program-transform-nam=* | --program-transform-na=* \ - | --program-transform-n=* | --program-transform-=* \ - | --program-transform=* | --program-transfor=* \ - | --program-transfo=* | --program-transf=* \ - | --program-trans=* | --program-tran=* \ - | --progr-tra=* | --program-tr=* | --program-t=*) - program_transform_name=$ac_optarg ;; - - -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd) - ac_prev=pdfdir ;; - -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*) - pdfdir=$ac_optarg ;; - - -psdir | --psdir | --psdi | --psd | --ps) - ac_prev=psdir ;; - -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*) - psdir=$ac_optarg ;; - - -q | -quiet | --quiet | --quie | --qui | --qu | --q \ - | -silent | --silent | --silen | --sile | --sil) - silent=yes ;; - - -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) - ac_prev=sbindir ;; - -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ - | --sbi=* | --sb=*) - sbindir=$ac_optarg ;; - - -sharedstatedir | --sharedstatedir | --sharedstatedi \ - | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ - | --sharedst | --shareds | --shared | --share | --shar \ - | --sha | --sh) - ac_prev=sharedstatedir ;; - -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ - | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ - | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ - | --sha=* | --sh=*) - sharedstatedir=$ac_optarg ;; - - -site | --site | --sit) - ac_prev=site ;; - -site=* | --site=* | --sit=*) - site=$ac_optarg ;; - - -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) - ac_prev=srcdir ;; - -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) - srcdir=$ac_optarg ;; - - -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ - | --syscon | --sysco | --sysc | --sys | --sy) - ac_prev=sysconfdir ;; - -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ - | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) - sysconfdir=$ac_optarg ;; - - -target | --target | --targe | --targ | --tar | --ta | --t) - ac_prev=target_alias ;; - -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) - target_alias=$ac_optarg ;; - - -v | -verbose | --verbose | --verbos | --verbo | --verb) - verbose=yes ;; - - -version | --version | --versio | --versi | --vers | -V) - ac_init_version=: ;; - - -with-* | --with-*) - ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` - # Reject names that are not valid shell variable names. - expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error $? "invalid package name: $ac_useropt" - ac_useropt_orig=$ac_useropt - ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` - case $ac_user_opts in - *" -"with_$ac_useropt" -"*) ;; - *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig" - ac_unrecognized_sep=', ';; - esac - eval with_$ac_useropt=\$ac_optarg ;; - - -without-* | --without-*) - ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` - # Reject names that are not valid shell variable names. - expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error $? "invalid package name: $ac_useropt" - ac_useropt_orig=$ac_useropt - ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` - case $ac_user_opts in - *" -"with_$ac_useropt" -"*) ;; - *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig" - ac_unrecognized_sep=', ';; - esac - eval with_$ac_useropt=no ;; - - --x) - # Obsolete; use --with-x. - with_x=yes ;; - - -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ - | --x-incl | --x-inc | --x-in | --x-i) - ac_prev=x_includes ;; - -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ - | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) - x_includes=$ac_optarg ;; - - -x-libraries | --x-libraries | --x-librarie | --x-librari \ - | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) - ac_prev=x_libraries ;; - -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ - | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) - x_libraries=$ac_optarg ;; - - -*) as_fn_error $? "unrecognized option: \`$ac_option' -Try \`$0 --help' for more information" - ;; - - *=*) - ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` - # Reject names that are not valid shell variable names. - case $ac_envvar in #( - '' | [0-9]* | *[!_$as_cr_alnum]* ) - as_fn_error $? "invalid variable name: \`$ac_envvar'" ;; - esac - eval $ac_envvar=\$ac_optarg - export $ac_envvar ;; - - *) - # FIXME: should be removed in autoconf 3.0. - $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 - expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && - $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 - : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}" - ;; - - esac -done - -if test -n "$ac_prev"; then - ac_option=--`echo $ac_prev | sed 's/_/-/g'` - as_fn_error $? "missing argument to $ac_option" -fi - -if test -n "$ac_unrecognized_opts"; then - case $enable_option_checking in - no) ;; - fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;; - *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; - esac -fi - -# Check all directory arguments for consistency. -for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ - datadir sysconfdir sharedstatedir localstatedir includedir \ - oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ - libdir localedir mandir -do - eval ac_val=\$$ac_var - # Remove trailing slashes. - case $ac_val in - */ ) - ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'` - eval $ac_var=\$ac_val;; - esac - # Be sure to have absolute directory names. - case $ac_val in - [\\/$]* | ?:[\\/]* ) continue;; - NONE | '' ) case $ac_var in *prefix ) continue;; esac;; - esac - as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val" -done - -# There might be people who depend on the old broken behavior: `$host' -# used to hold the argument of --host etc. -# FIXME: To remove some day. -build=$build_alias -host=$host_alias -target=$target_alias - -# FIXME: To remove some day. -if test "x$host_alias" != x; then - if test "x$build_alias" = x; then - cross_compiling=maybe - elif test "x$build_alias" != "x$host_alias"; then - cross_compiling=yes - fi -fi - -ac_tool_prefix= -test -n "$host_alias" && ac_tool_prefix=$host_alias- - -test "$silent" = yes && exec 6>/dev/null - - -ac_pwd=`pwd` && test -n "$ac_pwd" && -ac_ls_di=`ls -di .` && -ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || - as_fn_error $? "working directory cannot be determined" -test "X$ac_ls_di" = "X$ac_pwd_ls_di" || - as_fn_error $? "pwd does not report name of working directory" - - -# Find the source files, if location was not specified. -if test -z "$srcdir"; then - ac_srcdir_defaulted=yes - # Try the directory containing this script, then the parent directory. - ac_confdir=`$as_dirname -- "$as_myself" || -$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$as_myself" : 'X\(//\)[^/]' \| \ - X"$as_myself" : 'X\(//\)$' \| \ - X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X"$as_myself" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - srcdir=$ac_confdir - if test ! -r "$srcdir/$ac_unique_file"; then - srcdir=.. - fi -else - ac_srcdir_defaulted=no -fi -if test ! -r "$srcdir/$ac_unique_file"; then - test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." - as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir" -fi -ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" -ac_abs_confdir=`( - cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg" - pwd)` -# When building in place, set srcdir=. -if test "$ac_abs_confdir" = "$ac_pwd"; then - srcdir=. -fi -# Remove unnecessary trailing slashes from srcdir. -# Double slashes in file names in object file debugging info -# mess up M-x gdb in Emacs. -case $srcdir in -*/) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;; -esac -for ac_var in $ac_precious_vars; do - eval ac_env_${ac_var}_set=\${${ac_var}+set} - eval ac_env_${ac_var}_value=\$${ac_var} - eval ac_cv_env_${ac_var}_set=\${${ac_var}+set} - eval ac_cv_env_${ac_var}_value=\$${ac_var} -done - -# -# Report the --help message. -# -if test "$ac_init_help" = "long"; then - # Omit some internal or obsolete options to make the list less imposing. - # This message is too long to be a string in the A/UX 3.1 sh. - cat <<_ACEOF -\`configure' configures OpenSSH Portable to adapt to many kinds of systems. - -Usage: $0 [OPTION]... [VAR=VALUE]... - -To assign environment variables (e.g., CC, CFLAGS...), specify them as -VAR=VALUE. See below for descriptions of some of the useful variables. - -Defaults for the options are specified in brackets. - -Configuration: - -h, --help display this help and exit - --help=short display options specific to this package - --help=recursive display the short help of all the included packages - -V, --version display version information and exit - -q, --quiet, --silent do not print \`checking ...' messages - --cache-file=FILE cache test results in FILE [disabled] - -C, --config-cache alias for \`--cache-file=config.cache' - -n, --no-create do not create output files - --srcdir=DIR find the sources in DIR [configure dir or \`..'] - -Installation directories: - --prefix=PREFIX install architecture-independent files in PREFIX - [$ac_default_prefix] - --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX - [PREFIX] - -By default, \`make install' will install all the files in -\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify -an installation prefix other than \`$ac_default_prefix' using \`--prefix', -for instance \`--prefix=\$HOME'. - -For better control, use the options below. - -Fine tuning of the installation directories: - --bindir=DIR user executables [EPREFIX/bin] - --sbindir=DIR system admin executables [EPREFIX/sbin] - --libexecdir=DIR program executables [EPREFIX/libexec] - --sysconfdir=DIR read-only single-machine data [PREFIX/etc] - --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] - --localstatedir=DIR modifiable single-machine data [PREFIX/var] - --libdir=DIR object code libraries [EPREFIX/lib] - --includedir=DIR C header files [PREFIX/include] - --oldincludedir=DIR C header files for non-gcc [/usr/include] - --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] - --datadir=DIR read-only architecture-independent data [DATAROOTDIR] - --infodir=DIR info documentation [DATAROOTDIR/info] - --localedir=DIR locale-dependent data [DATAROOTDIR/locale] - --mandir=DIR man documentation [DATAROOTDIR/man] - --docdir=DIR documentation root [DATAROOTDIR/doc/openssh] - --htmldir=DIR html documentation [DOCDIR] - --dvidir=DIR dvi documentation [DOCDIR] - --pdfdir=DIR pdf documentation [DOCDIR] - --psdir=DIR ps documentation [DOCDIR] -_ACEOF - - cat <<\_ACEOF - -System types: - --build=BUILD configure for building on BUILD [guessed] - --host=HOST cross-compile to build programs to run on HOST [BUILD] -_ACEOF -fi - -if test -n "$ac_init_help"; then - case $ac_init_help in - short | recursive ) echo "Configuration of OpenSSH Portable:";; - esac - cat <<\_ACEOF - -Optional Features: - --disable-option-checking ignore unrecognized --enable/--with options - --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) - --enable-FEATURE[=ARG] include FEATURE [ARG=yes] - --disable-largefile omit support for large files - --disable-strip Disable calling strip(1) on install - --disable-etc-default-login Disable using PATH from /etc/default/login no - --disable-lastlog disable use of lastlog even if detected no - --disable-utmp disable use of utmp even if detected no - --disable-utmpx disable use of utmpx even if detected no - --disable-wtmp disable use of wtmp even if detected no - --disable-wtmpx disable use of wtmpx even if detected no - --disable-libutil disable use of libutil (login() etc.) no - --disable-pututline disable use of pututline() etc. (uwtmp) no - --disable-pututxline disable use of pututxline() etc. (uwtmpx) no - -Optional Packages: - --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] - --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) - --without-openssl Disable use of OpenSSL; use only limited internal crypto **EXPERIMENTAL** - --without-ssh1 Enable support for SSH protocol 1 - --without-stackprotect Don't use compiler's stack protection - --without-hardening Don't use toolchain hardening flags - --without-rpath Disable auto-added -R linker paths - --with-cflags Specify additional flags to pass to compiler - --with-cppflags Specify additional flags to pass to preprocessor - --with-ldflags Specify additional flags to pass to linker - --with-libs Specify additional libraries to link with - --with-Werror Build main code with -Werror - --with-solaris-contracts Enable Solaris process contracts (experimental) - --with-solaris-projects Enable Solaris projects (experimental) - --with-osfsia Enable Digital Unix SIA - --with-zlib=PATH Use zlib in PATH - --without-zlib-version-check Disable zlib version check - --with-skey[=PATH] Enable S/Key support (optionally in PATH) - --with-tcp-wrappers[=PATH] Enable tcpwrappers support (optionally in PATH) - --with-ldns[=PATH] Use ldns for DNSSEC support (optionally in PATH) - --with-libedit[=PATH] Enable libedit support for sftp - --with-audit=module Enable audit support (modules=debug,bsm,linux) - --with-pie Build Position Independent Executables if possible - --with-ssl-dir=PATH Specify path to OpenSSL installation - --without-openssl-header-check Disable OpenSSL version consistency check - --with-ssl-engine Enable OpenSSL (hardware) ENGINE support - --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT - --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool) - --with-pam Enable PAM support - --with-privsep-user=user Specify non-privileged user for privilege separation - --with-sandbox=style Specify privilege separation sandbox (no, darwin, rlimit, systrace, seccomp_filter, capsicum) - --with-selinux Enable SELinux support - --with-kerberos5=PATH Enable Kerberos 5 support - --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty) - --with-xauth=PATH Specify path to xauth program - --with-maildir=/path/to/mail Specify your system mail directory - --with-mantype=man|cat|doc Set man page type - --with-md5-passwords Enable use of MD5 passwords - --without-shadow Disable shadow password support - --with-ipaddr-display Use ip address instead of hostname in $DISPLAY - --with-default-path= Specify default $PATH environment for server - --with-superuser-path= Specify different path for super-user - --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses - --with-bsd-auth Enable BSD auth support - --with-pid-dir=PATH Specify location of ssh.pid file - --with-lastlog=FILE|DIR specify lastlog location common locations - -Some influential environment variables: - CC C compiler command - CFLAGS C compiler flags - LDFLAGS linker flags, e.g. -L if you have libraries in a - nonstandard directory - LIBS libraries to pass to the linker, e.g. -l - CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I if - you have headers in a nonstandard directory - CPP C preprocessor - -Use these variables to override the choices made by `configure' or to help -it to find libraries and programs with nonstandard names/locations. - -Report bugs to . -_ACEOF -ac_status=$? -fi - -if test "$ac_init_help" = "recursive"; then - # If there are subdirs, report their specific --help. - for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue - test -d "$ac_dir" || - { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } || - continue - ac_builddir=. - -case "$ac_dir" in -.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; -*) - ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` - # A ".." for each directory in $ac_dir_suffix. - ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` - case $ac_top_builddir_sub in - "") ac_top_builddir_sub=. ac_top_build_prefix= ;; - *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; - esac ;; -esac -ac_abs_top_builddir=$ac_pwd -ac_abs_builddir=$ac_pwd$ac_dir_suffix -# for backward compatibility: -ac_top_builddir=$ac_top_build_prefix - -case $srcdir in - .) # We are building in place. - ac_srcdir=. - ac_top_srcdir=$ac_top_builddir_sub - ac_abs_top_srcdir=$ac_pwd ;; - [\\/]* | ?:[\\/]* ) # Absolute name. - ac_srcdir=$srcdir$ac_dir_suffix; - ac_top_srcdir=$srcdir - ac_abs_top_srcdir=$srcdir ;; - *) # Relative name. - ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix - ac_top_srcdir=$ac_top_build_prefix$srcdir - ac_abs_top_srcdir=$ac_pwd/$srcdir ;; -esac -ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix - - cd "$ac_dir" || { ac_status=$?; continue; } - # Check for guested configure. - if test -f "$ac_srcdir/configure.gnu"; then - echo && - $SHELL "$ac_srcdir/configure.gnu" --help=recursive - elif test -f "$ac_srcdir/configure"; then - echo && - $SHELL "$ac_srcdir/configure" --help=recursive - else - $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 - fi || ac_status=$? - cd "$ac_pwd" || { ac_status=$?; break; } - done -fi - -test -n "$ac_init_help" && exit $ac_status -if $ac_init_version; then - cat <<\_ACEOF -OpenSSH configure Portable -generated by GNU Autoconf 2.69 - -Copyright (C) 2012 Free Software Foundation, Inc. -This configure script is free software; the Free Software Foundation -gives unlimited permission to copy, distribute and modify it. -_ACEOF - exit -fi - -## ------------------------ ## -## Autoconf initialization. ## -## ------------------------ ## - -# ac_fn_c_try_compile LINENO -# -------------------------- -# Try to compile conftest.$ac_ext, and return whether this succeeded. -ac_fn_c_try_compile () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - rm -f conftest.$ac_objext - if { { ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_compile") 2>conftest.err - ac_status=$? - if test -s conftest.err; then - grep -v '^ *+' conftest.err >conftest.er1 - cat conftest.er1 >&5 - mv -f conftest.er1 conftest.err - fi - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then : - ac_retval=0 -else - $as_echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_retval=1 -fi - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - as_fn_set_status $ac_retval - -} # ac_fn_c_try_compile - -# ac_fn_c_try_run LINENO -# ---------------------- -# Try to link conftest.$ac_ext, and return whether this succeeded. Assumes -# that executables *can* be run. -ac_fn_c_try_run () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - if { { ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } && { ac_try='./conftest$ac_exeext' - { { case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; }; then : - ac_retval=0 -else - $as_echo "$as_me: program exited with status $ac_status" >&5 - $as_echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_retval=$ac_status -fi - rm -rf conftest.dSYM conftest_ipa8_conftest.oo - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - as_fn_set_status $ac_retval - -} # ac_fn_c_try_run - -# ac_fn_c_try_cpp LINENO -# ---------------------- -# Try to preprocess conftest.$ac_ext, and return whether this succeeded. -ac_fn_c_try_cpp () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - if { { ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err - ac_status=$? - if test -s conftest.err; then - grep -v '^ *+' conftest.err >conftest.er1 - cat conftest.er1 >&5 - mv -f conftest.er1 conftest.err - fi - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } > conftest.i && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then : - ac_retval=0 -else - $as_echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_retval=1 -fi - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - as_fn_set_status $ac_retval - -} # ac_fn_c_try_cpp - -# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES -# ------------------------------------------------------- -# Tests whether HEADER exists and can be compiled using the include files in -# INCLUDES, setting the cache variable VAR accordingly. -ac_fn_c_check_header_compile () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -$as_echo_n "checking for $2... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -#include <$2> -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - eval "$3=yes" -else - eval "$3=no" -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_header_compile - -# ac_fn_c_check_decl LINENO SYMBOL VAR INCLUDES -# --------------------------------------------- -# Tests whether SYMBOL is declared in INCLUDES, setting cache variable VAR -# accordingly. -ac_fn_c_check_decl () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - as_decl_name=`echo $2|sed 's/ *(.*//'` - as_decl_use=`echo $2|sed -e 's/(/((/' -e 's/)/) 0&/' -e 's/,/) 0& (/g'` - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $as_decl_name is declared" >&5 -$as_echo_n "checking whether $as_decl_name is declared... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -int -main () -{ -#ifndef $as_decl_name -#ifdef __cplusplus - (void) $as_decl_use; -#else - (void) $as_decl_name; -#endif -#endif - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - eval "$3=yes" -else - eval "$3=no" -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_decl - -# ac_fn_c_try_link LINENO -# ----------------------- -# Try to link conftest.$ac_ext, and return whether this succeeded. -ac_fn_c_try_link () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - rm -f conftest.$ac_objext conftest$ac_exeext - if { { ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_link") 2>conftest.err - ac_status=$? - if test -s conftest.err; then - grep -v '^ *+' conftest.err >conftest.er1 - cat conftest.er1 >&5 - mv -f conftest.er1 conftest.err - fi - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && { - test "$cross_compiling" = yes || - test -x conftest$ac_exeext - }; then : - ac_retval=0 -else - $as_echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_retval=1 -fi - # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information - # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would - # interfere with the next link command; also delete a directory that is - # left behind by Apple's compiler. We do this before executing the actions. - rm -rf conftest.dSYM conftest_ipa8_conftest.oo - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - as_fn_set_status $ac_retval - -} # ac_fn_c_try_link - -# ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES -# ------------------------------------------------------- -# Tests whether HEADER exists, giving a warning if it cannot be compiled using -# the include files in INCLUDES and setting the cache variable VAR -# accordingly. -ac_fn_c_check_header_mongrel () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - if eval \${$3+:} false; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -$as_echo_n "checking for $2... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } -else - # Is the header compilable? -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5 -$as_echo_n "checking $2 usability... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -#include <$2> -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_header_compiler=yes -else - ac_header_compiler=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5 -$as_echo "$ac_header_compiler" >&6; } - -# Is the header present? -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5 -$as_echo_n "checking $2 presence... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include <$2> -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - ac_header_preproc=yes -else - ac_header_preproc=no -fi -rm -f conftest.err conftest.i conftest.$ac_ext -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5 -$as_echo "$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #(( - yes:no: ) - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5 -$as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 -$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} - ;; - no:yes:* ) - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5 -$as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: check for missing prerequisite headers?" >&5 -$as_echo "$as_me: WARNING: $2: check for missing prerequisite headers?" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5 -$as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&5 -$as_echo "$as_me: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 -$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} -( $as_echo "## ------------------------------------------- ## -## Report this to openssh-unix-dev@mindrot.org ## -## ------------------------------------------- ##" - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -$as_echo_n "checking for $2... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -else - eval "$3=\$ac_header_compiler" -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } -fi - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_header_mongrel - -# ac_fn_c_check_func LINENO FUNC VAR -# ---------------------------------- -# Tests whether FUNC exists, setting the cache variable VAR accordingly -ac_fn_c_check_func () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -$as_echo_n "checking for $2... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -/* Define $2 to an innocuous variant, in case declares $2. - For example, HP-UX 11i declares gettimeofday. */ -#define $2 innocuous_$2 - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $2 (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $2 - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $2 (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$2 || defined __stub___$2 -choke me -#endif - -int -main () -{ -return $2 (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - eval "$3=yes" -else - eval "$3=no" -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_func - -# ac_fn_c_check_type LINENO TYPE VAR INCLUDES -# ------------------------------------------- -# Tests whether TYPE exists after having included INCLUDES, setting cache -# variable VAR accordingly. -ac_fn_c_check_type () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -$as_echo_n "checking for $2... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -else - eval "$3=no" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -int -main () -{ -if (sizeof ($2)) - return 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -int -main () -{ -if (sizeof (($2))) - return 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -else - eval "$3=yes" -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_type - -# ac_fn_c_compute_int LINENO EXPR VAR INCLUDES -# -------------------------------------------- -# Tries to find the compile-time value of EXPR in a program that includes -# INCLUDES, setting VAR accordingly. Returns whether the value could be -# computed -ac_fn_c_compute_int () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - if test "$cross_compiling" = yes; then - # Depending upon the size, compute the lo and hi bounds. -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -int -main () -{ -static int test_array [1 - 2 * !(($2) >= 0)]; -test_array [0] = 0; -return test_array [0]; - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_lo=0 ac_mid=0 - while :; do - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -int -main () -{ -static int test_array [1 - 2 * !(($2) <= $ac_mid)]; -test_array [0] = 0; -return test_array [0]; - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_hi=$ac_mid; break -else - as_fn_arith $ac_mid + 1 && ac_lo=$as_val - if test $ac_lo -le $ac_mid; then - ac_lo= ac_hi= - break - fi - as_fn_arith 2 '*' $ac_mid + 1 && ac_mid=$as_val -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - done -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -int -main () -{ -static int test_array [1 - 2 * !(($2) < 0)]; -test_array [0] = 0; -return test_array [0]; - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_hi=-1 ac_mid=-1 - while :; do - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -int -main () -{ -static int test_array [1 - 2 * !(($2) >= $ac_mid)]; -test_array [0] = 0; -return test_array [0]; - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_lo=$ac_mid; break -else - as_fn_arith '(' $ac_mid ')' - 1 && ac_hi=$as_val - if test $ac_mid -le $ac_hi; then - ac_lo= ac_hi= - break - fi - as_fn_arith 2 '*' $ac_mid && ac_mid=$as_val -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - done -else - ac_lo= ac_hi= -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -# Binary search between lo and hi bounds. -while test "x$ac_lo" != "x$ac_hi"; do - as_fn_arith '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo && ac_mid=$as_val - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -int -main () -{ -static int test_array [1 - 2 * !(($2) <= $ac_mid)]; -test_array [0] = 0; -return test_array [0]; - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_hi=$ac_mid -else - as_fn_arith '(' $ac_mid ')' + 1 && ac_lo=$as_val -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -done -case $ac_lo in #(( -?*) eval "$3=\$ac_lo"; ac_retval=0 ;; -'') ac_retval=1 ;; -esac - else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -static long int longval () { return $2; } -static unsigned long int ulongval () { return $2; } -#include -#include -int -main () -{ - - FILE *f = fopen ("conftest.val", "w"); - if (! f) - return 1; - if (($2) < 0) - { - long int i = longval (); - if (i != ($2)) - return 1; - fprintf (f, "%ld", i); - } - else - { - unsigned long int i = ulongval (); - if (i != ($2)) - return 1; - fprintf (f, "%lu", i); - } - /* Do not output a trailing newline, as this causes \r\n confusion - on some platforms. */ - return ferror (f) || fclose (f) != 0; - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - echo >>conftest.val; read $3 &5 -$as_echo_n "checking for $2.$3... " >&6; } -if eval \${$4+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$5 -int -main () -{ -static $2 ac_aggr; -if (ac_aggr.$3) -return 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - eval "$4=yes" -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$5 -int -main () -{ -static $2 ac_aggr; -if (sizeof ac_aggr.$3) -return 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - eval "$4=yes" -else - eval "$4=no" -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -eval ac_res=\$$4 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_member -cat >config.log <<_ACEOF -This file contains any messages produced by compilers while -running configure, to aid debugging if configure makes a mistake. - -It was created by OpenSSH $as_me Portable, which was -generated by GNU Autoconf 2.69. Invocation command line was - - $ $0 $@ - -_ACEOF -exec 5>>config.log -{ -cat <<_ASUNAME -## --------- ## -## Platform. ## -## --------- ## - -hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` -uname -m = `(uname -m) 2>/dev/null || echo unknown` -uname -r = `(uname -r) 2>/dev/null || echo unknown` -uname -s = `(uname -s) 2>/dev/null || echo unknown` -uname -v = `(uname -v) 2>/dev/null || echo unknown` - -/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` -/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` - -/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` -/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` -/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` -/usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` -/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` -/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` -/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` - -_ASUNAME - -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - $as_echo "PATH: $as_dir" - done -IFS=$as_save_IFS - -} >&5 - -cat >&5 <<_ACEOF - - -## ----------- ## -## Core tests. ## -## ----------- ## - -_ACEOF - - -# Keep a trace of the command line. -# Strip out --no-create and --no-recursion so they do not pile up. -# Strip out --silent because we don't want to record it for future runs. -# Also quote any args containing shell meta-characters. -# Make two passes to allow for proper duplicate-argument suppression. -ac_configure_args= -ac_configure_args0= -ac_configure_args1= -ac_must_keep_next=false -for ac_pass in 1 2 -do - for ac_arg - do - case $ac_arg in - -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; - -q | -quiet | --quiet | --quie | --qui | --qu | --q \ - | -silent | --silent | --silen | --sile | --sil) - continue ;; - *\'*) - ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; - esac - case $ac_pass in - 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; - 2) - as_fn_append ac_configure_args1 " '$ac_arg'" - if test $ac_must_keep_next = true; then - ac_must_keep_next=false # Got value, back to normal. - else - case $ac_arg in - *=* | --config-cache | -C | -disable-* | --disable-* \ - | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ - | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ - | -with-* | --with-* | -without-* | --without-* | --x) - case "$ac_configure_args0 " in - "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; - esac - ;; - -* ) ac_must_keep_next=true ;; - esac - fi - as_fn_append ac_configure_args " '$ac_arg'" - ;; - esac - done -done -{ ac_configure_args0=; unset ac_configure_args0;} -{ ac_configure_args1=; unset ac_configure_args1;} - -# When interrupted or exit'd, cleanup temporary files, and complete -# config.log. We remove comments because anyway the quotes in there -# would cause problems or look ugly. -# WARNING: Use '\'' to represent an apostrophe within the trap. -# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. -trap 'exit_status=$? - # Save into config.log some information that might help in debugging. - { - echo - - $as_echo "## ---------------- ## -## Cache variables. ## -## ---------------- ##" - echo - # The following way of writing the cache mishandles newlines in values, -( - for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do - eval ac_val=\$$ac_var - case $ac_val in #( - *${as_nl}*) - case $ac_var in #( - *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 -$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; - esac - case $ac_var in #( - _ | IFS | as_nl) ;; #( - BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( - *) { eval $ac_var=; unset $ac_var;} ;; - esac ;; - esac - done - (set) 2>&1 | - case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( - *${as_nl}ac_space=\ *) - sed -n \ - "s/'\''/'\''\\\\'\'''\''/g; - s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" - ;; #( - *) - sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" - ;; - esac | - sort -) - echo - - $as_echo "## ----------------- ## -## Output variables. ## -## ----------------- ##" - echo - for ac_var in $ac_subst_vars - do - eval ac_val=\$$ac_var - case $ac_val in - *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; - esac - $as_echo "$ac_var='\''$ac_val'\''" - done | sort - echo - - if test -n "$ac_subst_files"; then - $as_echo "## ------------------- ## -## File substitutions. ## -## ------------------- ##" - echo - for ac_var in $ac_subst_files - do - eval ac_val=\$$ac_var - case $ac_val in - *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; - esac - $as_echo "$ac_var='\''$ac_val'\''" - done | sort - echo - fi - - if test -s confdefs.h; then - $as_echo "## ----------- ## -## confdefs.h. ## -## ----------- ##" - echo - cat confdefs.h - echo - fi - test "$ac_signal" != 0 && - $as_echo "$as_me: caught signal $ac_signal" - $as_echo "$as_me: exit $exit_status" - } >&5 - rm -f core *.core core.conftest.* && - rm -f -r conftest* confdefs* conf$$* $ac_clean_files && - exit $exit_status -' 0 -for ac_signal in 1 2 13 15; do - trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal -done -ac_signal=0 - -# confdefs.h avoids OS command line length limits that DEFS can exceed. -rm -f -r conftest* confdefs.h - -$as_echo "/* confdefs.h */" > confdefs.h - -# Predefined preprocessor variables. - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_NAME "$PACKAGE_NAME" -_ACEOF - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_TARNAME "$PACKAGE_TARNAME" -_ACEOF - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_VERSION "$PACKAGE_VERSION" -_ACEOF - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_STRING "$PACKAGE_STRING" -_ACEOF - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" -_ACEOF - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_URL "$PACKAGE_URL" -_ACEOF - - -# Let the site file select an alternate cache file if it wants to. -# Prefer an explicitly selected file to automatically selected ones. -ac_site_file1=NONE -ac_site_file2=NONE -if test -n "$CONFIG_SITE"; then - # We do not want a PATH search for config.site. - case $CONFIG_SITE in #(( - -*) ac_site_file1=./$CONFIG_SITE;; - */*) ac_site_file1=$CONFIG_SITE;; - *) ac_site_file1=./$CONFIG_SITE;; - esac -elif test "x$prefix" != xNONE; then - ac_site_file1=$prefix/share/config.site - ac_site_file2=$prefix/etc/config.site -else - ac_site_file1=$ac_default_prefix/share/config.site - ac_site_file2=$ac_default_prefix/etc/config.site -fi -for ac_site_file in "$ac_site_file1" "$ac_site_file2" -do - test "x$ac_site_file" = xNONE && continue - if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 -$as_echo "$as_me: loading site script $ac_site_file" >&6;} - sed 's/^/| /' "$ac_site_file" >&5 - . "$ac_site_file" \ - || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "failed to load site script $ac_site_file -See \`config.log' for more details" "$LINENO" 5; } - fi -done - -if test -r "$cache_file"; then - # Some versions of bash will fail to source /dev/null (special files - # actually), so we avoid doing that. DJGPP emulates it as a regular file. - if test /dev/null != "$cache_file" && test -f "$cache_file"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 -$as_echo "$as_me: loading cache $cache_file" >&6;} - case $cache_file in - [\\/]* | ?:[\\/]* ) . "$cache_file";; - *) . "./$cache_file";; - esac - fi -else - { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 -$as_echo "$as_me: creating cache $cache_file" >&6;} - >$cache_file -fi - -# Check that the precious variables saved in the cache have kept the same -# value. -ac_cache_corrupted=false -for ac_var in $ac_precious_vars; do - eval ac_old_set=\$ac_cv_env_${ac_var}_set - eval ac_new_set=\$ac_env_${ac_var}_set - eval ac_old_val=\$ac_cv_env_${ac_var}_value - eval ac_new_val=\$ac_env_${ac_var}_value - case $ac_old_set,$ac_new_set in - set,) - { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 -$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} - ac_cache_corrupted=: ;; - ,set) - { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 -$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} - ac_cache_corrupted=: ;; - ,);; - *) - if test "x$ac_old_val" != "x$ac_new_val"; then - # differences in whitespace do not lead to failure. - ac_old_val_w=`echo x $ac_old_val` - ac_new_val_w=`echo x $ac_new_val` - if test "$ac_old_val_w" != "$ac_new_val_w"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 -$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} - ac_cache_corrupted=: - else - { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 -$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} - eval $ac_var=\$ac_old_val - fi - { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 -$as_echo "$as_me: former value: \`$ac_old_val'" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 -$as_echo "$as_me: current value: \`$ac_new_val'" >&2;} - fi;; - esac - # Pass precious variables to config.status. - if test "$ac_new_set" = set; then - case $ac_new_val in - *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; - *) ac_arg=$ac_var=$ac_new_val ;; - esac - case " $ac_configure_args " in - *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. - *) as_fn_append ac_configure_args " '$ac_arg'" ;; - esac - fi -done -if $ac_cache_corrupted; then - { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 -$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;} - as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 -fi -## -------------------- ## -## Main body of script. ## -## -------------------- ## - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - -ac_config_headers="$ac_config_headers config.h" - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. -set dummy ${ac_tool_prefix}gcc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_CC="${ac_tool_prefix}gcc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_CC"; then - ac_ct_CC=$CC - # Extract the first word of "gcc", so it can be a program name with args. -set dummy gcc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_CC"; then - ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_CC="gcc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_CC=$ac_cv_prog_ac_ct_CC -if test -n "$ac_ct_CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 -$as_echo "$ac_ct_CC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_ct_CC" = x; then - CC="" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - CC=$ac_ct_CC - fi -else - CC="$ac_cv_prog_CC" -fi - -if test -z "$CC"; then - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. -set dummy ${ac_tool_prefix}cc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_CC="${ac_tool_prefix}cc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - fi -fi -if test -z "$CC"; then - # Extract the first word of "cc", so it can be a program name with args. -set dummy cc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else - ac_prog_rejected=no -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then - ac_prog_rejected=yes - continue - fi - ac_cv_prog_CC="cc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -if test $ac_prog_rejected = yes; then - # We found a bogon in the path, so make sure we never use it. - set dummy $ac_cv_prog_CC - shift - if test $# != 0; then - # We chose a different compiler from the bogus one. - # However, it has the same basename, so the bogon will be chosen - # first if we set CC to just the basename; use the full file name. - shift - ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" - fi -fi -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$CC"; then - if test -n "$ac_tool_prefix"; then - for ac_prog in cl.exe - do - # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. -set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_CC="$ac_tool_prefix$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$CC" && break - done -fi -if test -z "$CC"; then - ac_ct_CC=$CC - for ac_prog in cl.exe -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_CC"; then - ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_CC="$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_CC=$ac_cv_prog_ac_ct_CC -if test -n "$ac_ct_CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 -$as_echo "$ac_ct_CC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$ac_ct_CC" && break -done - - if test "x$ac_ct_CC" = x; then - CC="" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - CC=$ac_ct_CC - fi -fi - -fi - - -test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "no acceptable C compiler found in \$PATH -See \`config.log' for more details" "$LINENO" 5; } - -# Provide some information about the compiler. -$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 -set X $ac_compile -ac_compiler=$2 -for ac_option in --version -v -V -qversion; do - { { ac_try="$ac_compiler $ac_option >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_compiler $ac_option >&5") 2>conftest.err - ac_status=$? - if test -s conftest.err; then - sed '10a\ -... rest of stderr output deleted ... - 10q' conftest.err >conftest.er1 - cat conftest.er1 >&5 - fi - rm -f conftest.er1 conftest.err - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } -done - -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -ac_clean_files_save=$ac_clean_files -ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out" -# Try to create an executable without -o first, disregard a.out. -# It will help us diagnose broken compilers, and finding out an intuition -# of exeext. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5 -$as_echo_n "checking whether the C compiler works... " >&6; } -ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` - -# The possible output files: -ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*" - -ac_rmfiles= -for ac_file in $ac_files -do - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; - * ) ac_rmfiles="$ac_rmfiles $ac_file";; - esac -done -rm -f $ac_rmfiles - -if { { ac_try="$ac_link_default" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_link_default") 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; then : - # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. -# So ignore a value of `no', otherwise this would lead to `EXEEXT = no' -# in a Makefile. We should not override ac_cv_exeext if it was cached, -# so that the user can short-circuit this test for compilers unknown to -# Autoconf. -for ac_file in $ac_files '' -do - test -f "$ac_file" || continue - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) - ;; - [ab].out ) - # We found the default executable, but exeext='' is most - # certainly right. - break;; - *.* ) - if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; - then :; else - ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` - fi - # We set ac_cv_exeext here because the later test for it is not - # safe: cross compilers may not add the suffix if given an `-o' - # argument, so we may need to know it at that point already. - # Even if this section looks crufty: it has the advantage of - # actually working. - break;; - * ) - break;; - esac -done -test "$ac_cv_exeext" = no && ac_cv_exeext= - -else - ac_file='' -fi -if test -z "$ac_file"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -$as_echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error 77 "C compiler cannot create executables -See \`config.log' for more details" "$LINENO" 5; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 -$as_echo_n "checking for C compiler default output file name... " >&6; } -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5 -$as_echo "$ac_file" >&6; } -ac_exeext=$ac_cv_exeext - -rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out -ac_clean_files=$ac_clean_files_save -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5 -$as_echo_n "checking for suffix of executables... " >&6; } -if { { ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; then : - # If both `conftest.exe' and `conftest' are `present' (well, observable) -# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will -# work properly (i.e., refer to `conftest.exe'), while it won't with -# `rm'. -for ac_file in conftest.exe conftest conftest.*; do - test -f "$ac_file" || continue - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; - *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` - break;; - * ) break;; - esac -done -else - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "cannot compute suffix of executables: cannot compile and link -See \`config.log' for more details" "$LINENO" 5; } -fi -rm -f conftest conftest$ac_cv_exeext -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 -$as_echo "$ac_cv_exeext" >&6; } - -rm -f conftest.$ac_ext -EXEEXT=$ac_cv_exeext -ac_exeext=$EXEEXT -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -int -main () -{ -FILE *f = fopen ("conftest.out", "w"); - return ferror (f) || fclose (f) != 0; - - ; - return 0; -} -_ACEOF -ac_clean_files="$ac_clean_files conftest.out" -# Check that the compiler produces executables we can run. If not, either -# the compiler is broken, or we cross compile. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5 -$as_echo_n "checking whether we are cross compiling... " >&6; } -if test "$cross_compiling" != yes; then - { { ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } - if { ac_try='./conftest$ac_cv_exeext' - { { case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; }; then - cross_compiling=no - else - if test "$cross_compiling" = maybe; then - cross_compiling=yes - else - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "cannot run C compiled programs. -If you meant to cross compile, use \`--host'. -See \`config.log' for more details" "$LINENO" 5; } - fi - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 -$as_echo "$cross_compiling" >&6; } - -rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out -ac_clean_files=$ac_clean_files_save -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 -$as_echo_n "checking for suffix of object files... " >&6; } -if ${ac_cv_objext+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.o conftest.obj -if { { ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_compile") 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; then : - for ac_file in conftest.o conftest.obj conftest.*; do - test -f "$ac_file" || continue; - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;; - *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` - break;; - esac -done -else - $as_echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "cannot compute suffix of object files: cannot compile -See \`config.log' for more details" "$LINENO" 5; } -fi -rm -f conftest.$ac_cv_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 -$as_echo "$ac_cv_objext" >&6; } -OBJEXT=$ac_cv_objext -ac_objext=$OBJEXT -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 -$as_echo_n "checking whether we are using the GNU C compiler... " >&6; } -if ${ac_cv_c_compiler_gnu+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ -#ifndef __GNUC__ - choke me -#endif - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_compiler_gnu=yes -else - ac_compiler_gnu=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -ac_cv_c_compiler_gnu=$ac_compiler_gnu - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 -$as_echo "$ac_cv_c_compiler_gnu" >&6; } -if test $ac_compiler_gnu = yes; then - GCC=yes -else - GCC= -fi -ac_test_CFLAGS=${CFLAGS+set} -ac_save_CFLAGS=$CFLAGS -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 -$as_echo_n "checking whether $CC accepts -g... " >&6; } -if ${ac_cv_prog_cc_g+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_save_c_werror_flag=$ac_c_werror_flag - ac_c_werror_flag=yes - ac_cv_prog_cc_g=no - CFLAGS="-g" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_prog_cc_g=yes -else - CFLAGS="" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -else - ac_c_werror_flag=$ac_save_c_werror_flag - CFLAGS="-g" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_prog_cc_g=yes -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ac_c_werror_flag=$ac_save_c_werror_flag -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 -$as_echo "$ac_cv_prog_cc_g" >&6; } -if test "$ac_test_CFLAGS" = set; then - CFLAGS=$ac_save_CFLAGS -elif test $ac_cv_prog_cc_g = yes; then - if test "$GCC" = yes; then - CFLAGS="-g -O2" - else - CFLAGS="-g" - fi -else - if test "$GCC" = yes; then - CFLAGS="-O2" - else - CFLAGS= - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 -$as_echo_n "checking for $CC option to accept ISO C89... " >&6; } -if ${ac_cv_prog_cc_c89+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_cv_prog_cc_c89=no -ac_save_CC=$CC -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -struct stat; -/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ -struct buf { int x; }; -FILE * (*rcsopen) (struct buf *, struct stat *, int); -static char *e (p, i) - char **p; - int i; -{ - return p[i]; -} -static char *f (char * (*g) (char **, int), char **p, ...) -{ - char *s; - va_list v; - va_start (v,p); - s = g (p, va_arg (v,int)); - va_end (v); - return s; -} - -/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has - function prototypes and stuff, but not '\xHH' hex character constants. - These don't provoke an error unfortunately, instead are silently treated - as 'x'. The following induces an error, until -std is added to get - proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an - array size at least. It's necessary to write '\x00'==0 to get something - that's true only with -std. */ -int osf4_cc_array ['\x00' == 0 ? 1 : -1]; - -/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters - inside strings and character constants. */ -#define FOO(x) 'x' -int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; - -int test (int i, double x); -struct s1 {int (*f) (int a);}; -struct s2 {int (*f) (double a);}; -int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); -int argc; -char **argv; -int -main () -{ -return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; - ; - return 0; -} -_ACEOF -for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ - -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" -do - CC="$ac_save_CC $ac_arg" - if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_prog_cc_c89=$ac_arg -fi -rm -f core conftest.err conftest.$ac_objext - test "x$ac_cv_prog_cc_c89" != "xno" && break -done -rm -f conftest.$ac_ext -CC=$ac_save_CC - -fi -# AC_CACHE_VAL -case "x$ac_cv_prog_cc_c89" in - x) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 -$as_echo "none needed" >&6; } ;; - xno) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 -$as_echo "unsupported" >&6; } ;; - *) - CC="$CC $ac_cv_prog_cc_c89" - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 -$as_echo "$ac_cv_prog_cc_c89" >&6; } ;; -esac -if test "x$ac_cv_prog_cc_c89" != xno; then : - -fi - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -ac_aux_dir= -for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do - if test -f "$ac_dir/install-sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install-sh -c" - break - elif test -f "$ac_dir/install.sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install.sh -c" - break - elif test -f "$ac_dir/shtool"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/shtool install -c" - break - fi -done -if test -z "$ac_aux_dir"; then - as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5 -fi - -# These three variables are undocumented and unsupported, -# and are intended to be withdrawn in a future Autoconf release. -# They can cause serious problems if a builder's source tree is in a directory -# whose full name contains unusual characters. -ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. -ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. -ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. - - -# Make sure we can run config.sub. -$SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 || - as_fn_error $? "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5 - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking build system type" >&5 -$as_echo_n "checking build system type... " >&6; } -if ${ac_cv_build+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_build_alias=$build_alias -test "x$ac_build_alias" = x && - ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"` -test "x$ac_build_alias" = x && - as_fn_error $? "cannot guess build type; you must specify one" "$LINENO" 5 -ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` || - as_fn_error $? "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5 - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5 -$as_echo "$ac_cv_build" >&6; } -case $ac_cv_build in -*-*-*) ;; -*) as_fn_error $? "invalid value of canonical build" "$LINENO" 5;; -esac -build=$ac_cv_build -ac_save_IFS=$IFS; IFS='-' -set x $ac_cv_build -shift -build_cpu=$1 -build_vendor=$2 -shift; shift -# Remember, the first character of IFS is used to create $*, -# except with old shells: -build_os=$* -IFS=$ac_save_IFS -case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking host system type" >&5 -$as_echo_n "checking host system type... " >&6; } -if ${ac_cv_host+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test "x$host_alias" = x; then - ac_cv_host=$ac_cv_build -else - ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` || - as_fn_error $? "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5 -fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5 -$as_echo "$ac_cv_host" >&6; } -case $ac_cv_host in -*-*-*) ;; -*) as_fn_error $? "invalid value of canonical host" "$LINENO" 5;; -esac -host=$ac_cv_host -ac_save_IFS=$IFS; IFS='-' -set x $ac_cv_host -shift -host_cpu=$1 -host_vendor=$2 -shift; shift -# Remember, the first character of IFS is used to create $*, -# except with old shells: -host_os=$* -IFS=$ac_save_IFS -case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac - - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 -$as_echo_n "checking how to run the C preprocessor... " >&6; } -# On Suns, sometimes $CPP names a directory. -if test -n "$CPP" && test -d "$CPP"; then - CPP= -fi -if test -z "$CPP"; then - if ${ac_cv_prog_CPP+:} false; then : - $as_echo_n "(cached) " >&6 -else - # Double quotes because CPP needs to be expanded - for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" - do - ac_preproc_ok=false -for ac_c_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif - Syntax error -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - -else - # Broken: fails on valid input. -continue -fi -rm -f conftest.err conftest.i conftest.$ac_ext - - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - # Broken: success on invalid input. -continue -else - # Passes both tests. -ac_preproc_ok=: -break -fi -rm -f conftest.err conftest.i conftest.$ac_ext - -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.i conftest.err conftest.$ac_ext -if $ac_preproc_ok; then : - break -fi - - done - ac_cv_prog_CPP=$CPP - -fi - CPP=$ac_cv_prog_CPP -else - ac_cv_prog_CPP=$CPP -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 -$as_echo "$CPP" >&6; } -ac_preproc_ok=false -for ac_c_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif - Syntax error -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - -else - # Broken: fails on valid input. -continue -fi -rm -f conftest.err conftest.i conftest.$ac_ext - - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - # Broken: success on invalid input. -continue -else - # Passes both tests. -ac_preproc_ok=: -break -fi -rm -f conftest.err conftest.i conftest.$ac_ext - -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.i conftest.err conftest.$ac_ext -if $ac_preproc_ok; then : - -else - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "C preprocessor \"$CPP\" fails sanity check -See \`config.log' for more details" "$LINENO" 5; } -fi - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 -$as_echo_n "checking for grep that handles long lines and -e... " >&6; } -if ${ac_cv_path_GREP+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -z "$GREP"; then - ac_path_GREP_found=false - # Loop through the user's path and test for each of PROGNAME-LIST - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in grep ggrep; do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" - as_fn_executable_p "$ac_path_GREP" || continue -# Check for GNU ac_path_GREP and select it if it is found. - # Check for GNU $ac_path_GREP -case `"$ac_path_GREP" --version 2>&1` in -*GNU*) - ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; -*) - ac_count=0 - $as_echo_n 0123456789 >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - $as_echo 'GREP' >> "conftest.nl" - "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - as_fn_arith $ac_count + 1 && ac_count=$as_val - if test $ac_count -gt ${ac_path_GREP_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_GREP="$ac_path_GREP" - ac_path_GREP_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break - done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; -esac - - $ac_path_GREP_found && break 3 - done - done - done -IFS=$as_save_IFS - if test -z "$ac_cv_path_GREP"; then - as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 - fi -else - ac_cv_path_GREP=$GREP -fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5 -$as_echo "$ac_cv_path_GREP" >&6; } - GREP="$ac_cv_path_GREP" - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 -$as_echo_n "checking for egrep... " >&6; } -if ${ac_cv_path_EGREP+:} false; then : - $as_echo_n "(cached) " >&6 -else - if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 - then ac_cv_path_EGREP="$GREP -E" - else - if test -z "$EGREP"; then - ac_path_EGREP_found=false - # Loop through the user's path and test for each of PROGNAME-LIST - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in egrep; do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" - as_fn_executable_p "$ac_path_EGREP" || continue -# Check for GNU ac_path_EGREP and select it if it is found. - # Check for GNU $ac_path_EGREP -case `"$ac_path_EGREP" --version 2>&1` in -*GNU*) - ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; -*) - ac_count=0 - $as_echo_n 0123456789 >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - $as_echo 'EGREP' >> "conftest.nl" - "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - as_fn_arith $ac_count + 1 && ac_count=$as_val - if test $ac_count -gt ${ac_path_EGREP_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_EGREP="$ac_path_EGREP" - ac_path_EGREP_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break - done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; -esac - - $ac_path_EGREP_found && break 3 - done - done - done -IFS=$as_save_IFS - if test -z "$ac_cv_path_EGREP"; then - as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 - fi -else - ac_cv_path_EGREP=$EGREP -fi - - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5 -$as_echo "$ac_cv_path_EGREP" >&6; } - EGREP="$ac_cv_path_EGREP" - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 -$as_echo_n "checking for ANSI C header files... " >&6; } -if ${ac_cv_header_stdc+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -#include -#include - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_stdc=yes -else - ac_cv_header_stdc=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -if test $ac_cv_header_stdc = yes; then - # SunOS 4.x string.h does not declare mem*, contrary to ANSI. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "memchr" >/dev/null 2>&1; then : - -else - ac_cv_header_stdc=no -fi -rm -f conftest* - -fi - -if test $ac_cv_header_stdc = yes; then - # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "free" >/dev/null 2>&1; then : - -else - ac_cv_header_stdc=no -fi -rm -f conftest* - -fi - -if test $ac_cv_header_stdc = yes; then - # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. - if test "$cross_compiling" = yes; then : - : -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -#if ((' ' & 0x0FF) == 0x020) -# define ISLOWER(c) ('a' <= (c) && (c) <= 'z') -# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) -#else -# define ISLOWER(c) \ - (('a' <= (c) && (c) <= 'i') \ - || ('j' <= (c) && (c) <= 'r') \ - || ('s' <= (c) && (c) <= 'z')) -# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) -#endif - -#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) -int -main () -{ - int i; - for (i = 0; i < 256; i++) - if (XOR (islower (i), ISLOWER (i)) - || toupper (i) != TOUPPER (i)) - return 2; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - -else - ac_cv_header_stdc=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5 -$as_echo "$ac_cv_header_stdc" >&6; } -if test $ac_cv_header_stdc = yes; then - -$as_echo "#define STDC_HEADERS 1" >>confdefs.h - -fi - -# On IRIX 5.3, sys/types and inttypes.h are conflicting. -for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ - inttypes.h stdint.h unistd.h -do : - as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default -" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether byte ordering is bigendian" >&5 -$as_echo_n "checking whether byte ordering is bigendian... " >&6; } -if ${ac_cv_c_bigendian+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_cv_c_bigendian=unknown - # See if we're dealing with a universal compiler. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#ifndef __APPLE_CC__ - not a universal capable compiler - #endif - typedef int dummy; - -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - - # Check for potential -arch flags. It is not universal unless - # there are at least two -arch flags with different values. - ac_arch= - ac_prev= - for ac_word in $CC $CFLAGS $CPPFLAGS $LDFLAGS; do - if test -n "$ac_prev"; then - case $ac_word in - i?86 | x86_64 | ppc | ppc64) - if test -z "$ac_arch" || test "$ac_arch" = "$ac_word"; then - ac_arch=$ac_word - else - ac_cv_c_bigendian=universal - break - fi - ;; - esac - ac_prev= - elif test "x$ac_word" = "x-arch"; then - ac_prev=arch - fi - done -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - if test $ac_cv_c_bigendian = unknown; then - # See if sys/param.h defines the BYTE_ORDER macro. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - #include - -int -main () -{ -#if ! (defined BYTE_ORDER && defined BIG_ENDIAN \ - && defined LITTLE_ENDIAN && BYTE_ORDER && BIG_ENDIAN \ - && LITTLE_ENDIAN) - bogus endian macros - #endif - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - # It does; now see whether it defined to BIG_ENDIAN or not. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - #include - -int -main () -{ -#if BYTE_ORDER != BIG_ENDIAN - not big endian - #endif - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_c_bigendian=yes -else - ac_cv_c_bigendian=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - fi - if test $ac_cv_c_bigendian = unknown; then - # See if defines _LITTLE_ENDIAN or _BIG_ENDIAN (e.g., Solaris). - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -int -main () -{ -#if ! (defined _LITTLE_ENDIAN || defined _BIG_ENDIAN) - bogus endian macros - #endif - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - # It does; now see whether it defined to _BIG_ENDIAN or not. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -int -main () -{ -#ifndef _BIG_ENDIAN - not big endian - #endif - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_c_bigendian=yes -else - ac_cv_c_bigendian=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - fi - if test $ac_cv_c_bigendian = unknown; then - # Compile a test program. - if test "$cross_compiling" = yes; then : - # Try to guess by grepping values from an object file. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -short int ascii_mm[] = - { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 }; - short int ascii_ii[] = - { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 }; - int use_ascii (int i) { - return ascii_mm[i] + ascii_ii[i]; - } - short int ebcdic_ii[] = - { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 }; - short int ebcdic_mm[] = - { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 }; - int use_ebcdic (int i) { - return ebcdic_mm[i] + ebcdic_ii[i]; - } - extern int foo; - -int -main () -{ -return use_ascii (foo) == use_ebcdic (foo); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - if grep BIGenDianSyS conftest.$ac_objext >/dev/null; then - ac_cv_c_bigendian=yes - fi - if grep LiTTleEnDian conftest.$ac_objext >/dev/null ; then - if test "$ac_cv_c_bigendian" = unknown; then - ac_cv_c_bigendian=no - else - # finding both strings is unlikely to happen, but who knows? - ac_cv_c_bigendian=unknown - fi - fi -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$ac_includes_default -int -main () -{ - - /* Are we little or big endian? From Harbison&Steele. */ - union - { - long int l; - char c[sizeof (long int)]; - } u; - u.l = 1; - return u.c[sizeof (long int) - 1] == 1; - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - ac_cv_c_bigendian=no -else - ac_cv_c_bigendian=yes -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_bigendian" >&5 -$as_echo "$ac_cv_c_bigendian" >&6; } - case $ac_cv_c_bigendian in #( - yes) - $as_echo "#define WORDS_BIGENDIAN 1" >>confdefs.h -;; #( - no) - ;; #( - universal) - -$as_echo "#define AC_APPLE_UNIVERSAL_BUILD 1" >>confdefs.h - - ;; #( - *) - as_fn_error $? "unknown endianness - presetting ac_cv_c_bigendian=no (or yes) will help" "$LINENO" 5 ;; - esac - - -# Checks for programs. -for ac_prog in gawk mawk nawk awk -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_AWK+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$AWK"; then - ac_cv_prog_AWK="$AWK" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_AWK="$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -AWK=$ac_cv_prog_AWK -if test -n "$AWK"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AWK" >&5 -$as_echo "$AWK" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$AWK" && break -done - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 -$as_echo_n "checking how to run the C preprocessor... " >&6; } -# On Suns, sometimes $CPP names a directory. -if test -n "$CPP" && test -d "$CPP"; then - CPP= -fi -if test -z "$CPP"; then - if ${ac_cv_prog_CPP+:} false; then : - $as_echo_n "(cached) " >&6 -else - # Double quotes because CPP needs to be expanded - for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" - do - ac_preproc_ok=false -for ac_c_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif - Syntax error -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - -else - # Broken: fails on valid input. -continue -fi -rm -f conftest.err conftest.i conftest.$ac_ext - - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - # Broken: success on invalid input. -continue -else - # Passes both tests. -ac_preproc_ok=: -break -fi -rm -f conftest.err conftest.i conftest.$ac_ext - -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.i conftest.err conftest.$ac_ext -if $ac_preproc_ok; then : - break -fi - - done - ac_cv_prog_CPP=$CPP - -fi - CPP=$ac_cv_prog_CPP -else - ac_cv_prog_CPP=$CPP -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 -$as_echo "$CPP" >&6; } -ac_preproc_ok=false -for ac_c_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif - Syntax error -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - -else - # Broken: fails on valid input. -continue -fi -rm -f conftest.err conftest.i conftest.$ac_ext - - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - # Broken: success on invalid input. -continue -else - # Passes both tests. -ac_preproc_ok=: -break -fi -rm -f conftest.err conftest.i conftest.$ac_ext - -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.i conftest.err conftest.$ac_ext -if $ac_preproc_ok; then : - -else - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "C preprocessor \"$CPP\" fails sanity check -See \`config.log' for more details" "$LINENO" 5; } -fi - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. -set dummy ${ac_tool_prefix}ranlib; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_RANLIB+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$RANLIB"; then - ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -RANLIB=$ac_cv_prog_RANLIB -if test -n "$RANLIB"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5 -$as_echo "$RANLIB" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_RANLIB"; then - ac_ct_RANLIB=$RANLIB - # Extract the first word of "ranlib", so it can be a program name with args. -set dummy ranlib; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_RANLIB+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_RANLIB"; then - ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_RANLIB="ranlib" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB -if test -n "$ac_ct_RANLIB"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5 -$as_echo "$ac_ct_RANLIB" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_ct_RANLIB" = x; then - RANLIB=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - RANLIB=$ac_ct_RANLIB - fi -else - RANLIB="$ac_cv_prog_RANLIB" -fi - -# Find a good install program. We prefer a C program (faster), -# so one script is as good as another. But avoid the broken or -# incompatible versions: -# SysV /etc/install, /usr/sbin/install -# SunOS /usr/etc/install -# IRIX /sbin/install -# AIX /bin/install -# AmigaOS /C/install, which installs bootblocks on floppy discs -# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag -# AFS /usr/afsws/bin/install, which mishandles nonexistent args -# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" -# OS/2's system install, which has a completely different semantic -# ./install, which can be erroneously created by make from ./install.sh. -# Reject install programs that cannot install multiple files. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 -$as_echo_n "checking for a BSD-compatible install... " >&6; } -if test -z "$INSTALL"; then -if ${ac_cv_path_install+:} false; then : - $as_echo_n "(cached) " >&6 -else - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - # Account for people who put trailing slashes in PATH elements. -case $as_dir/ in #(( - ./ | .// | /[cC]/* | \ - /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ - ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \ - /usr/ucb/* ) ;; - *) - # OSF1 and SCO ODT 3.0 have their own names for install. - # Don't use installbsd from OSF since it installs stuff as root - # by default. - for ac_prog in ginstall scoinst install; do - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then - if test $ac_prog = install && - grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then - # AIX install. It has an incompatible calling convention. - : - elif test $ac_prog = install && - grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then - # program-specific install script used by HP pwplus--don't use. - : - else - rm -rf conftest.one conftest.two conftest.dir - echo one > conftest.one - echo two > conftest.two - mkdir conftest.dir - if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" && - test -s conftest.one && test -s conftest.two && - test -s conftest.dir/conftest.one && - test -s conftest.dir/conftest.two - then - ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" - break 3 - fi - fi - fi - done - done - ;; -esac - - done -IFS=$as_save_IFS - -rm -rf conftest.one conftest.two conftest.dir - -fi - if test "${ac_cv_path_install+set}" = set; then - INSTALL=$ac_cv_path_install - else - # As a last resort, use the slow shell script. Don't cache a - # value for INSTALL within a source directory, because that will - # break other packages using the cache if that directory is - # removed, or if the value is a relative name. - INSTALL=$ac_install_sh - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5 -$as_echo "$INSTALL" >&6; } - -# Use test -z because SunOS4 sh mishandles braces in ${var-val}. -# It thinks the first close brace ends the variable substitution. -test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' - -test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' - -test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 -$as_echo_n "checking for egrep... " >&6; } -if ${ac_cv_path_EGREP+:} false; then : - $as_echo_n "(cached) " >&6 -else - if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 - then ac_cv_path_EGREP="$GREP -E" - else - if test -z "$EGREP"; then - ac_path_EGREP_found=false - # Loop through the user's path and test for each of PROGNAME-LIST - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in egrep; do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" - as_fn_executable_p "$ac_path_EGREP" || continue -# Check for GNU ac_path_EGREP and select it if it is found. - # Check for GNU $ac_path_EGREP -case `"$ac_path_EGREP" --version 2>&1` in -*GNU*) - ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; -*) - ac_count=0 - $as_echo_n 0123456789 >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - $as_echo 'EGREP' >> "conftest.nl" - "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - as_fn_arith $ac_count + 1 && ac_count=$as_val - if test $ac_count -gt ${ac_path_EGREP_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_EGREP="$ac_path_EGREP" - ac_path_EGREP_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break - done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; -esac - - $ac_path_EGREP_found && break 3 - done - done - done -IFS=$as_save_IFS - if test -z "$ac_cv_path_EGREP"; then - as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 - fi -else - ac_cv_path_EGREP=$EGREP -fi - - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5 -$as_echo "$ac_cv_path_EGREP" >&6; } - EGREP="$ac_cv_path_EGREP" - - -if test -n "$ac_tool_prefix"; then - for ac_prog in ar - do - # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. -set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_AR+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$AR"; then - ac_cv_prog_AR="$AR" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_AR="$ac_tool_prefix$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -AR=$ac_cv_prog_AR -if test -n "$AR"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AR" >&5 -$as_echo "$AR" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$AR" && break - done -fi -if test -z "$AR"; then - ac_ct_AR=$AR - for ac_prog in ar -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_AR+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_AR"; then - ac_cv_prog_ac_ct_AR="$ac_ct_AR" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_AR="$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_AR=$ac_cv_prog_ac_ct_AR -if test -n "$ac_ct_AR"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_AR" >&5 -$as_echo "$ac_ct_AR" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$ac_ct_AR" && break -done - - if test "x$ac_ct_AR" = x; then - AR="" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - AR=$ac_ct_AR - fi -fi - -# Extract the first word of "cat", so it can be a program name with args. -set dummy cat; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_CAT+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $CAT in - [\\/]* | ?:[\\/]*) - ac_cv_path_CAT="$CAT" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_CAT="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -CAT=$ac_cv_path_CAT -if test -n "$CAT"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CAT" >&5 -$as_echo "$CAT" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -# Extract the first word of "kill", so it can be a program name with args. -set dummy kill; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_KILL+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $KILL in - [\\/]* | ?:[\\/]*) - ac_cv_path_KILL="$KILL" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_KILL="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -KILL=$ac_cv_path_KILL -if test -n "$KILL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $KILL" >&5 -$as_echo "$KILL" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -for ac_prog in perl5 perl -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_PERL+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $PERL in - [\\/]* | ?:[\\/]*) - ac_cv_path_PERL="$PERL" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_PERL="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -PERL=$ac_cv_path_PERL -if test -n "$PERL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PERL" >&5 -$as_echo "$PERL" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$PERL" && break -done - -# Extract the first word of "sed", so it can be a program name with args. -set dummy sed; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_SED+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $SED in - [\\/]* | ?:[\\/]*) - ac_cv_path_SED="$SED" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_SED="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -SED=$ac_cv_path_SED -if test -n "$SED"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $SED" >&5 -$as_echo "$SED" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - -# Extract the first word of "ent", so it can be a program name with args. -set dummy ent; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_ENT+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $ENT in - [\\/]* | ?:[\\/]*) - ac_cv_path_ENT="$ENT" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_ENT="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -ENT=$ac_cv_path_ENT -if test -n "$ENT"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ENT" >&5 -$as_echo "$ENT" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - -# Extract the first word of "bash", so it can be a program name with args. -set dummy bash; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_TEST_MINUS_S_SH+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $TEST_MINUS_S_SH in - [\\/]* | ?:[\\/]*) - ac_cv_path_TEST_MINUS_S_SH="$TEST_MINUS_S_SH" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_TEST_MINUS_S_SH="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -TEST_MINUS_S_SH=$ac_cv_path_TEST_MINUS_S_SH -if test -n "$TEST_MINUS_S_SH"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $TEST_MINUS_S_SH" >&5 -$as_echo "$TEST_MINUS_S_SH" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -# Extract the first word of "ksh", so it can be a program name with args. -set dummy ksh; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_TEST_MINUS_S_SH+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $TEST_MINUS_S_SH in - [\\/]* | ?:[\\/]*) - ac_cv_path_TEST_MINUS_S_SH="$TEST_MINUS_S_SH" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_TEST_MINUS_S_SH="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -TEST_MINUS_S_SH=$ac_cv_path_TEST_MINUS_S_SH -if test -n "$TEST_MINUS_S_SH"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $TEST_MINUS_S_SH" >&5 -$as_echo "$TEST_MINUS_S_SH" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -# Extract the first word of "sh", so it can be a program name with args. -set dummy sh; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_TEST_MINUS_S_SH+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $TEST_MINUS_S_SH in - [\\/]* | ?:[\\/]*) - ac_cv_path_TEST_MINUS_S_SH="$TEST_MINUS_S_SH" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_TEST_MINUS_S_SH="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -TEST_MINUS_S_SH=$ac_cv_path_TEST_MINUS_S_SH -if test -n "$TEST_MINUS_S_SH"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $TEST_MINUS_S_SH" >&5 -$as_echo "$TEST_MINUS_S_SH" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -# Extract the first word of "sh", so it can be a program name with args. -set dummy sh; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_SH+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $SH in - [\\/]* | ?:[\\/]*) - ac_cv_path_SH="$SH" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_SH="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -SH=$ac_cv_path_SH -if test -n "$SH"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $SH" >&5 -$as_echo "$SH" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -# Extract the first word of "groff", so it can be a program name with args. -set dummy groff; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_GROFF+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $GROFF in - [\\/]* | ?:[\\/]*) - ac_cv_path_GROFF="$GROFF" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_GROFF="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -GROFF=$ac_cv_path_GROFF -if test -n "$GROFF"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $GROFF" >&5 -$as_echo "$GROFF" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -# Extract the first word of "nroff", so it can be a program name with args. -set dummy nroff; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_NROFF+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $NROFF in - [\\/]* | ?:[\\/]*) - ac_cv_path_NROFF="$NROFF" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_NROFF="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -NROFF=$ac_cv_path_NROFF -if test -n "$NROFF"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $NROFF" >&5 -$as_echo "$NROFF" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -# Extract the first word of "mandoc", so it can be a program name with args. -set dummy mandoc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_MANDOC+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $MANDOC in - [\\/]* | ?:[\\/]*) - ac_cv_path_MANDOC="$MANDOC" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_MANDOC="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -MANDOC=$ac_cv_path_MANDOC -if test -n "$MANDOC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MANDOC" >&5 -$as_echo "$MANDOC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -TEST_SHELL=sh - - -if test "x$MANDOC" != "x" ; then - MANFMT="$MANDOC" -elif test "x$NROFF" != "x" ; then - MANFMT="$NROFF -mandoc" -elif test "x$GROFF" != "x" ; then - MANFMT="$GROFF -mandoc -Tascii" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: no manpage formatted found" >&5 -$as_echo "$as_me: WARNING: no manpage formatted found" >&2;} - MANFMT="false" -fi - - -# Extract the first word of "groupadd", so it can be a program name with args. -set dummy groupadd; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_PATH_GROUPADD_PROG+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $PATH_GROUPADD_PROG in - [\\/]* | ?:[\\/]*) - ac_cv_path_PATH_GROUPADD_PROG="$PATH_GROUPADD_PROG" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in /usr/sbin${PATH_SEPARATOR}/etc -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_PATH_GROUPADD_PROG="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - test -z "$ac_cv_path_PATH_GROUPADD_PROG" && ac_cv_path_PATH_GROUPADD_PROG="groupadd" - ;; -esac -fi -PATH_GROUPADD_PROG=$ac_cv_path_PATH_GROUPADD_PROG -if test -n "$PATH_GROUPADD_PROG"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PATH_GROUPADD_PROG" >&5 -$as_echo "$PATH_GROUPADD_PROG" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -# Extract the first word of "useradd", so it can be a program name with args. -set dummy useradd; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_PATH_USERADD_PROG+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $PATH_USERADD_PROG in - [\\/]* | ?:[\\/]*) - ac_cv_path_PATH_USERADD_PROG="$PATH_USERADD_PROG" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in /usr/sbin${PATH_SEPARATOR}/etc -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_PATH_USERADD_PROG="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - test -z "$ac_cv_path_PATH_USERADD_PROG" && ac_cv_path_PATH_USERADD_PROG="useradd" - ;; -esac -fi -PATH_USERADD_PROG=$ac_cv_path_PATH_USERADD_PROG -if test -n "$PATH_USERADD_PROG"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PATH_USERADD_PROG" >&5 -$as_echo "$PATH_USERADD_PROG" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -# Extract the first word of "pkgmk", so it can be a program name with args. -set dummy pkgmk; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_MAKE_PACKAGE_SUPPORTED+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$MAKE_PACKAGE_SUPPORTED"; then - ac_cv_prog_MAKE_PACKAGE_SUPPORTED="$MAKE_PACKAGE_SUPPORTED" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_MAKE_PACKAGE_SUPPORTED="yes" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - test -z "$ac_cv_prog_MAKE_PACKAGE_SUPPORTED" && ac_cv_prog_MAKE_PACKAGE_SUPPORTED="no" -fi -fi -MAKE_PACKAGE_SUPPORTED=$ac_cv_prog_MAKE_PACKAGE_SUPPORTED -if test -n "$MAKE_PACKAGE_SUPPORTED"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MAKE_PACKAGE_SUPPORTED" >&5 -$as_echo "$MAKE_PACKAGE_SUPPORTED" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -if test -x /sbin/sh; then - STARTUP_SCRIPT_SHELL=/sbin/sh - -else - STARTUP_SCRIPT_SHELL=/bin/sh - -fi - -# System features -# Check whether --enable-largefile was given. -if test "${enable_largefile+set}" = set; then : - enableval=$enable_largefile; -fi - -if test "$enable_largefile" != no; then - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for special C compiler options needed for large files" >&5 -$as_echo_n "checking for special C compiler options needed for large files... " >&6; } -if ${ac_cv_sys_largefile_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_cv_sys_largefile_CC=no - if test "$GCC" != yes; then - ac_save_CC=$CC - while :; do - # IRIX 6.2 and later do not support large files by default, - # so use the C compiler's -n32 option if that helps. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -_ACEOF - if ac_fn_c_try_compile "$LINENO"; then : - break -fi -rm -f core conftest.err conftest.$ac_objext - CC="$CC -n32" - if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_sys_largefile_CC=' -n32'; break -fi -rm -f core conftest.err conftest.$ac_objext - break - done - CC=$ac_save_CC - rm -f conftest.$ac_ext - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_largefile_CC" >&5 -$as_echo "$ac_cv_sys_largefile_CC" >&6; } - if test "$ac_cv_sys_largefile_CC" != no; then - CC=$CC$ac_cv_sys_largefile_CC - fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for _FILE_OFFSET_BITS value needed for large files" >&5 -$as_echo_n "checking for _FILE_OFFSET_BITS value needed for large files... " >&6; } -if ${ac_cv_sys_file_offset_bits+:} false; then : - $as_echo_n "(cached) " >&6 -else - while :; do - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_sys_file_offset_bits=no; break -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#define _FILE_OFFSET_BITS 64 -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_sys_file_offset_bits=64; break -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ac_cv_sys_file_offset_bits=unknown - break -done -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_file_offset_bits" >&5 -$as_echo "$ac_cv_sys_file_offset_bits" >&6; } -case $ac_cv_sys_file_offset_bits in #( - no | unknown) ;; - *) -cat >>confdefs.h <<_ACEOF -#define _FILE_OFFSET_BITS $ac_cv_sys_file_offset_bits -_ACEOF -;; -esac -rm -rf conftest* - if test $ac_cv_sys_file_offset_bits = unknown; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for _LARGE_FILES value needed for large files" >&5 -$as_echo_n "checking for _LARGE_FILES value needed for large files... " >&6; } -if ${ac_cv_sys_large_files+:} false; then : - $as_echo_n "(cached) " >&6 -else - while :; do - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_sys_large_files=no; break -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#define _LARGE_FILES 1 -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_sys_large_files=1; break -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ac_cv_sys_large_files=unknown - break -done -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_large_files" >&5 -$as_echo "$ac_cv_sys_large_files" >&6; } -case $ac_cv_sys_large_files in #( - no | unknown) ;; - *) -cat >>confdefs.h <<_ACEOF -#define _LARGE_FILES $ac_cv_sys_large_files -_ACEOF -;; -esac -rm -rf conftest* - fi - - -fi - - -if test -z "$AR" ; then - as_fn_error $? "*** 'ar' missing, please install or fix your \$PATH ***" "$LINENO" 5 -fi - -# Use LOGIN_PROGRAM from environment if possible -if test ! -z "$LOGIN_PROGRAM" ; then - -cat >>confdefs.h <<_ACEOF -#define LOGIN_PROGRAM_FALLBACK "$LOGIN_PROGRAM" -_ACEOF - -else - # Search for login - # Extract the first word of "login", so it can be a program name with args. -set dummy login; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_LOGIN_PROGRAM_FALLBACK+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $LOGIN_PROGRAM_FALLBACK in - [\\/]* | ?:[\\/]*) - ac_cv_path_LOGIN_PROGRAM_FALLBACK="$LOGIN_PROGRAM_FALLBACK" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_LOGIN_PROGRAM_FALLBACK="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -LOGIN_PROGRAM_FALLBACK=$ac_cv_path_LOGIN_PROGRAM_FALLBACK -if test -n "$LOGIN_PROGRAM_FALLBACK"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LOGIN_PROGRAM_FALLBACK" >&5 -$as_echo "$LOGIN_PROGRAM_FALLBACK" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then - cat >>confdefs.h <<_ACEOF -#define LOGIN_PROGRAM_FALLBACK "$LOGIN_PROGRAM_FALLBACK" -_ACEOF - - fi -fi - -# Extract the first word of "passwd", so it can be a program name with args. -set dummy passwd; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_PATH_PASSWD_PROG+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $PATH_PASSWD_PROG in - [\\/]* | ?:[\\/]*) - ac_cv_path_PATH_PASSWD_PROG="$PATH_PASSWD_PROG" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_PATH_PASSWD_PROG="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -PATH_PASSWD_PROG=$ac_cv_path_PATH_PASSWD_PROG -if test -n "$PATH_PASSWD_PROG"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PATH_PASSWD_PROG" >&5 -$as_echo "$PATH_PASSWD_PROG" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -if test ! -z "$PATH_PASSWD_PROG" ; then - -cat >>confdefs.h <<_ACEOF -#define _PATH_PASSWD_PROG "$PATH_PASSWD_PROG" -_ACEOF - -fi - -if test -z "$LD" ; then - LD=$CC -fi - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for inline" >&5 -$as_echo_n "checking for inline... " >&6; } -if ${ac_cv_c_inline+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_cv_c_inline=no -for ac_kw in inline __inline__ __inline; do - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#ifndef __cplusplus -typedef int foo_t; -static $ac_kw foo_t static_foo () {return 0; } -$ac_kw foo_t foo () {return 0; } -#endif - -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_c_inline=$ac_kw -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - test "$ac_cv_c_inline" != no && break -done - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_inline" >&5 -$as_echo "$ac_cv_c_inline" >&6; } - -case $ac_cv_c_inline in - inline | yes) ;; - *) - case $ac_cv_c_inline in - no) ac_val=;; - *) ac_val=$ac_cv_c_inline;; - esac - cat >>confdefs.h <<_ACEOF -#ifndef __cplusplus -#define inline $ac_val -#endif -_ACEOF - ;; -esac - - -ac_fn_c_check_decl "$LINENO" "LLONG_MAX" "ac_cv_have_decl_LLONG_MAX" "#include -" -if test "x$ac_cv_have_decl_LLONG_MAX" = xyes; then : - have_llong_max=1 -fi - -ac_fn_c_check_decl "$LINENO" "SYSTR_POLICY_KILL" "ac_cv_have_decl_SYSTR_POLICY_KILL" " - #include - #include - #include - -" -if test "x$ac_cv_have_decl_SYSTR_POLICY_KILL" = xyes; then : - have_systr_policy_kill=1 -fi - -ac_fn_c_check_decl "$LINENO" "RLIMIT_NPROC" "ac_cv_have_decl_RLIMIT_NPROC" " - #include - #include - -" -if test "x$ac_cv_have_decl_RLIMIT_NPROC" = xyes; then : - -$as_echo "#define HAVE_RLIMIT_NPROC /**/" >>confdefs.h - -fi - -ac_fn_c_check_decl "$LINENO" "PR_SET_NO_NEW_PRIVS" "ac_cv_have_decl_PR_SET_NO_NEW_PRIVS" " - #include - #include - -" -if test "x$ac_cv_have_decl_PR_SET_NO_NEW_PRIVS" = xyes; then : - have_linux_no_new_privs=1 -fi - - -openssl=yes -ssh1=yes - -# Check whether --with-openssl was given. -if test "${with_openssl+set}" = set; then : - withval=$with_openssl; if test "x$withval" = "xno" ; then - openssl=no - ssh1=no - fi - - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL will be used for cryptography" >&5 -$as_echo_n "checking whether OpenSSL will be used for cryptography... " >&6; } -if test "x$openssl" = "xyes" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -cat >>confdefs.h <<_ACEOF -#define WITH_OPENSSL 1 -_ACEOF - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -# Check whether --with-ssh1 was given. -if test "${with_ssh1+set}" = set; then : - withval=$with_ssh1; - if test "x$withval" = "xyes" ; then - if test "x$openssl" = "xno" ; then - as_fn_error $? "Cannot enable SSH protocol 1 with OpenSSL disabled" "$LINENO" 5 - fi - ssh1=yes - elif test "x$withval" = "xno" ; then - ssh1=no - else - as_fn_error $? "unknown --with-ssh1 argument" "$LINENO" 5 - fi - - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether SSH protocol 1 support is enabled" >&5 -$as_echo_n "checking whether SSH protocol 1 support is enabled... " >&6; } -if test "x$ssh1" = "xyes" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -cat >>confdefs.h <<_ACEOF -#define WITH_SSH1 1 -_ACEOF - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - -use_stack_protector=1 -use_toolchain_hardening=1 - -# Check whether --with-stackprotect was given. -if test "${with_stackprotect+set}" = set; then : - withval=$with_stackprotect; - if test "x$withval" = "xno"; then - use_stack_protector=0 - fi -fi - - -# Check whether --with-hardening was given. -if test "${with_hardening+set}" = set; then : - withval=$with_hardening; - if test "x$withval" = "xno"; then - use_toolchain_hardening=0 - fi -fi - - -# We use -Werror for the tests only so that we catch warnings like "this is -# on by default" for things like -fPIE. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports -Werror" >&5 -$as_echo_n "checking if $CC supports -Werror... " >&6; } -saved_CFLAGS="$CFLAGS" -CFLAGS="$CFLAGS -Werror" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -int main(void) { return 0; } -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - WERROR="-Werror" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - WERROR="" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -CFLAGS="$saved_CFLAGS" - -if test "$GCC" = "yes" || test "$GCC" = "egcs"; then - { - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Qunused-arguments" >&5 -$as_echo_n "checking if $CC supports compile flag -Qunused-arguments... " >&6; } - saved_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $WERROR -Qunused-arguments" - _define_flag="" - test "x$_define_flag" = "x" && _define_flag="-Qunused-arguments" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) { - /* Some math to catch -ftrapv problems in the toolchain */ - int i = 123 * argc, j = 456 + argc, k = 789 - argc; - float l = i * 2.1; - double m = l / 0.5; - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); - exit(0); -} - -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -if `grep -i "unrecognized option" conftest.err >/dev/null` -then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - CFLAGS="$saved_CFLAGS $_define_flag" -fi -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -} - { - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wunknown-warning-option" >&5 -$as_echo_n "checking if $CC supports compile flag -Wunknown-warning-option... " >&6; } - saved_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $WERROR -Wunknown-warning-option" - _define_flag="" - test "x$_define_flag" = "x" && _define_flag="-Wunknown-warning-option" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) { - /* Some math to catch -ftrapv problems in the toolchain */ - int i = 123 * argc, j = 456 + argc, k = 789 - argc; - float l = i * 2.1; - double m = l / 0.5; - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); - exit(0); -} - -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -if `grep -i "unrecognized option" conftest.err >/dev/null` -then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - CFLAGS="$saved_CFLAGS $_define_flag" -fi -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -} - { - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wall" >&5 -$as_echo_n "checking if $CC supports compile flag -Wall... " >&6; } - saved_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $WERROR -Wall" - _define_flag="" - test "x$_define_flag" = "x" && _define_flag="-Wall" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) { - /* Some math to catch -ftrapv problems in the toolchain */ - int i = 123 * argc, j = 456 + argc, k = 789 - argc; - float l = i * 2.1; - double m = l / 0.5; - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); - exit(0); -} - -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -if `grep -i "unrecognized option" conftest.err >/dev/null` -then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - CFLAGS="$saved_CFLAGS $_define_flag" -fi -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -} - { - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wpointer-arith" >&5 -$as_echo_n "checking if $CC supports compile flag -Wpointer-arith... " >&6; } - saved_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $WERROR -Wpointer-arith" - _define_flag="" - test "x$_define_flag" = "x" && _define_flag="-Wpointer-arith" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) { - /* Some math to catch -ftrapv problems in the toolchain */ - int i = 123 * argc, j = 456 + argc, k = 789 - argc; - float l = i * 2.1; - double m = l / 0.5; - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); - exit(0); -} - -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -if `grep -i "unrecognized option" conftest.err >/dev/null` -then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - CFLAGS="$saved_CFLAGS $_define_flag" -fi -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -} - { - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wuninitialized" >&5 -$as_echo_n "checking if $CC supports compile flag -Wuninitialized... " >&6; } - saved_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $WERROR -Wuninitialized" - _define_flag="" - test "x$_define_flag" = "x" && _define_flag="-Wuninitialized" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) { - /* Some math to catch -ftrapv problems in the toolchain */ - int i = 123 * argc, j = 456 + argc, k = 789 - argc; - float l = i * 2.1; - double m = l / 0.5; - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); - exit(0); -} - -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -if `grep -i "unrecognized option" conftest.err >/dev/null` -then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - CFLAGS="$saved_CFLAGS $_define_flag" -fi -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -} - { - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wsign-compare" >&5 -$as_echo_n "checking if $CC supports compile flag -Wsign-compare... " >&6; } - saved_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $WERROR -Wsign-compare" - _define_flag="" - test "x$_define_flag" = "x" && _define_flag="-Wsign-compare" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) { - /* Some math to catch -ftrapv problems in the toolchain */ - int i = 123 * argc, j = 456 + argc, k = 789 - argc; - float l = i * 2.1; - double m = l / 0.5; - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); - exit(0); -} - -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -if `grep -i "unrecognized option" conftest.err >/dev/null` -then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - CFLAGS="$saved_CFLAGS $_define_flag" -fi -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -} - { - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wformat-security" >&5 -$as_echo_n "checking if $CC supports compile flag -Wformat-security... " >&6; } - saved_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $WERROR -Wformat-security" - _define_flag="" - test "x$_define_flag" = "x" && _define_flag="-Wformat-security" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) { - /* Some math to catch -ftrapv problems in the toolchain */ - int i = 123 * argc, j = 456 + argc, k = 789 - argc; - float l = i * 2.1; - double m = l / 0.5; - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); - exit(0); -} - -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -if `grep -i "unrecognized option" conftest.err >/dev/null` -then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - CFLAGS="$saved_CFLAGS $_define_flag" -fi -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -} - { - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wsizeof-pointer-memaccess" >&5 -$as_echo_n "checking if $CC supports compile flag -Wsizeof-pointer-memaccess... " >&6; } - saved_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $WERROR -Wsizeof-pointer-memaccess" - _define_flag="" - test "x$_define_flag" = "x" && _define_flag="-Wsizeof-pointer-memaccess" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) { - /* Some math to catch -ftrapv problems in the toolchain */ - int i = 123 * argc, j = 456 + argc, k = 789 - argc; - float l = i * 2.1; - double m = l / 0.5; - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); - exit(0); -} - -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -if `grep -i "unrecognized option" conftest.err >/dev/null` -then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - CFLAGS="$saved_CFLAGS $_define_flag" -fi -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -} - { - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wpointer-sign" >&5 -$as_echo_n "checking if $CC supports compile flag -Wpointer-sign... " >&6; } - saved_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $WERROR -Wpointer-sign" - _define_flag="-Wno-pointer-sign" - test "x$_define_flag" = "x" && _define_flag="-Wpointer-sign" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) { - /* Some math to catch -ftrapv problems in the toolchain */ - int i = 123 * argc, j = 456 + argc, k = 789 - argc; - float l = i * 2.1; - double m = l / 0.5; - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); - exit(0); -} - -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -if `grep -i "unrecognized option" conftest.err >/dev/null` -then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - CFLAGS="$saved_CFLAGS $_define_flag" -fi -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -} - { - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wunused-result" >&5 -$as_echo_n "checking if $CC supports compile flag -Wunused-result... " >&6; } - saved_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $WERROR -Wunused-result" - _define_flag="-Wno-unused-result" - test "x$_define_flag" = "x" && _define_flag="-Wunused-result" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) { - /* Some math to catch -ftrapv problems in the toolchain */ - int i = 123 * argc, j = 456 + argc, k = 789 - argc; - float l = i * 2.1; - double m = l / 0.5; - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); - exit(0); -} - -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -if `grep -i "unrecognized option" conftest.err >/dev/null` -then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - CFLAGS="$saved_CFLAGS $_define_flag" -fi -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -} - { - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -fno-strict-aliasing" >&5 -$as_echo_n "checking if $CC supports compile flag -fno-strict-aliasing... " >&6; } - saved_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $WERROR -fno-strict-aliasing" - _define_flag="" - test "x$_define_flag" = "x" && _define_flag="-fno-strict-aliasing" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) { - /* Some math to catch -ftrapv problems in the toolchain */ - int i = 123 * argc, j = 456 + argc, k = 789 - argc; - float l = i * 2.1; - double m = l / 0.5; - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); - exit(0); -} - -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -if `grep -i "unrecognized option" conftest.err >/dev/null` -then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - CFLAGS="$saved_CFLAGS $_define_flag" -fi -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -} - { - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -D_FORTIFY_SOURCE=2" >&5 -$as_echo_n "checking if $CC supports compile flag -D_FORTIFY_SOURCE=2... " >&6; } - saved_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $WERROR -D_FORTIFY_SOURCE=2" - _define_flag="" - test "x$_define_flag" = "x" && _define_flag="-D_FORTIFY_SOURCE=2" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) { - /* Some math to catch -ftrapv problems in the toolchain */ - int i = 123 * argc, j = 456 + argc, k = 789 - argc; - float l = i * 2.1; - double m = l / 0.5; - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); - exit(0); -} - -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -if `grep -i "unrecognized option" conftest.err >/dev/null` -then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - CFLAGS="$saved_CFLAGS $_define_flag" -fi -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -} - if test "x$use_toolchain_hardening" = "x1"; then - { - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $LD supports link flag -Wl,-z,relro" >&5 -$as_echo_n "checking if $LD supports link flag -Wl,-z,relro... " >&6; } - saved_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS $WERROR -Wl,-z,relro" - _define_flag="" - test "x$_define_flag" = "x" && _define_flag="-Wl,-z,relro" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) { - /* Some math to catch -ftrapv problems in the toolchain */ - int i = 123 * argc, j = 456 + argc, k = 789 - argc; - float l = i * 2.1; - double m = l / 0.5; - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); - exit(0); -} - -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - LDFLAGS="$saved_LDFLAGS $_define_flag" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - LDFLAGS="$saved_LDFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -} - { - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $LD supports link flag -Wl,-z,now" >&5 -$as_echo_n "checking if $LD supports link flag -Wl,-z,now... " >&6; } - saved_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS $WERROR -Wl,-z,now" - _define_flag="" - test "x$_define_flag" = "x" && _define_flag="-Wl,-z,now" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) { - /* Some math to catch -ftrapv problems in the toolchain */ - int i = 123 * argc, j = 456 + argc, k = 789 - argc; - float l = i * 2.1; - double m = l / 0.5; - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); - exit(0); -} - -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - LDFLAGS="$saved_LDFLAGS $_define_flag" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - LDFLAGS="$saved_LDFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -} - { - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $LD supports link flag -Wl,-z,noexecstack" >&5 -$as_echo_n "checking if $LD supports link flag -Wl,-z,noexecstack... " >&6; } - saved_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS $WERROR -Wl,-z,noexecstack" - _define_flag="" - test "x$_define_flag" = "x" && _define_flag="-Wl,-z,noexecstack" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) { - /* Some math to catch -ftrapv problems in the toolchain */ - int i = 123 * argc, j = 456 + argc, k = 789 - argc; - float l = i * 2.1; - double m = l / 0.5; - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); - exit(0); -} - -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - LDFLAGS="$saved_LDFLAGS $_define_flag" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - LDFLAGS="$saved_LDFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -} - # NB. -ftrapv expects certain support functions to be present in - # the compiler library (libgcc or similar) to detect integer operations - # that can overflow. We must check that the result of enabling it - # actually links. The test program compiled/linked includes a number - # of integer operations that should exercise this. - { - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -ftrapv and linking succeeds" >&5 -$as_echo_n "checking if $CC supports compile flag -ftrapv and linking succeeds... " >&6; } - saved_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $WERROR -ftrapv" - _define_flag="" - test "x$_define_flag" = "x" && _define_flag="-ftrapv" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) { - /* Some math to catch -ftrapv problems in the toolchain */ - int i = 123 * argc, j = 456 + argc, k = 789 - argc; - float l = i * 2.1; - double m = l / 0.5; - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); - exit(0); -} - -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - -if `grep -i "unrecognized option" conftest.err >/dev/null` -then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - CFLAGS="$saved_CFLAGS $_define_flag" -fi -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -} - fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking gcc version" >&5 -$as_echo_n "checking gcc version... " >&6; } - GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'` - case $GCC_VER in - 1.*) no_attrib_nonnull=1 ;; - 2.8* | 2.9*) - no_attrib_nonnull=1 - ;; - 2.*) no_attrib_nonnull=1 ;; - *) ;; - esac - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $GCC_VER" >&5 -$as_echo "$GCC_VER" >&6; } - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC accepts -fno-builtin-memset" >&5 -$as_echo_n "checking if $CC accepts -fno-builtin-memset... " >&6; } - saved_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -fno-builtin-memset" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - char b[10]; memset(b, 0, sizeof(b)); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - - # -fstack-protector-all doesn't always work for some GCC versions - # and/or platforms, so we test if we can. If it's not supported - # on a given platform gcc will emit a warning so we use -Werror. - if test "x$use_stack_protector" = "x1"; then - for t in -fstack-protector-strong -fstack-protector-all \ - -fstack-protector; do - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports $t" >&5 -$as_echo_n "checking if $CC supports $t... " >&6; } - saved_CFLAGS="$CFLAGS" - saved_LDFLAGS="$LDFLAGS" - CFLAGS="$CFLAGS $t -Werror" - LDFLAGS="$LDFLAGS $t -Werror" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - - char x[256]; - snprintf(x, sizeof(x), "XXX"); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - CFLAGS="$saved_CFLAGS $t" - LDFLAGS="$saved_LDFLAGS $t" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $t works" >&5 -$as_echo_n "checking if $t works... " >&6; } - if test "$cross_compiling" = yes; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: cannot test" >&5 -$as_echo "$as_me: WARNING: cross compiling: cannot test" >&2;} - break - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - - char x[256]; - snprintf(x, sizeof(x), "XXX"); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - break -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - CFLAGS="$saved_CFLAGS" - LDFLAGS="$saved_LDFLAGS" - done - fi - - if test -z "$have_llong_max"; then - # retry LLONG_MAX with -std=gnu99, needed on some Linuxes - unset ac_cv_have_decl_LLONG_MAX - saved_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -std=gnu99" - ac_fn_c_check_decl "$LINENO" "LLONG_MAX" "ac_cv_have_decl_LLONG_MAX" "#include - -" -if test "x$ac_cv_have_decl_LLONG_MAX" = xyes; then : - have_llong_max=1 -else - CFLAGS="$saved_CFLAGS" -fi - - fi -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if compiler allows __attribute__ on return types" >&5 -$as_echo_n "checking if compiler allows __attribute__ on return types... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -__attribute__((__unused__)) static void foo(void){return;} -int -main () -{ - exit(0); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -$as_echo "#define NO_ATTRIBUTE_ON_RETURN_TYPE 1" >>confdefs.h - - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -if test "x$no_attrib_nonnull" != "x1" ; then - -$as_echo "#define HAVE_ATTRIBUTE__NONNULL__ 1" >>confdefs.h - -fi - - -# Check whether --with-rpath was given. -if test "${with_rpath+set}" = set; then : - withval=$with_rpath; - if test "x$withval" = "xno" ; then - need_dash_r="" - fi - if test "x$withval" = "xyes" ; then - need_dash_r=1 - fi - - -fi - - -# Allow user to specify flags - -# Check whether --with-cflags was given. -if test "${with_cflags+set}" = set; then : - withval=$with_cflags; - if test -n "$withval" && test "x$withval" != "xno" && \ - test "x${withval}" != "xyes"; then - CFLAGS="$CFLAGS $withval" - fi - - -fi - - -# Check whether --with-cppflags was given. -if test "${with_cppflags+set}" = set; then : - withval=$with_cppflags; - if test -n "$withval" && test "x$withval" != "xno" && \ - test "x${withval}" != "xyes"; then - CPPFLAGS="$CPPFLAGS $withval" - fi - - -fi - - -# Check whether --with-ldflags was given. -if test "${with_ldflags+set}" = set; then : - withval=$with_ldflags; - if test -n "$withval" && test "x$withval" != "xno" && \ - test "x${withval}" != "xyes"; then - LDFLAGS="$LDFLAGS $withval" - fi - - -fi - - -# Check whether --with-libs was given. -if test "${with_libs+set}" = set; then : - withval=$with_libs; - if test -n "$withval" && test "x$withval" != "xno" && \ - test "x${withval}" != "xyes"; then - LIBS="$LIBS $withval" - fi - - -fi - - -# Check whether --with-Werror was given. -if test "${with_Werror+set}" = set; then : - withval=$with_Werror; - if test -n "$withval" && test "x$withval" != "xno"; then - werror_flags="-Werror" - if test "x${withval}" != "xyes"; then - werror_flags="$withval" - fi - fi - - -fi - - -for ac_header in \ - blf.h \ - bstring.h \ - crypt.h \ - crypto/sha2.h \ - dirent.h \ - endian.h \ - elf.h \ - features.h \ - fcntl.h \ - floatingpoint.h \ - getopt.h \ - glob.h \ - ia.h \ - iaf.h \ - inttypes.h \ - limits.h \ - locale.h \ - login.h \ - maillock.h \ - ndir.h \ - net/if_tun.h \ - netdb.h \ - netgroup.h \ - pam/pam_appl.h \ - paths.h \ - poll.h \ - pty.h \ - readpassphrase.h \ - rpc/types.h \ - security/pam_appl.h \ - sha2.h \ - shadow.h \ - stddef.h \ - stdint.h \ - string.h \ - strings.h \ - sys/audit.h \ - sys/bitypes.h \ - sys/bsdtty.h \ - sys/cdefs.h \ - sys/dir.h \ - sys/mman.h \ - sys/ndir.h \ - sys/poll.h \ - sys/prctl.h \ - sys/pstat.h \ - sys/select.h \ - sys/stat.h \ - sys/stream.h \ - sys/stropts.h \ - sys/strtio.h \ - sys/statvfs.h \ - sys/sysmacros.h \ - sys/time.h \ - sys/timers.h \ - time.h \ - tmpdir.h \ - ttyent.h \ - ucred.h \ - unistd.h \ - usersec.h \ - util.h \ - utime.h \ - utmp.h \ - utmpx.h \ - vis.h \ - -do : - as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - -# sys/capsicum.h requires sys/types.h -for ac_header in sys/capsicum.h -do : - ac_fn_c_check_header_compile "$LINENO" "sys/capsicum.h" "ac_cv_header_sys_capsicum_h" " -#ifdef HAVE_SYS_TYPES_H -# include -#endif - -" -if test "x$ac_cv_header_sys_capsicum_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_SYS_CAPSICUM_H 1 -_ACEOF - -fi - -done - - -# lastlog.h requires sys/time.h to be included first on Solaris -for ac_header in lastlog.h -do : - ac_fn_c_check_header_compile "$LINENO" "lastlog.h" "ac_cv_header_lastlog_h" " -#ifdef HAVE_SYS_TIME_H -# include -#endif - -" -if test "x$ac_cv_header_lastlog_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_LASTLOG_H 1 -_ACEOF - -fi - -done - - -# sys/ptms.h requires sys/stream.h to be included first on Solaris -for ac_header in sys/ptms.h -do : - ac_fn_c_check_header_compile "$LINENO" "sys/ptms.h" "ac_cv_header_sys_ptms_h" " -#ifdef HAVE_SYS_STREAM_H -# include -#endif - -" -if test "x$ac_cv_header_sys_ptms_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_SYS_PTMS_H 1 -_ACEOF - -fi - -done - - -# login_cap.h requires sys/types.h on NetBSD -for ac_header in login_cap.h -do : - ac_fn_c_check_header_compile "$LINENO" "login_cap.h" "ac_cv_header_login_cap_h" " -#include - -" -if test "x$ac_cv_header_login_cap_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_LOGIN_CAP_H 1 -_ACEOF - -fi - -done - - -# older BSDs need sys/param.h before sys/mount.h -for ac_header in sys/mount.h -do : - ac_fn_c_check_header_compile "$LINENO" "sys/mount.h" "ac_cv_header_sys_mount_h" " -#include - -" -if test "x$ac_cv_header_sys_mount_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_SYS_MOUNT_H 1 -_ACEOF - -fi - -done - - -# Android requires sys/socket.h to be included before sys/un.h -for ac_header in sys/un.h -do : - ac_fn_c_check_header_compile "$LINENO" "sys/un.h" "ac_cv_header_sys_un_h" " -#include -#include - -" -if test "x$ac_cv_header_sys_un_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_SYS_UN_H 1 -_ACEOF - -fi - -done - - -# Messages for features tested for in target-specific section -SIA_MSG="no" -SPC_MSG="no" -SP_MSG="no" - -# Check for some target-specific stuff -case "$host" in -*-*-aix*) - # Some versions of VAC won't allow macro redefinitions at - # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that - # particularly with older versions of vac or xlc. - # It also throws errors about null macro argments, but these are - # not fatal. - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if compiler allows macro redefinitions" >&5 -$as_echo_n "checking if compiler allows macro redefinitions... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#define testmacro foo -#define testmacro bar -int -main () -{ - exit(0); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`" - LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`" - CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`" - CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`" - - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to specify blibpath for linker ($LD)" >&5 -$as_echo_n "checking how to specify blibpath for linker ($LD)... " >&6; } - if (test -z "$blibpath"); then - blibpath="/usr/lib:/lib" - fi - saved_LDFLAGS="$LDFLAGS" - if test "$GCC" = "yes"; then - flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:" - else - flags="-blibpath: -Wl,-blibpath: -Wl,-rpath," - fi - for tryflags in $flags ;do - if (test -z "$blibflags"); then - LDFLAGS="$saved_LDFLAGS $tryflags$blibpath" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - blibflags=$tryflags -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - fi - done - if (test -z "$blibflags"); then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: not found" >&5 -$as_echo "not found" >&6; } - as_fn_error $? "*** must be able to specify blibpath on AIX - check config.log" "$LINENO" 5 - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $blibflags" >&5 -$as_echo "$blibflags" >&6; } - fi - LDFLAGS="$saved_LDFLAGS" - ac_fn_c_check_func "$LINENO" "authenticate" "ac_cv_func_authenticate" -if test "x$ac_cv_func_authenticate" = xyes; then : - -$as_echo "#define WITH_AIXAUTHENTICATE 1" >>confdefs.h - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for authenticate in -ls" >&5 -$as_echo_n "checking for authenticate in -ls... " >&6; } -if ${ac_cv_lib_s_authenticate+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-ls $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char authenticate (); -int -main () -{ -return authenticate (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_s_authenticate=yes -else - ac_cv_lib_s_authenticate=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_s_authenticate" >&5 -$as_echo "$ac_cv_lib_s_authenticate" >&6; } -if test "x$ac_cv_lib_s_authenticate" = xyes; then : - $as_echo "#define WITH_AIXAUTHENTICATE 1" >>confdefs.h - - LIBS="$LIBS -ls" - -fi - - -fi - - ac_fn_c_check_decl "$LINENO" "authenticate" "ac_cv_have_decl_authenticate" "#include -" -if test "x$ac_cv_have_decl_authenticate" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_AUTHENTICATE $ac_have_decl -_ACEOF -ac_fn_c_check_decl "$LINENO" "loginrestrictions" "ac_cv_have_decl_loginrestrictions" "#include -" -if test "x$ac_cv_have_decl_loginrestrictions" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_LOGINRESTRICTIONS $ac_have_decl -_ACEOF -ac_fn_c_check_decl "$LINENO" "loginsuccess" "ac_cv_have_decl_loginsuccess" "#include -" -if test "x$ac_cv_have_decl_loginsuccess" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_LOGINSUCCESS $ac_have_decl -_ACEOF -ac_fn_c_check_decl "$LINENO" "passwdexpired" "ac_cv_have_decl_passwdexpired" "#include -" -if test "x$ac_cv_have_decl_passwdexpired" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_PASSWDEXPIRED $ac_have_decl -_ACEOF -ac_fn_c_check_decl "$LINENO" "setauthdb" "ac_cv_have_decl_setauthdb" "#include -" -if test "x$ac_cv_have_decl_setauthdb" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_SETAUTHDB $ac_have_decl -_ACEOF - - ac_fn_c_check_decl "$LINENO" "loginfailed" "ac_cv_have_decl_loginfailed" "#include - -" -if test "x$ac_cv_have_decl_loginfailed" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_LOGINFAILED $ac_have_decl -_ACEOF -if test $ac_have_decl = 1; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if loginfailed takes 4 arguments" >&5 -$as_echo_n "checking if loginfailed takes 4 arguments... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - (void)loginfailed("user","host","tty",0); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define AIX_LOGINFAILED_4ARG 1" >>confdefs.h - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - - for ac_func in getgrset setauthdb -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - - ac_fn_c_check_decl "$LINENO" "F_CLOSEM" "ac_cv_have_decl_F_CLOSEM" " #include - #include - -" -if test "x$ac_cv_have_decl_F_CLOSEM" = xyes; then : - -$as_echo "#define HAVE_FCNTL_CLOSEM 1" >>confdefs.h - -fi - - check_for_aix_broken_getaddrinfo=1 - -$as_echo "#define BROKEN_REALPATH 1" >>confdefs.h - - -$as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h - - -$as_echo "#define BROKEN_SETREUID 1" >>confdefs.h - - -$as_echo "#define BROKEN_SETREGID 1" >>confdefs.h - - -$as_echo "#define DISABLE_LASTLOG 1" >>confdefs.h - - -$as_echo "#define LOGIN_NEEDS_UTMPX 1" >>confdefs.h - - -$as_echo "#define SPT_TYPE SPT_REUSEARGV" >>confdefs.h - - -$as_echo "#define SSHPAM_CHAUTHTOK_NEEDS_RUID 1" >>confdefs.h - - -$as_echo "#define PTY_ZEROREAD 1" >>confdefs.h - - -$as_echo "#define PLATFORM_SYS_DIR_UID 2" >>confdefs.h - - ;; -*-*-android*) - -$as_echo "#define DISABLE_UTMP 1" >>confdefs.h - - -$as_echo "#define DISABLE_WTMP 1" >>confdefs.h - - ;; -*-*-cygwin*) - check_for_libcrypt_later=1 - LIBS="$LIBS /usr/lib/textreadmode.o" - -$as_echo "#define HAVE_CYGWIN 1" >>confdefs.h - - -$as_echo "#define USE_PIPES 1" >>confdefs.h - - -$as_echo "#define DISABLE_SHADOW 1" >>confdefs.h - - -$as_echo "#define NO_X11_UNIX_SOCKETS 1" >>confdefs.h - - -$as_echo "#define NO_IPPORT_RESERVED_CONCEPT 1" >>confdefs.h - - -$as_echo "#define DISABLE_FD_PASSING 1" >>confdefs.h - - -$as_echo "#define SSH_IOBUFSZ 65535" >>confdefs.h - - -$as_echo "#define FILESYSTEM_NO_BACKSLASH 1" >>confdefs.h - - # Cygwin defines optargs, optargs as declspec(dllimport) for historical - # reasons which cause compile warnings, so we disable those warnings. - { - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wno-attributes" >&5 -$as_echo_n "checking if $CC supports compile flag -Wno-attributes... " >&6; } - saved_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $WERROR -Wno-attributes" - _define_flag="" - test "x$_define_flag" = "x" && _define_flag="-Wno-attributes" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) { - /* Some math to catch -ftrapv problems in the toolchain */ - int i = 123 * argc, j = 456 + argc, k = 789 - argc; - float l = i * 2.1; - double m = l / 0.5; - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); - exit(0); -} - -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -if `grep -i "unrecognized option" conftest.err >/dev/null` -then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - CFLAGS="$saved_CFLAGS $_define_flag" -fi -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -} - ;; -*-*-dgux*) - -$as_echo "#define IP_TOS_IS_BROKEN 1" >>confdefs.h - - $as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREGID 1" >>confdefs.h - - ;; -*-*-darwin*) - use_pie=auto - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if we have working getaddrinfo" >&5 -$as_echo_n "checking if we have working getaddrinfo... " >&6; } - if test "$cross_compiling" = yes; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: assume it is working" >&5 -$as_echo "assume it is working" >&6; } -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) - exit(0); - else - exit(1); -} - -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: working" >&5 -$as_echo "working" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: buggy" >&5 -$as_echo "buggy" >&6; } - -$as_echo "#define BROKEN_GETADDRINFO 1" >>confdefs.h - - -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - $as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREGID 1" >>confdefs.h - - -$as_echo "#define BROKEN_GLOB 1" >>confdefs.h - - -cat >>confdefs.h <<_ACEOF -#define BIND_8_COMPAT 1 -_ACEOF - - -$as_echo "#define SSH_TUN_FREEBSD 1" >>confdefs.h - - -$as_echo "#define SSH_TUN_COMPAT_AF 1" >>confdefs.h - - -$as_echo "#define SSH_TUN_PREPEND_AF 1" >>confdefs.h - - - ac_fn_c_check_decl "$LINENO" "AU_IPv4" "ac_cv_have_decl_AU_IPv4" "$ac_includes_default" -if test "x$ac_cv_have_decl_AU_IPv4" = xyes; then : - -else - -$as_echo "#define AU_IPv4 0" >>confdefs.h - - #include - -$as_echo "#define LASTLOG_WRITE_PUTUTXLINE 1" >>confdefs.h - - -fi - - -$as_echo "#define SPT_TYPE SPT_REUSEARGV" >>confdefs.h - - for ac_func in sandbox_init -do : - ac_fn_c_check_func "$LINENO" "sandbox_init" "ac_cv_func_sandbox_init" -if test "x$ac_cv_func_sandbox_init" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_SANDBOX_INIT 1 -_ACEOF - -fi -done - - for ac_header in sandbox.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "sandbox.h" "ac_cv_header_sandbox_h" "$ac_includes_default" -if test "x$ac_cv_header_sandbox_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_SANDBOX_H 1 -_ACEOF - -fi - -done - - ;; -*-*-dragonfly*) - SSHDLIBS="$SSHDLIBS -lcrypt" - TEST_MALLOC_OPTIONS="AFGJPRX" - ;; -*-*-haiku*) - LIBS="$LIBS -lbsd " - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for socket in -lnetwork" >&5 -$as_echo_n "checking for socket in -lnetwork... " >&6; } -if ${ac_cv_lib_network_socket+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lnetwork $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char socket (); -int -main () -{ -return socket (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_network_socket=yes -else - ac_cv_lib_network_socket=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_network_socket" >&5 -$as_echo "$ac_cv_lib_network_socket" >&6; } -if test "x$ac_cv_lib_network_socket" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_LIBNETWORK 1 -_ACEOF - - LIBS="-lnetwork $LIBS" - -fi - - $as_echo "#define HAVE_U_INT64_T 1" >>confdefs.h - - MANTYPE=man - ;; -*-*-hpux*) - # first we define all of the options common to all HP-UX releases - CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" - IPADDR_IN_DISPLAY=yes - $as_echo "#define USE_PIPES 1" >>confdefs.h - - -$as_echo "#define LOGIN_NO_ENDOPT 1" >>confdefs.h - - $as_echo "#define LOGIN_NEEDS_UTMPX 1" >>confdefs.h - - -$as_echo "#define LOCKED_PASSWD_STRING \"*\"" >>confdefs.h - - $as_echo "#define SPT_TYPE SPT_PSTAT" >>confdefs.h - - -$as_echo "#define PLATFORM_SYS_DIR_UID 2" >>confdefs.h - - maildir="/var/mail" - LIBS="$LIBS -lsec" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for t_error in -lxnet" >&5 -$as_echo_n "checking for t_error in -lxnet... " >&6; } -if ${ac_cv_lib_xnet_t_error+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lxnet $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char t_error (); -int -main () -{ -return t_error (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_xnet_t_error=yes -else - ac_cv_lib_xnet_t_error=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_xnet_t_error" >&5 -$as_echo "$ac_cv_lib_xnet_t_error" >&6; } -if test "x$ac_cv_lib_xnet_t_error" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_LIBXNET 1 -_ACEOF - - LIBS="-lxnet $LIBS" - -else - as_fn_error $? "*** -lxnet needed on HP-UX - check config.log ***" "$LINENO" 5 -fi - - - # next, we define all of the options specific to major releases - case "$host" in - *-*-hpux10*) - if test -z "$GCC"; then - CFLAGS="$CFLAGS -Ae" - fi - ;; - *-*-hpux11*) - -$as_echo "#define PAM_SUN_CODEBASE 1" >>confdefs.h - - -$as_echo "#define DISABLE_UTMP 1" >>confdefs.h - - -$as_echo "#define USE_BTMP 1" >>confdefs.h - - check_for_hpux_broken_getaddrinfo=1 - check_for_conflicting_getspnam=1 - ;; - esac - - # lastly, we define options specific to minor releases - case "$host" in - *-*-hpux10.26) - -$as_echo "#define HAVE_SECUREWARE 1" >>confdefs.h - - disable_ptmx_check=yes - LIBS="$LIBS -lsecpw" - ;; - esac - ;; -*-*-irix5*) - PATH="$PATH:/usr/etc" - -$as_echo "#define BROKEN_INET_NTOA 1" >>confdefs.h - - $as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREGID 1" >>confdefs.h - - -$as_echo "#define WITH_ABBREV_NO_TTY 1" >>confdefs.h - - $as_echo "#define LOCKED_PASSWD_STRING \"*LK*\"" >>confdefs.h - - ;; -*-*-irix6*) - PATH="$PATH:/usr/etc" - -$as_echo "#define WITH_IRIX_ARRAY 1" >>confdefs.h - - -$as_echo "#define WITH_IRIX_PROJECT 1" >>confdefs.h - - -$as_echo "#define WITH_IRIX_AUDIT 1" >>confdefs.h - - ac_fn_c_check_func "$LINENO" "jlimit_startjob" "ac_cv_func_jlimit_startjob" -if test "x$ac_cv_func_jlimit_startjob" = xyes; then : - -$as_echo "#define WITH_IRIX_JOBS 1" >>confdefs.h - -fi - - $as_echo "#define BROKEN_INET_NTOA 1" >>confdefs.h - - $as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREGID 1" >>confdefs.h - - -$as_echo "#define BROKEN_UPDWTMPX 1" >>confdefs.h - - $as_echo "#define WITH_ABBREV_NO_TTY 1" >>confdefs.h - - $as_echo "#define LOCKED_PASSWD_STRING \"*LK*\"" >>confdefs.h - - ;; -*-*-k*bsd*-gnu | *-*-kopensolaris*-gnu) - check_for_libcrypt_later=1 - $as_echo "#define PAM_TTY_KLUDGE 1" >>confdefs.h - - $as_echo "#define LOCKED_PASSWD_PREFIX \"!\"" >>confdefs.h - - $as_echo "#define SPT_TYPE SPT_REUSEARGV" >>confdefs.h - - -$as_echo "#define _PATH_BTMP \"/var/log/btmp\"" >>confdefs.h - - -$as_echo "#define USE_BTMP 1" >>confdefs.h - - ;; -*-*-linux*) - no_dev_ptmx=1 - use_pie=auto - check_for_libcrypt_later=1 - check_for_openpty_ctty_bug=1 - -$as_echo "#define PAM_TTY_KLUDGE 1" >>confdefs.h - - -$as_echo "#define LOCKED_PASSWD_PREFIX \"!\"" >>confdefs.h - - $as_echo "#define SPT_TYPE SPT_REUSEARGV" >>confdefs.h - - -$as_echo "#define LINK_OPNOTSUPP_ERRNO EPERM" >>confdefs.h - - -$as_echo "#define _PATH_BTMP \"/var/log/btmp\"" >>confdefs.h - - $as_echo "#define USE_BTMP 1" >>confdefs.h - - -$as_echo "#define LINUX_OOM_ADJUST 1" >>confdefs.h - - inet6_default_4in6=yes - case `uname -r` in - 1.*|2.0.*) - -$as_echo "#define BROKEN_CMSG_TYPE 1" >>confdefs.h - - ;; - esac - # tun(4) forwarding compat code - for ac_header in linux/if_tun.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "linux/if_tun.h" "ac_cv_header_linux_if_tun_h" "$ac_includes_default" -if test "x$ac_cv_header_linux_if_tun_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_LINUX_IF_TUN_H 1 -_ACEOF - -fi - -done - - if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then - -$as_echo "#define SSH_TUN_LINUX 1" >>confdefs.h - - -$as_echo "#define SSH_TUN_COMPAT_AF 1" >>confdefs.h - - -$as_echo "#define SSH_TUN_PREPEND_AF 1" >>confdefs.h - - fi - for ac_header in linux/seccomp.h linux/filter.h linux/audit.h -do : - as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "#include -" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - for ac_func in prctl -do : - ac_fn_c_check_func "$LINENO" "prctl" "ac_cv_func_prctl" -if test "x$ac_cv_func_prctl" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_PRCTL 1 -_ACEOF - -fi -done - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for seccomp architecture" >&5 -$as_echo_n "checking for seccomp architecture... " >&6; } - seccomp_audit_arch= - case "$host" in - x86_64-*) - seccomp_audit_arch=AUDIT_ARCH_X86_64 - ;; - i*86-*) - seccomp_audit_arch=AUDIT_ARCH_I386 - ;; - arm*-*) - seccomp_audit_arch=AUDIT_ARCH_ARM - ;; - aarch64*-*) - seccomp_audit_arch=AUDIT_ARCH_AARCH64 - ;; - esac - if test "x$seccomp_audit_arch" != "x" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: \"$seccomp_audit_arch\"" >&5 -$as_echo "\"$seccomp_audit_arch\"" >&6; } - -cat >>confdefs.h <<_ACEOF -#define SECCOMP_AUDIT_ARCH $seccomp_audit_arch -_ACEOF - - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: architecture not supported" >&5 -$as_echo "architecture not supported" >&6; } - fi - ;; -mips-sony-bsd|mips-sony-newsos4) - -$as_echo "#define NEED_SETPGRP 1" >>confdefs.h - - SONY=1 - ;; -*-*-netbsd*) - check_for_libcrypt_before=1 - if test "x$withval" != "xno" ; then - need_dash_r=1 - fi - -$as_echo "#define SSH_TUN_FREEBSD 1" >>confdefs.h - - ac_fn_c_check_header_mongrel "$LINENO" "net/if_tap.h" "ac_cv_header_net_if_tap_h" "$ac_includes_default" -if test "x$ac_cv_header_net_if_tap_h" = xyes; then : - -else - -$as_echo "#define SSH_TUN_NO_L2 1" >>confdefs.h - -fi - - - -$as_echo "#define SSH_TUN_PREPEND_AF 1" >>confdefs.h - - TEST_MALLOC_OPTIONS="AJRX" - -$as_echo "#define BROKEN_STRNVIS 1" >>confdefs.h - - -$as_echo "#define BROKEN_READ_COMPARISON 1" >>confdefs.h - - ;; -*-*-freebsd*) - check_for_libcrypt_later=1 - -$as_echo "#define LOCKED_PASSWD_PREFIX \"*LOCKED*\"" >>confdefs.h - - -$as_echo "#define SSH_TUN_FREEBSD 1" >>confdefs.h - - ac_fn_c_check_header_mongrel "$LINENO" "net/if_tap.h" "ac_cv_header_net_if_tap_h" "$ac_includes_default" -if test "x$ac_cv_header_net_if_tap_h" = xyes; then : - -else - -$as_echo "#define SSH_TUN_NO_L2 1" >>confdefs.h - -fi - - - -$as_echo "#define BROKEN_GLOB 1" >>confdefs.h - - -$as_echo "#define BROKEN_STRNVIS 1" >>confdefs.h - - TEST_MALLOC_OPTIONS="AJRX" - # Preauth crypto occasionally uses file descriptors for crypto offload - # and will crash if they cannot be opened. - -$as_echo "#define SANDBOX_SKIP_RLIMIT_NOFILE 1" >>confdefs.h - - ;; -*-*-bsdi*) - $as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREGID 1" >>confdefs.h - - ;; -*-next-*) - conf_lastlog_location="/usr/adm/lastlog" - conf_utmp_location=/etc/utmp - conf_wtmp_location=/usr/adm/wtmp - maildir=/usr/spool/mail - -$as_echo "#define HAVE_NEXT 1" >>confdefs.h - - $as_echo "#define BROKEN_REALPATH 1" >>confdefs.h - - $as_echo "#define USE_PIPES 1" >>confdefs.h - - -$as_echo "#define BROKEN_SAVED_UIDS 1" >>confdefs.h - - ;; -*-*-openbsd*) - use_pie=auto - -$as_echo "#define HAVE_ATTRIBUTE__SENTINEL__ 1" >>confdefs.h - - -$as_echo "#define HAVE_ATTRIBUTE__BOUNDED__ 1" >>confdefs.h - - -$as_echo "#define SSH_TUN_OPENBSD 1" >>confdefs.h - - -$as_echo "#define SYSLOG_R_SAFE_IN_SIGHAND 1" >>confdefs.h - - TEST_MALLOC_OPTIONS="AFGJPRX" - ;; -*-*-solaris*) - if test "x$withval" != "xno" ; then - need_dash_r=1 - fi - $as_echo "#define PAM_SUN_CODEBASE 1" >>confdefs.h - - $as_echo "#define LOGIN_NEEDS_UTMPX 1" >>confdefs.h - - -$as_echo "#define LOGIN_NEEDS_TERM 1" >>confdefs.h - - $as_echo "#define PAM_TTY_KLUDGE 1" >>confdefs.h - - -$as_echo "#define SSHPAM_CHAUTHTOK_NEEDS_RUID 1" >>confdefs.h - - $as_echo "#define LOCKED_PASSWD_STRING \"*LK*\"" >>confdefs.h - - # Pushing STREAMS modules will cause sshd to acquire a controlling tty. - -$as_echo "#define SSHD_ACQUIRES_CTTY 1" >>confdefs.h - - -$as_echo "#define PASSWD_NEEDS_USERNAME 1" >>confdefs.h - - -$as_echo "#define BROKEN_TCGETATTR_ICANON 1" >>confdefs.h - - external_path_file=/etc/default/login - # hardwire lastlog location (can't detect it on some versions) - conf_lastlog_location="/var/adm/lastlog" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for obsolete utmp and wtmp in solaris2.x" >&5 -$as_echo_n "checking for obsolete utmp and wtmp in solaris2.x... " >&6; } - sol2ver=`echo "$host"| sed -e 's/.*[0-9]\.//'` - if test "$sol2ver" -ge 8; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - $as_echo "#define DISABLE_UTMP 1" >>confdefs.h - - -$as_echo "#define DISABLE_WTMP 1" >>confdefs.h - - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - -# Check whether --with-solaris-contracts was given. -if test "${with_solaris_contracts+set}" = set; then : - withval=$with_solaris_contracts; - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ct_tmpl_activate in -lcontract" >&5 -$as_echo_n "checking for ct_tmpl_activate in -lcontract... " >&6; } -if ${ac_cv_lib_contract_ct_tmpl_activate+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lcontract $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char ct_tmpl_activate (); -int -main () -{ -return ct_tmpl_activate (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_contract_ct_tmpl_activate=yes -else - ac_cv_lib_contract_ct_tmpl_activate=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_contract_ct_tmpl_activate" >&5 -$as_echo "$ac_cv_lib_contract_ct_tmpl_activate" >&6; } -if test "x$ac_cv_lib_contract_ct_tmpl_activate" = xyes; then : - -$as_echo "#define USE_SOLARIS_PROCESS_CONTRACTS 1" >>confdefs.h - - SSHDLIBS="$SSHDLIBS -lcontract" - SPC_MSG="yes" -fi - - -fi - - -# Check whether --with-solaris-projects was given. -if test "${with_solaris_projects+set}" = set; then : - withval=$with_solaris_projects; - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for setproject in -lproject" >&5 -$as_echo_n "checking for setproject in -lproject... " >&6; } -if ${ac_cv_lib_project_setproject+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lproject $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char setproject (); -int -main () -{ -return setproject (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_project_setproject=yes -else - ac_cv_lib_project_setproject=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_project_setproject" >&5 -$as_echo "$ac_cv_lib_project_setproject" >&6; } -if test "x$ac_cv_lib_project_setproject" = xyes; then : - -$as_echo "#define USE_SOLARIS_PROJECTS 1" >>confdefs.h - - SSHDLIBS="$SSHDLIBS -lproject" - SP_MSG="yes" -fi - - -fi - - TEST_SHELL=$SHELL # let configure find us a capable shell - ;; -*-*-sunos4*) - CPPFLAGS="$CPPFLAGS -DSUNOS4" - for ac_func in getpwanam -do : - ac_fn_c_check_func "$LINENO" "getpwanam" "ac_cv_func_getpwanam" -if test "x$ac_cv_func_getpwanam" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_GETPWANAM 1 -_ACEOF - -fi -done - - $as_echo "#define PAM_SUN_CODEBASE 1" >>confdefs.h - - conf_utmp_location=/etc/utmp - conf_wtmp_location=/var/adm/wtmp - conf_lastlog_location=/var/adm/lastlog - $as_echo "#define USE_PIPES 1" >>confdefs.h - - ;; -*-ncr-sysv*) - LIBS="$LIBS -lc89" - $as_echo "#define USE_PIPES 1" >>confdefs.h - - $as_echo "#define SSHD_ACQUIRES_CTTY 1" >>confdefs.h - - $as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREGID 1" >>confdefs.h - - ;; -*-sni-sysv*) - # /usr/ucblib MUST NOT be searched on ReliantUNIX - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlsym in -ldl" >&5 -$as_echo_n "checking for dlsym in -ldl... " >&6; } -if ${ac_cv_lib_dl_dlsym+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-ldl $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dlsym (); -int -main () -{ -return dlsym (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_dl_dlsym=yes -else - ac_cv_lib_dl_dlsym=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlsym" >&5 -$as_echo "$ac_cv_lib_dl_dlsym" >&6; } -if test "x$ac_cv_lib_dl_dlsym" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_LIBDL 1 -_ACEOF - - LIBS="-ldl $LIBS" - -fi - - # -lresolv needs to be at the end of LIBS or DNS lookups break - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for res_query in -lresolv" >&5 -$as_echo_n "checking for res_query in -lresolv... " >&6; } -if ${ac_cv_lib_resolv_res_query+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lresolv $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char res_query (); -int -main () -{ -return res_query (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_resolv_res_query=yes -else - ac_cv_lib_resolv_res_query=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_resolv_res_query" >&5 -$as_echo "$ac_cv_lib_resolv_res_query" >&6; } -if test "x$ac_cv_lib_resolv_res_query" = xyes; then : - LIBS="$LIBS -lresolv" -fi - - IPADDR_IN_DISPLAY=yes - $as_echo "#define USE_PIPES 1" >>confdefs.h - - $as_echo "#define IP_TOS_IS_BROKEN 1" >>confdefs.h - - $as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREGID 1" >>confdefs.h - - $as_echo "#define SSHD_ACQUIRES_CTTY 1" >>confdefs.h - - external_path_file=/etc/default/login - # /usr/ucblib/libucb.a no longer needed on ReliantUNIX - # Attention: always take care to bind libsocket and libnsl before libc, - # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog - ;; -# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel. -*-*-sysv4.2*) - $as_echo "#define USE_PIPES 1" >>confdefs.h - - $as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREGID 1" >>confdefs.h - - -$as_echo "#define PASSWD_NEEDS_USERNAME 1" >>confdefs.h - - $as_echo "#define LOCKED_PASSWD_STRING \"*LK*\"" >>confdefs.h - - TEST_SHELL=$SHELL # let configure find us a capable shell - ;; -# UnixWare 7.x, OpenUNIX 8 -*-*-sysv5*) - CPPFLAGS="$CPPFLAGS -Dvsnprintf=_xvsnprintf -Dsnprintf=_xsnprintf" - -$as_echo "#define UNIXWARE_LONG_PASSWORDS 1" >>confdefs.h - - $as_echo "#define USE_PIPES 1" >>confdefs.h - - $as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h - - $as_echo "#define BROKEN_GETADDRINFO 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREGID 1" >>confdefs.h - - $as_echo "#define PASSWD_NEEDS_USERNAME 1" >>confdefs.h - - TEST_SHELL=$SHELL # let configure find us a capable shell - case "$host" in - *-*-sysv5SCO_SV*) # SCO OpenServer 6.x - maildir=/var/spool/mail - -$as_echo "#define BROKEN_LIBIAF 1" >>confdefs.h - - $as_echo "#define BROKEN_UPDWTMPX 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for getluid in -lprot" >&5 -$as_echo_n "checking for getluid in -lprot... " >&6; } -if ${ac_cv_lib_prot_getluid+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lprot $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getluid (); -int -main () -{ -return getluid (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_prot_getluid=yes -else - ac_cv_lib_prot_getluid=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_prot_getluid" >&5 -$as_echo "$ac_cv_lib_prot_getluid" >&6; } -if test "x$ac_cv_lib_prot_getluid" = xyes; then : - LIBS="$LIBS -lprot" - for ac_func in getluid setluid -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - - $as_echo "#define HAVE_SECUREWARE 1" >>confdefs.h - - $as_echo "#define DISABLE_SHADOW 1" >>confdefs.h - - -fi - - ;; - *) $as_echo "#define LOCKED_PASSWD_STRING \"*LK*\"" >>confdefs.h - - check_for_libcrypt_later=1 - ;; - esac - ;; -*-*-sysv*) - ;; -# SCO UNIX and OEM versions of SCO UNIX -*-*-sco3.2v4*) - as_fn_error $? "\"This Platform is no longer supported.\"" "$LINENO" 5 - ;; -# SCO OpenServer 5.x -*-*-sco3.2v5*) - if test -z "$GCC"; then - CFLAGS="$CFLAGS -belf" - fi - LIBS="$LIBS -lprot -lx -ltinfo -lm" - no_dev_ptmx=1 - $as_echo "#define USE_PIPES 1" >>confdefs.h - - $as_echo "#define HAVE_SECUREWARE 1" >>confdefs.h - - $as_echo "#define DISABLE_SHADOW 1" >>confdefs.h - - $as_echo "#define DISABLE_FD_PASSING 1" >>confdefs.h - - $as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h - - $as_echo "#define BROKEN_GETADDRINFO 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREGID 1" >>confdefs.h - - $as_echo "#define WITH_ABBREV_NO_TTY 1" >>confdefs.h - - $as_echo "#define BROKEN_UPDWTMPX 1" >>confdefs.h - - $as_echo "#define PASSWD_NEEDS_USERNAME 1" >>confdefs.h - - for ac_func in getluid setluid -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - - MANTYPE=man - TEST_SHELL=$SHELL # let configure find us a capable shell - SKIP_DISABLE_LASTLOG_DEFINE=yes - ;; -*-*-unicosmk*) - -$as_echo "#define NO_SSH_LASTLOG 1" >>confdefs.h - - $as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREGID 1" >>confdefs.h - - $as_echo "#define USE_PIPES 1" >>confdefs.h - - $as_echo "#define DISABLE_FD_PASSING 1" >>confdefs.h - - LDFLAGS="$LDFLAGS" - LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" - MANTYPE=cat - ;; -*-*-unicosmp*) - $as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREGID 1" >>confdefs.h - - $as_echo "#define WITH_ABBREV_NO_TTY 1" >>confdefs.h - - $as_echo "#define USE_PIPES 1" >>confdefs.h - - $as_echo "#define DISABLE_FD_PASSING 1" >>confdefs.h - - LDFLAGS="$LDFLAGS" - LIBS="$LIBS -lgen -lacid -ldb" - MANTYPE=cat - ;; -*-*-unicos*) - $as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREGID 1" >>confdefs.h - - $as_echo "#define USE_PIPES 1" >>confdefs.h - - $as_echo "#define DISABLE_FD_PASSING 1" >>confdefs.h - - $as_echo "#define NO_SSH_LASTLOG 1" >>confdefs.h - - LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal" - LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" - MANTYPE=cat - ;; -*-dec-osf*) - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for Digital Unix SIA" >&5 -$as_echo_n "checking for Digital Unix SIA... " >&6; } - no_osfsia="" - -# Check whether --with-osfsia was given. -if test "${with_osfsia+set}" = set; then : - withval=$with_osfsia; - if test "x$withval" = "xno" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: disabled" >&5 -$as_echo "disabled" >&6; } - no_osfsia=1 - fi - -fi - - if test -z "$no_osfsia" ; then - if test -f /etc/sia/matrix.conf; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define HAVE_OSF_SIA 1" >>confdefs.h - - -$as_echo "#define DISABLE_LOGIN 1" >>confdefs.h - - $as_echo "#define DISABLE_FD_PASSING 1" >>confdefs.h - - LIBS="$LIBS -lsecurity -ldb -lm -laud" - SIA_MSG="yes" - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -$as_echo "#define LOCKED_PASSWD_SUBSTR \"Nologin\"" >>confdefs.h - - fi - fi - $as_echo "#define BROKEN_GETADDRINFO 1" >>confdefs.h - - $as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREGID 1" >>confdefs.h - - -$as_echo "#define BROKEN_READV_COMPARISON 1" >>confdefs.h - - ;; - -*-*-nto-qnx*) - $as_echo "#define USE_PIPES 1" >>confdefs.h - - $as_echo "#define NO_X11_UNIX_SOCKETS 1" >>confdefs.h - - $as_echo "#define DISABLE_LASTLOG 1" >>confdefs.h - - $as_echo "#define SSHD_ACQUIRES_CTTY 1" >>confdefs.h - - -$as_echo "#define BROKEN_SHADOW_EXPIRE 1" >>confdefs.h - - enable_etc_default_login=no # has incompatible /etc/default/login - case "$host" in - *-*-nto-qnx6*) - $as_echo "#define DISABLE_FD_PASSING 1" >>confdefs.h - - ;; - esac - ;; - -*-*-ultrix*) - -$as_echo "#define BROKEN_GETGROUPS 1" >>confdefs.h - - -$as_echo "#define BROKEN_MMAP 1" >>confdefs.h - - $as_echo "#define NEED_SETPGRP 1" >>confdefs.h - - -$as_echo "#define HAVE_SYS_SYSLOG_H 1" >>confdefs.h - - ;; - -*-*-lynxos) - CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__" - -$as_echo "#define BROKEN_SETVBUF 1" >>confdefs.h - - ;; -esac - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking compiler and flags for sanity" >&5 -$as_echo_n "checking compiler and flags for sanity... " >&6; } -if test "$cross_compiling" = yes; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking compiler sanity" >&5 -$as_echo "$as_me: WARNING: cross compiling: not checking compiler sanity" >&2;} - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - exit(0); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - as_fn_error $? "*** compiler cannot create working executables, check config.log ***" "$LINENO" 5 - -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - -# Checks for libraries. -ac_fn_c_check_func "$LINENO" "yp_match" "ac_cv_func_yp_match" -if test "x$ac_cv_func_yp_match" = xyes; then : - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for yp_match in -lnsl" >&5 -$as_echo_n "checking for yp_match in -lnsl... " >&6; } -if ${ac_cv_lib_nsl_yp_match+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lnsl $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char yp_match (); -int -main () -{ -return yp_match (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_nsl_yp_match=yes -else - ac_cv_lib_nsl_yp_match=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_nsl_yp_match" >&5 -$as_echo "$ac_cv_lib_nsl_yp_match" >&6; } -if test "x$ac_cv_lib_nsl_yp_match" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_LIBNSL 1 -_ACEOF - - LIBS="-lnsl $LIBS" - -fi - -fi - -ac_fn_c_check_func "$LINENO" "setsockopt" "ac_cv_func_setsockopt" -if test "x$ac_cv_func_setsockopt" = xyes; then : - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for setsockopt in -lsocket" >&5 -$as_echo_n "checking for setsockopt in -lsocket... " >&6; } -if ${ac_cv_lib_socket_setsockopt+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lsocket $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char setsockopt (); -int -main () -{ -return setsockopt (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_socket_setsockopt=yes -else - ac_cv_lib_socket_setsockopt=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_socket_setsockopt" >&5 -$as_echo "$ac_cv_lib_socket_setsockopt" >&6; } -if test "x$ac_cv_lib_socket_setsockopt" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_LIBSOCKET 1 -_ACEOF - - LIBS="-lsocket $LIBS" - -fi - -fi - - -for ac_func in dirname -do : - ac_fn_c_check_func "$LINENO" "dirname" "ac_cv_func_dirname" -if test "x$ac_cv_func_dirname" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_DIRNAME 1 -_ACEOF - for ac_header in libgen.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "libgen.h" "ac_cv_header_libgen_h" "$ac_includes_default" -if test "x$ac_cv_header_libgen_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_LIBGEN_H 1 -_ACEOF - -fi - -done - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dirname in -lgen" >&5 -$as_echo_n "checking for dirname in -lgen... " >&6; } -if ${ac_cv_lib_gen_dirname+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lgen $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dirname (); -int -main () -{ -return dirname (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_gen_dirname=yes -else - ac_cv_lib_gen_dirname=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_gen_dirname" >&5 -$as_echo "$ac_cv_lib_gen_dirname" >&6; } -if test "x$ac_cv_lib_gen_dirname" = xyes; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for broken dirname" >&5 -$as_echo_n "checking for broken dirname... " >&6; } -if ${ac_cv_have_broken_dirname+:} false; then : - $as_echo_n "(cached) " >&6 -else - - save_LIBS="$LIBS" - LIBS="$LIBS -lgen" - if test "$cross_compiling" = yes; then : - ac_cv_have_broken_dirname="no" -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include - -int main(int argc, char **argv) { - char *s, buf[32]; - - strncpy(buf,"/etc", 32); - s = dirname(buf); - if (!s || strncmp(s, "/", 32) != 0) { - exit(1); - } else { - exit(0); - } -} - -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - ac_cv_have_broken_dirname="no" -else - ac_cv_have_broken_dirname="yes" -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - LIBS="$save_LIBS" - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_broken_dirname" >&5 -$as_echo "$ac_cv_have_broken_dirname" >&6; } - if test "x$ac_cv_have_broken_dirname" = "xno" ; then - LIBS="$LIBS -lgen" - $as_echo "#define HAVE_DIRNAME 1" >>confdefs.h - - for ac_header in libgen.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "libgen.h" "ac_cv_header_libgen_h" "$ac_includes_default" -if test "x$ac_cv_header_libgen_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_LIBGEN_H 1 -_ACEOF - -fi - -done - - fi - -fi - - -fi -done - - -ac_fn_c_check_func "$LINENO" "getspnam" "ac_cv_func_getspnam" -if test "x$ac_cv_func_getspnam" = xyes; then : - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for getspnam in -lgen" >&5 -$as_echo_n "checking for getspnam in -lgen... " >&6; } -if ${ac_cv_lib_gen_getspnam+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lgen $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getspnam (); -int -main () -{ -return getspnam (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_gen_getspnam=yes -else - ac_cv_lib_gen_getspnam=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_gen_getspnam" >&5 -$as_echo "$ac_cv_lib_gen_getspnam" >&6; } -if test "x$ac_cv_lib_gen_getspnam" = xyes; then : - LIBS="$LIBS -lgen" -fi - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing basename" >&5 -$as_echo_n "checking for library containing basename... " >&6; } -if ${ac_cv_search_basename+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char basename (); -int -main () -{ -return basename (); - ; - return 0; -} -_ACEOF -for ac_lib in '' gen; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_basename=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_basename+:} false; then : - break -fi -done -if ${ac_cv_search_basename+:} false; then : - -else - ac_cv_search_basename=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_basename" >&5 -$as_echo "$ac_cv_search_basename" >&6; } -ac_res=$ac_cv_search_basename -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -$as_echo "#define HAVE_BASENAME 1" >>confdefs.h - -fi - - - -# Check whether --with-zlib was given. -if test "${with_zlib+set}" = set; then : - withval=$with_zlib; if test "x$withval" = "xno" ; then - as_fn_error $? "*** zlib is required ***" "$LINENO" 5 - elif test "x$withval" != "xyes"; then - if test -d "$withval/lib"; then - if test -n "${need_dash_r}"; then - LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" - else - LDFLAGS="-L${withval}/lib ${LDFLAGS}" - fi - else - if test -n "${need_dash_r}"; then - LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" - else - LDFLAGS="-L${withval} ${LDFLAGS}" - fi - fi - if test -d "$withval/include"; then - CPPFLAGS="-I${withval}/include ${CPPFLAGS}" - else - CPPFLAGS="-I${withval} ${CPPFLAGS}" - fi - fi - -fi - - -ac_fn_c_check_header_mongrel "$LINENO" "zlib.h" "ac_cv_header_zlib_h" "$ac_includes_default" -if test "x$ac_cv_header_zlib_h" = xyes; then : - -else - as_fn_error $? "*** zlib.h missing - please install first or check config.log ***" "$LINENO" 5 -fi - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for deflate in -lz" >&5 -$as_echo_n "checking for deflate in -lz... " >&6; } -if ${ac_cv_lib_z_deflate+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lz $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char deflate (); -int -main () -{ -return deflate (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_z_deflate=yes -else - ac_cv_lib_z_deflate=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_z_deflate" >&5 -$as_echo "$ac_cv_lib_z_deflate" >&6; } -if test "x$ac_cv_lib_z_deflate" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_LIBZ 1 -_ACEOF - - LIBS="-lz $LIBS" - -else - - saved_CPPFLAGS="$CPPFLAGS" - saved_LDFLAGS="$LDFLAGS" - save_LIBS="$LIBS" - if test -n "${need_dash_r}"; then - LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}" - else - LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}" - fi - CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}" - LIBS="$LIBS -lz" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char deflate (); -int -main () -{ -return deflate (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - $as_echo "#define HAVE_LIBZ 1" >>confdefs.h - -else - - as_fn_error $? "*** zlib missing - please install first or check config.log ***" "$LINENO" 5 - - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - - -fi - - - -# Check whether --with-zlib-version-check was given. -if test "${with_zlib_version_check+set}" = set; then : - withval=$with_zlib_version_check; if test "x$withval" = "xno" ; then - zlib_check_nonfatal=1 - fi - - -fi - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for possibly buggy zlib" >&5 -$as_echo_n "checking for possibly buggy zlib... " >&6; } -if test "$cross_compiling" = yes; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking zlib version" >&5 -$as_echo "$as_me: WARNING: cross compiling: not checking zlib version" >&2;} - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#include - -int -main () -{ - - int a=0, b=0, c=0, d=0, n, v; - n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d); - if (n != 3 && n != 4) - exit(1); - v = a*1000000 + b*10000 + c*100 + d; - fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); - - /* 1.1.4 is OK */ - if (a == 1 && b == 1 && c >= 4) - exit(0); - - /* 1.2.3 and up are OK */ - if (v >= 1020300) - exit(0); - - exit(2); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - if test -z "$zlib_check_nonfatal" ; then - as_fn_error $? "*** zlib too old - check config.log *** -Your reported zlib version has known security problems. It's possible your -vendor has fixed these problems without changing the version number. If you -are sure this is the case, you can disable the check by running -\"./configure --without-zlib-version-check\". -If you are in doubt, upgrade zlib to version 1.2.3 or greater. -See http://www.gzip.org/zlib/ for details." "$LINENO" 5 - else - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: zlib version may have security problems" >&5 -$as_echo "$as_me: WARNING: zlib version may have security problems" >&2;} - fi - -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - -ac_fn_c_check_func "$LINENO" "strcasecmp" "ac_cv_func_strcasecmp" -if test "x$ac_cv_func_strcasecmp" = xyes; then : - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for strcasecmp in -lresolv" >&5 -$as_echo_n "checking for strcasecmp in -lresolv... " >&6; } -if ${ac_cv_lib_resolv_strcasecmp+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lresolv $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strcasecmp (); -int -main () -{ -return strcasecmp (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_resolv_strcasecmp=yes -else - ac_cv_lib_resolv_strcasecmp=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_resolv_strcasecmp" >&5 -$as_echo "$ac_cv_lib_resolv_strcasecmp" >&6; } -if test "x$ac_cv_lib_resolv_strcasecmp" = xyes; then : - LIBS="$LIBS -lresolv" -fi - - -fi - -for ac_func in utimes -do : - ac_fn_c_check_func "$LINENO" "utimes" "ac_cv_func_utimes" -if test "x$ac_cv_func_utimes" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_UTIMES 1 -_ACEOF - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for utimes in -lc89" >&5 -$as_echo_n "checking for utimes in -lc89... " >&6; } -if ${ac_cv_lib_c89_utimes+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lc89 $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char utimes (); -int -main () -{ -return utimes (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_c89_utimes=yes -else - ac_cv_lib_c89_utimes=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_c89_utimes" >&5 -$as_echo "$ac_cv_lib_c89_utimes" >&6; } -if test "x$ac_cv_lib_c89_utimes" = xyes; then : - $as_echo "#define HAVE_UTIMES 1" >>confdefs.h - - LIBS="$LIBS -lc89" -fi - - -fi -done - - -for ac_header in bsd/libutil.h libutil.h -do : - as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing fmt_scaled" >&5 -$as_echo_n "checking for library containing fmt_scaled... " >&6; } -if ${ac_cv_search_fmt_scaled+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char fmt_scaled (); -int -main () -{ -return fmt_scaled (); - ; - return 0; -} -_ACEOF -for ac_lib in '' util bsd; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_fmt_scaled=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_fmt_scaled+:} false; then : - break -fi -done -if ${ac_cv_search_fmt_scaled+:} false; then : - -else - ac_cv_search_fmt_scaled=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_fmt_scaled" >&5 -$as_echo "$ac_cv_search_fmt_scaled" >&6; } -ac_res=$ac_cv_search_fmt_scaled -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing scan_scaled" >&5 -$as_echo_n "checking for library containing scan_scaled... " >&6; } -if ${ac_cv_search_scan_scaled+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char scan_scaled (); -int -main () -{ -return scan_scaled (); - ; - return 0; -} -_ACEOF -for ac_lib in '' util bsd; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_scan_scaled=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_scan_scaled+:} false; then : - break -fi -done -if ${ac_cv_search_scan_scaled+:} false; then : - -else - ac_cv_search_scan_scaled=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_scan_scaled" >&5 -$as_echo "$ac_cv_search_scan_scaled" >&6; } -ac_res=$ac_cv_search_scan_scaled -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing login" >&5 -$as_echo_n "checking for library containing login... " >&6; } -if ${ac_cv_search_login+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char login (); -int -main () -{ -return login (); - ; - return 0; -} -_ACEOF -for ac_lib in '' util bsd; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_login=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_login+:} false; then : - break -fi -done -if ${ac_cv_search_login+:} false; then : - -else - ac_cv_search_login=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_login" >&5 -$as_echo "$ac_cv_search_login" >&6; } -ac_res=$ac_cv_search_login -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing logout" >&5 -$as_echo_n "checking for library containing logout... " >&6; } -if ${ac_cv_search_logout+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char logout (); -int -main () -{ -return logout (); - ; - return 0; -} -_ACEOF -for ac_lib in '' util bsd; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_logout=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_logout+:} false; then : - break -fi -done -if ${ac_cv_search_logout+:} false; then : - -else - ac_cv_search_logout=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_logout" >&5 -$as_echo "$ac_cv_search_logout" >&6; } -ac_res=$ac_cv_search_logout -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing logwtmp" >&5 -$as_echo_n "checking for library containing logwtmp... " >&6; } -if ${ac_cv_search_logwtmp+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char logwtmp (); -int -main () -{ -return logwtmp (); - ; - return 0; -} -_ACEOF -for ac_lib in '' util bsd; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_logwtmp=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_logwtmp+:} false; then : - break -fi -done -if ${ac_cv_search_logwtmp+:} false; then : - -else - ac_cv_search_logwtmp=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_logwtmp" >&5 -$as_echo "$ac_cv_search_logwtmp" >&6; } -ac_res=$ac_cv_search_logwtmp -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing openpty" >&5 -$as_echo_n "checking for library containing openpty... " >&6; } -if ${ac_cv_search_openpty+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char openpty (); -int -main () -{ -return openpty (); - ; - return 0; -} -_ACEOF -for ac_lib in '' util bsd; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_openpty=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_openpty+:} false; then : - break -fi -done -if ${ac_cv_search_openpty+:} false; then : - -else - ac_cv_search_openpty=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_openpty" >&5 -$as_echo "$ac_cv_search_openpty" >&6; } -ac_res=$ac_cv_search_openpty -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing updwtmp" >&5 -$as_echo_n "checking for library containing updwtmp... " >&6; } -if ${ac_cv_search_updwtmp+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char updwtmp (); -int -main () -{ -return updwtmp (); - ; - return 0; -} -_ACEOF -for ac_lib in '' util bsd; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_updwtmp=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_updwtmp+:} false; then : - break -fi -done -if ${ac_cv_search_updwtmp+:} false; then : - -else - ac_cv_search_updwtmp=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_updwtmp" >&5 -$as_echo "$ac_cv_search_updwtmp" >&6; } -ac_res=$ac_cv_search_updwtmp -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -fi - -for ac_func in fmt_scaled scan_scaled login logout openpty updwtmp logwtmp -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - - -# On some platforms, inet_ntop may be found in libresolv or libnsl. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing inet_ntop" >&5 -$as_echo_n "checking for library containing inet_ntop... " >&6; } -if ${ac_cv_search_inet_ntop+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char inet_ntop (); -int -main () -{ -return inet_ntop (); - ; - return 0; -} -_ACEOF -for ac_lib in '' resolv nsl; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_inet_ntop=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_inet_ntop+:} false; then : - break -fi -done -if ${ac_cv_search_inet_ntop+:} false; then : - -else - ac_cv_search_inet_ntop=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_inet_ntop" >&5 -$as_echo "$ac_cv_search_inet_ntop" >&6; } -ac_res=$ac_cv_search_inet_ntop -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -fi - - -for ac_func in strftime -do : - ac_fn_c_check_func "$LINENO" "strftime" "ac_cv_func_strftime" -if test "x$ac_cv_func_strftime" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_STRFTIME 1 -_ACEOF - -else - # strftime is in -lintl on SCO UNIX. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for strftime in -lintl" >&5 -$as_echo_n "checking for strftime in -lintl... " >&6; } -if ${ac_cv_lib_intl_strftime+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lintl $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strftime (); -int -main () -{ -return strftime (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_intl_strftime=yes -else - ac_cv_lib_intl_strftime=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_intl_strftime" >&5 -$as_echo "$ac_cv_lib_intl_strftime" >&6; } -if test "x$ac_cv_lib_intl_strftime" = xyes; then : - $as_echo "#define HAVE_STRFTIME 1" >>confdefs.h - -LIBS="-lintl $LIBS" -fi - -fi -done - - -# Check for ALTDIRFUNC glob() extension -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for GLOB_ALTDIRFUNC support" >&5 -$as_echo_n "checking for GLOB_ALTDIRFUNC support... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #ifdef GLOB_ALTDIRFUNC - FOUNDIT - #endif - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "FOUNDIT" >/dev/null 2>&1; then : - - -$as_echo "#define GLOB_HAS_ALTDIRFUNC 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - - -fi -rm -f conftest* - - -# Check for g.gl_matchc glob() extension -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for gl_matchc field in glob_t" >&5 -$as_echo_n "checking for gl_matchc field in glob_t... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - glob_t g; g.gl_matchc = 1; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - - -$as_echo "#define GLOB_HAS_GL_MATCHC 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -# Check for g.gl_statv glob() extension -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for gl_statv and GLOB_KEEPSTAT extensions for glob" >&5 -$as_echo_n "checking for gl_statv and GLOB_KEEPSTAT extensions for glob... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - -#ifndef GLOB_KEEPSTAT -#error "glob does not support GLOB_KEEPSTAT extension" -#endif -glob_t g; -g.gl_statv = NULL; - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - - -$as_echo "#define GLOB_HAS_GL_STATV 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -ac_fn_c_check_decl "$LINENO" "GLOB_NOMATCH" "ac_cv_have_decl_GLOB_NOMATCH" "#include -" -if test "x$ac_cv_have_decl_GLOB_NOMATCH" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_GLOB_NOMATCH $ac_have_decl -_ACEOF - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether struct dirent allocates space for d_name" >&5 -$as_echo_n "checking whether struct dirent allocates space for d_name... " >&6; } -if test "$cross_compiling" = yes; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME" >&5 -$as_echo "$as_me: WARNING: cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME" >&2;} - $as_echo "#define BROKEN_ONE_BYTE_DIRENT_D_NAME 1" >>confdefs.h - - - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int -main () -{ - - struct dirent d; - exit(sizeof(d.d_name)<=sizeof(char)); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -$as_echo "#define BROKEN_ONE_BYTE_DIRENT_D_NAME 1" >>confdefs.h - - -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for /proc/pid/fd directory" >&5 -$as_echo_n "checking for /proc/pid/fd directory... " >&6; } -if test -d "/proc/$$/fd" ; then - -$as_echo "#define HAVE_PROC_PID 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - -# Check whether user wants S/Key support -SKEY_MSG="no" - -# Check whether --with-skey was given. -if test "${with_skey+set}" = set; then : - withval=$with_skey; - if test "x$withval" != "xno" ; then - - if test "x$withval" != "xyes" ; then - CPPFLAGS="$CPPFLAGS -I${withval}/include" - LDFLAGS="$LDFLAGS -L${withval}/lib" - fi - - -$as_echo "#define SKEY 1" >>confdefs.h - - LIBS="-lskey $LIBS" - SKEY_MSG="yes" - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for s/key support" >&5 -$as_echo_n "checking for s/key support... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include - -int -main () -{ - - char *ff = skey_keyinfo(""); ff=""; - exit(0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - as_fn_error $? "** Incomplete or missing s/key libraries." "$LINENO" 5 - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if skeychallenge takes 4 arguments" >&5 -$as_echo_n "checking if skeychallenge takes 4 arguments... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include - -int -main () -{ - - (void)skeychallenge(NULL,"name","",0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define SKEYCHALLENGE_4ARG 1" >>confdefs.h - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - fi - - -fi - - -# Check whether user wants TCP wrappers support -TCPW_MSG="no" - -# Check whether --with-tcp-wrappers was given. -if test "${with_tcp_wrappers+set}" = set; then : - withval=$with_tcp_wrappers; - if test "x$withval" != "xno" ; then - saved_LIBS="$LIBS" - saved_LDFLAGS="$LDFLAGS" - saved_CPPFLAGS="$CPPFLAGS" - if test -n "${withval}" && \ - test "x${withval}" != "xyes"; then - if test -d "${withval}/lib"; then - if test -n "${need_dash_r}"; then - LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" - else - LDFLAGS="-L${withval}/lib ${LDFLAGS}" - fi - else - if test -n "${need_dash_r}"; then - LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" - else - LDFLAGS="-L${withval} ${LDFLAGS}" - fi - fi - if test -d "${withval}/include"; then - CPPFLAGS="-I${withval}/include ${CPPFLAGS}" - else - CPPFLAGS="-I${withval} ${CPPFLAGS}" - fi - fi - LIBS="-lwrap $LIBS" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libwrap" >&5 -$as_echo_n "checking for libwrap... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#include -#include -int deny_severity = 0, allow_severity = 0; - -int -main () -{ - - hosts_access(0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define LIBWRAP 1" >>confdefs.h - - SSHDLIBS="$SSHDLIBS -lwrap" - TCPW_MSG="yes" - -else - - as_fn_error $? "*** libwrap missing" "$LINENO" 5 - - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - LIBS="$saved_LIBS" - fi - - -fi - - -# Check whether user wants to use ldns -LDNS_MSG="no" - -# Check whether --with-ldns was given. -if test "${with_ldns+set}" = set; then : - withval=$with_ldns; - if test "x$withval" != "xno" ; then - - if test "x$withval" != "xyes" ; then - CPPFLAGS="$CPPFLAGS -I${withval}/include" - LDFLAGS="$LDFLAGS -L${withval}/lib" - fi - - -$as_echo "#define HAVE_LDNS 1" >>confdefs.h - - LIBS="-lldns $LIBS" - LDNS_MSG="yes" - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ldns support" >&5 -$as_echo_n "checking for ldns support... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#include -#include -int main() { ldns_status status = ldns_verify_trusted(NULL, NULL, NULL, NULL); status=LDNS_STATUS_OK; exit(0); } - - -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - as_fn_error $? "** Incomplete or missing ldns libraries." "$LINENO" 5 - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - fi - - -fi - - -# Check whether user wants libedit support -LIBEDIT_MSG="no" - -# Check whether --with-libedit was given. -if test "${with_libedit+set}" = set; then : - withval=$with_libedit; if test "x$withval" != "xno" ; then - if test "x$withval" = "xyes" ; then - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args. -set dummy ${ac_tool_prefix}pkg-config; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_PKGCONFIG+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $PKGCONFIG in - [\\/]* | ?:[\\/]*) - ac_cv_path_PKGCONFIG="$PKGCONFIG" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_PKGCONFIG="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -PKGCONFIG=$ac_cv_path_PKGCONFIG -if test -n "$PKGCONFIG"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PKGCONFIG" >&5 -$as_echo "$PKGCONFIG" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_path_PKGCONFIG"; then - ac_pt_PKGCONFIG=$PKGCONFIG - # Extract the first word of "pkg-config", so it can be a program name with args. -set dummy pkg-config; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_ac_pt_PKGCONFIG+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $ac_pt_PKGCONFIG in - [\\/]* | ?:[\\/]*) - ac_cv_path_ac_pt_PKGCONFIG="$ac_pt_PKGCONFIG" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_ac_pt_PKGCONFIG="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -ac_pt_PKGCONFIG=$ac_cv_path_ac_pt_PKGCONFIG -if test -n "$ac_pt_PKGCONFIG"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_pt_PKGCONFIG" >&5 -$as_echo "$ac_pt_PKGCONFIG" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_pt_PKGCONFIG" = x; then - PKGCONFIG="no" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - PKGCONFIG=$ac_pt_PKGCONFIG - fi -else - PKGCONFIG="$ac_cv_path_PKGCONFIG" -fi - - if test "x$PKGCONFIG" != "xno"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $PKGCONFIG knows about libedit" >&5 -$as_echo_n "checking if $PKGCONFIG knows about libedit... " >&6; } - if "$PKGCONFIG" libedit; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - use_pkgconfig_for_libedit=yes - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - fi - else - CPPFLAGS="$CPPFLAGS -I${withval}/include" - if test -n "${need_dash_r}"; then - LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" - else - LDFLAGS="-L${withval}/lib ${LDFLAGS}" - fi - fi - if test "x$use_pkgconfig_for_libedit" = "xyes"; then - LIBEDIT=`$PKGCONFIG --libs libedit` - CPPFLAGS="$CPPFLAGS `$PKGCONFIG --cflags libedit`" - else - LIBEDIT="-ledit -lcurses" - fi - OTHERLIBS=`echo $LIBEDIT | sed 's/-ledit//'` - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for el_init in -ledit" >&5 -$as_echo_n "checking for el_init in -ledit... " >&6; } -if ${ac_cv_lib_edit_el_init+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-ledit $OTHERLIBS - $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char el_init (); -int -main () -{ -return el_init (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_edit_el_init=yes -else - ac_cv_lib_edit_el_init=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_edit_el_init" >&5 -$as_echo "$ac_cv_lib_edit_el_init" >&6; } -if test "x$ac_cv_lib_edit_el_init" = xyes; then : - -$as_echo "#define USE_LIBEDIT 1" >>confdefs.h - - LIBEDIT_MSG="yes" - - -else - as_fn_error $? "libedit not found" "$LINENO" 5 -fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if libedit version is compatible" >&5 -$as_echo_n "checking if libedit version is compatible... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - - int i = H_SETSIZE; - el_init("", NULL, NULL, NULL); - exit(0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - as_fn_error $? "libedit version is not compatible" "$LINENO" 5 - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - fi - -fi - - -AUDIT_MODULE=none - -# Check whether --with-audit was given. -if test "${with_audit+set}" = set; then : - withval=$with_audit; - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for supported audit module" >&5 -$as_echo_n "checking for supported audit module... " >&6; } - case "$withval" in - bsm) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: bsm" >&5 -$as_echo "bsm" >&6; } - AUDIT_MODULE=bsm - for ac_header in bsm/audit.h -do : - ac_fn_c_check_header_compile "$LINENO" "bsm/audit.h" "ac_cv_header_bsm_audit_h" " -#ifdef HAVE_TIME_H -# include -#endif - - -" -if test "x$ac_cv_header_bsm_audit_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_BSM_AUDIT_H 1 -_ACEOF - -else - as_fn_error $? "BSM enabled and bsm/audit.h not found" "$LINENO" 5 -fi - -done - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for getaudit in -lbsm" >&5 -$as_echo_n "checking for getaudit in -lbsm... " >&6; } -if ${ac_cv_lib_bsm_getaudit+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lbsm $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getaudit (); -int -main () -{ -return getaudit (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_bsm_getaudit=yes -else - ac_cv_lib_bsm_getaudit=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_bsm_getaudit" >&5 -$as_echo "$ac_cv_lib_bsm_getaudit" >&6; } -if test "x$ac_cv_lib_bsm_getaudit" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_LIBBSM 1 -_ACEOF - - LIBS="-lbsm $LIBS" - -else - as_fn_error $? "BSM enabled and required library not found" "$LINENO" 5 -fi - - for ac_func in getaudit -do : - ac_fn_c_check_func "$LINENO" "getaudit" "ac_cv_func_getaudit" -if test "x$ac_cv_func_getaudit" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_GETAUDIT 1 -_ACEOF - -else - as_fn_error $? "BSM enabled and required function not found" "$LINENO" 5 -fi -done - - # These are optional - for ac_func in getaudit_addr aug_get_machine -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - - -$as_echo "#define USE_BSM_AUDIT 1" >>confdefs.h - - if test "$sol2ver" -ge 11; then - SSHDLIBS="$SSHDLIBS -lscf" - -$as_echo "#define BROKEN_BSM_API 1" >>confdefs.h - - fi - ;; - linux) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: linux" >&5 -$as_echo "linux" >&6; } - AUDIT_MODULE=linux - for ac_header in libaudit.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "libaudit.h" "ac_cv_header_libaudit_h" "$ac_includes_default" -if test "x$ac_cv_header_libaudit_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_LIBAUDIT_H 1 -_ACEOF - -fi - -done - - SSHDLIBS="$SSHDLIBS -laudit" - -$as_echo "#define USE_LINUX_AUDIT 1" >>confdefs.h - - ;; - debug) - AUDIT_MODULE=debug - { $as_echo "$as_me:${as_lineno-$LINENO}: result: debug" >&5 -$as_echo "debug" >&6; } - -$as_echo "#define SSH_AUDIT_EVENTS 1" >>confdefs.h - - ;; - no) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - ;; - *) - as_fn_error $? "Unknown audit module $withval" "$LINENO" 5 - ;; - esac - -fi - - - -# Check whether --with-pie was given. -if test "${with_pie+set}" = set; then : - withval=$with_pie; - if test "x$withval" = "xno"; then - use_pie=no - fi - if test "x$withval" = "xyes"; then - use_pie=yes - fi - - -fi - -if test "x$use_pie" = "x"; then - use_pie=no -fi -if test "x$use_toolchain_hardening" != "x1" && test "x$use_pie" = "xauto"; then - # Turn off automatic PIE when toolchain hardening is off. - use_pie=no -fi -if test "x$use_pie" = "xauto"; then - # Automatic PIE requires gcc >= 4.x - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gcc >= 4.x" >&5 -$as_echo_n "checking for gcc >= 4.x... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#if !defined(__GNUC__) || __GNUC__ < 4 -#error gcc is too old -#endif - -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - use_pie=no - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -if test "x$use_pie" != "xno"; then - SAVED_CFLAGS="$CFLAGS" - SAVED_LDFLAGS="$LDFLAGS" - { - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -fPIE" >&5 -$as_echo_n "checking if $CC supports compile flag -fPIE... " >&6; } - saved_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $WERROR -fPIE" - _define_flag="" - test "x$_define_flag" = "x" && _define_flag="-fPIE" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) { - /* Some math to catch -ftrapv problems in the toolchain */ - int i = 123 * argc, j = 456 + argc, k = 789 - argc; - float l = i * 2.1; - double m = l / 0.5; - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); - exit(0); -} - -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -if `grep -i "unrecognized option" conftest.err >/dev/null` -then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - CFLAGS="$saved_CFLAGS $_define_flag" -fi -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$saved_CFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -} - { - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $LD supports link flag -pie" >&5 -$as_echo_n "checking if $LD supports link flag -pie... " >&6; } - saved_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS $WERROR -pie" - _define_flag="" - test "x$_define_flag" = "x" && _define_flag="-pie" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) { - /* Some math to catch -ftrapv problems in the toolchain */ - int i = 123 * argc, j = 456 + argc, k = 789 - argc; - float l = i * 2.1; - double m = l / 0.5; - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); - exit(0); -} - -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - LDFLAGS="$saved_LDFLAGS $_define_flag" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - LDFLAGS="$saved_LDFLAGS" - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -} - # We use both -fPIE and -pie or neither. - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether both -fPIE and -pie are supported" >&5 -$as_echo_n "checking whether both -fPIE and -pie are supported... " >&6; } - if echo "x $CFLAGS" | grep ' -fPIE' >/dev/null 2>&1 && \ - echo "x $LDFLAGS" | grep ' -pie' >/dev/null 2>&1 ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - CFLAGS="$SAVED_CFLAGS" - LDFLAGS="$SAVED_LDFLAGS" - fi -fi - -for ac_func in \ - Blowfish_initstate \ - Blowfish_expandstate \ - Blowfish_expand0state \ - Blowfish_stream2word \ - asprintf \ - b64_ntop \ - __b64_ntop \ - b64_pton \ - __b64_pton \ - bcopy \ - bcrypt_pbkdf \ - bindresvport_sa \ - blf_enc \ - cap_rights_limit \ - clock \ - closefrom \ - dirfd \ - endgrent \ - explicit_bzero \ - fchmod \ - fchown \ - freeaddrinfo \ - fstatfs \ - fstatvfs \ - futimes \ - getaddrinfo \ - getcwd \ - getgrouplist \ - getnameinfo \ - getopt \ - getpeereid \ - getpeerucred \ - getpgid \ - getpgrp \ - _getpty \ - getrlimit \ - getttyent \ - glob \ - group_from_gid \ - inet_aton \ - inet_ntoa \ - inet_ntop \ - innetgr \ - login_getcapbool \ - mblen \ - md5_crypt \ - memmove \ - memset_s \ - mkdtemp \ - mmap \ - ngetaddrinfo \ - nsleep \ - ogetaddrinfo \ - openlog_r \ - poll \ - prctl \ - pstat \ - readpassphrase \ - reallocarray \ - recvmsg \ - rresvport_af \ - sendmsg \ - setdtablesize \ - setegid \ - setenv \ - seteuid \ - setgroupent \ - setgroups \ - setlinebuf \ - setlogin \ - setpassent\ - setpcred \ - setproctitle \ - setregid \ - setreuid \ - setrlimit \ - setsid \ - setvbuf \ - sigaction \ - sigvec \ - snprintf \ - socketpair \ - statfs \ - statvfs \ - strdup \ - strerror \ - strlcat \ - strlcpy \ - strmode \ - strnlen \ - strnvis \ - strptime \ - strtonum \ - strtoll \ - strtoul \ - strtoull \ - swap32 \ - sysconf \ - tcgetpgrp \ - timingsafe_bcmp \ - truncate \ - unsetenv \ - updwtmpx \ - user_from_uid \ - usleep \ - vasprintf \ - vsnprintf \ - waitpid \ - -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - - -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - return (isblank('a')); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - -$as_echo "#define HAVE_ISBLANK 1" >>confdefs.h - - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - -# PKCS11 depends on OpenSSL. -if test "x$openssl" = "xyes" ; then - # PKCS#11 support requires dlopen() and co - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing dlopen" >&5 -$as_echo_n "checking for library containing dlopen... " >&6; } -if ${ac_cv_search_dlopen+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dlopen (); -int -main () -{ -return dlopen (); - ; - return 0; -} -_ACEOF -for ac_lib in '' dl; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_dlopen=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_dlopen+:} false; then : - break -fi -done -if ${ac_cv_search_dlopen+:} false; then : - -else - ac_cv_search_dlopen=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_dlopen" >&5 -$as_echo "$ac_cv_search_dlopen" >&6; } -ac_res=$ac_cv_search_dlopen -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -$as_echo "#define ENABLE_PKCS11 /**/" >>confdefs.h - - -fi - -fi - -# IRIX has a const char return value for gai_strerror() -for ac_func in gai_strerror -do : - ac_fn_c_check_func "$LINENO" "gai_strerror" "ac_cv_func_gai_strerror" -if test "x$ac_cv_func_gai_strerror" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_GAI_STRERROR 1 -_ACEOF - - $as_echo "#define HAVE_GAI_STRERROR 1" >>confdefs.h - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#include - -const char *gai_strerror(int); - -int -main () -{ - - char *str; - str = gai_strerror(0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - - -$as_echo "#define HAVE_CONST_GAI_STRERROR_PROTO 1" >>confdefs.h - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -done - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing nanosleep" >&5 -$as_echo_n "checking for library containing nanosleep... " >&6; } -if ${ac_cv_search_nanosleep+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char nanosleep (); -int -main () -{ -return nanosleep (); - ; - return 0; -} -_ACEOF -for ac_lib in '' rt posix4; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_nanosleep=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_nanosleep+:} false; then : - break -fi -done -if ${ac_cv_search_nanosleep+:} false; then : - -else - ac_cv_search_nanosleep=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_nanosleep" >&5 -$as_echo "$ac_cv_search_nanosleep" >&6; } -ac_res=$ac_cv_search_nanosleep -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -$as_echo "#define HAVE_NANOSLEEP 1" >>confdefs.h - -fi - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing clock_gettime" >&5 -$as_echo_n "checking for library containing clock_gettime... " >&6; } -if ${ac_cv_search_clock_gettime+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char clock_gettime (); -int -main () -{ -return clock_gettime (); - ; - return 0; -} -_ACEOF -for ac_lib in '' rt; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_clock_gettime=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_clock_gettime+:} false; then : - break -fi -done -if ${ac_cv_search_clock_gettime+:} false; then : - -else - ac_cv_search_clock_gettime=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_clock_gettime" >&5 -$as_echo "$ac_cv_search_clock_gettime" >&6; } -ac_res=$ac_cv_search_clock_gettime -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -$as_echo "#define HAVE_CLOCK_GETTIME 1" >>confdefs.h - -fi - - -ac_fn_c_check_decl "$LINENO" "getrusage" "ac_cv_have_decl_getrusage" "$ac_includes_default" -if test "x$ac_cv_have_decl_getrusage" = xyes; then : - for ac_func in getrusage -do : - ac_fn_c_check_func "$LINENO" "getrusage" "ac_cv_func_getrusage" -if test "x$ac_cv_func_getrusage" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_GETRUSAGE 1 -_ACEOF - -fi -done - -fi - -ac_fn_c_check_decl "$LINENO" "strsep" "ac_cv_have_decl_strsep" " -#ifdef HAVE_STRING_H -# include -#endif - -" -if test "x$ac_cv_have_decl_strsep" = xyes; then : - for ac_func in strsep -do : - ac_fn_c_check_func "$LINENO" "strsep" "ac_cv_func_strsep" -if test "x$ac_cv_func_strsep" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_STRSEP 1 -_ACEOF - -fi -done - -fi - - -ac_fn_c_check_decl "$LINENO" "tcsendbreak" "ac_cv_have_decl_tcsendbreak" "#include - -" -if test "x$ac_cv_have_decl_tcsendbreak" = xyes; then : - $as_echo "#define HAVE_TCSENDBREAK 1" >>confdefs.h - -else - for ac_func in tcsendbreak -do : - ac_fn_c_check_func "$LINENO" "tcsendbreak" "ac_cv_func_tcsendbreak" -if test "x$ac_cv_func_tcsendbreak" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_TCSENDBREAK 1 -_ACEOF - -fi -done - -fi - - -ac_fn_c_check_decl "$LINENO" "h_errno" "ac_cv_have_decl_h_errno" "#include -" -if test "x$ac_cv_have_decl_h_errno" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_H_ERRNO $ac_have_decl -_ACEOF - - -ac_fn_c_check_decl "$LINENO" "SHUT_RD" "ac_cv_have_decl_SHUT_RD" " -#include -#include - -" -if test "x$ac_cv_have_decl_SHUT_RD" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_SHUT_RD $ac_have_decl -_ACEOF - - -ac_fn_c_check_decl "$LINENO" "O_NONBLOCK" "ac_cv_have_decl_O_NONBLOCK" " -#include -#ifdef HAVE_SYS_STAT_H -# include -#endif -#ifdef HAVE_FCNTL_H -# include -#endif - -" -if test "x$ac_cv_have_decl_O_NONBLOCK" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_O_NONBLOCK $ac_have_decl -_ACEOF - - -ac_fn_c_check_decl "$LINENO" "writev" "ac_cv_have_decl_writev" " -#include -#include -#include - -" -if test "x$ac_cv_have_decl_writev" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_WRITEV $ac_have_decl -_ACEOF - - -ac_fn_c_check_decl "$LINENO" "MAXSYMLINKS" "ac_cv_have_decl_MAXSYMLINKS" " -#include - -" -if test "x$ac_cv_have_decl_MAXSYMLINKS" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_MAXSYMLINKS $ac_have_decl -_ACEOF - - -ac_fn_c_check_decl "$LINENO" "offsetof" "ac_cv_have_decl_offsetof" " -#include - -" -if test "x$ac_cv_have_decl_offsetof" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_OFFSETOF $ac_have_decl -_ACEOF - - -# extra bits for select(2) -ac_fn_c_check_decl "$LINENO" "howmany" "ac_cv_have_decl_howmany" " -#include -#include -#ifdef HAVE_SYS_SYSMACROS_H -#include -#endif -#ifdef HAVE_SYS_SELECT_H -#include -#endif -#ifdef HAVE_SYS_TIME_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif - -" -if test "x$ac_cv_have_decl_howmany" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_HOWMANY $ac_have_decl -_ACEOF -ac_fn_c_check_decl "$LINENO" "NFDBITS" "ac_cv_have_decl_NFDBITS" " -#include -#include -#ifdef HAVE_SYS_SYSMACROS_H -#include -#endif -#ifdef HAVE_SYS_SELECT_H -#include -#endif -#ifdef HAVE_SYS_TIME_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif - -" -if test "x$ac_cv_have_decl_NFDBITS" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_NFDBITS $ac_have_decl -_ACEOF - -ac_fn_c_check_type "$LINENO" "fd_mask" "ac_cv_type_fd_mask" " -#include -#include -#ifdef HAVE_SYS_SELECT_H -#include -#endif -#ifdef HAVE_SYS_TIME_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif - -" -if test "x$ac_cv_type_fd_mask" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_FD_MASK 1 -_ACEOF - - -fi - - -for ac_func in setresuid -do : - ac_fn_c_check_func "$LINENO" "setresuid" "ac_cv_func_setresuid" -if test "x$ac_cv_func_setresuid" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_SETRESUID 1 -_ACEOF - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if setresuid seems to work" >&5 -$as_echo_n "checking if setresuid seems to work... " >&6; } - if test "$cross_compiling" = yes; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking setresuid" >&5 -$as_echo "$as_me: WARNING: cross compiling: not checking setresuid" >&2;} - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include - -int -main () -{ - - errno=0; - setresuid(0,0,0); - if (errno==ENOSYS) - exit(1); - else - exit(0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - -$as_echo "#define BROKEN_SETRESUID 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: not implemented" >&5 -$as_echo "not implemented" >&6; } -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - -fi -done - - -for ac_func in setresgid -do : - ac_fn_c_check_func "$LINENO" "setresgid" "ac_cv_func_setresgid" -if test "x$ac_cv_func_setresgid" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_SETRESGID 1 -_ACEOF - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if setresgid seems to work" >&5 -$as_echo_n "checking if setresgid seems to work... " >&6; } - if test "$cross_compiling" = yes; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking setresuid" >&5 -$as_echo "$as_me: WARNING: cross compiling: not checking setresuid" >&2;} - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include - -int -main () -{ - - errno=0; - setresgid(0,0,0); - if (errno==ENOSYS) - exit(1); - else - exit(0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - -$as_echo "#define BROKEN_SETRESGID 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: not implemented" >&5 -$as_echo "not implemented" >&6; } -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - -fi -done - - -for ac_func in realpath -do : - ac_fn_c_check_func "$LINENO" "realpath" "ac_cv_func_realpath" -if test "x$ac_cv_func_realpath" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_REALPATH 1 -_ACEOF - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if realpath works with non-existent files" >&5 -$as_echo_n "checking if realpath works with non-existent files... " >&6; } - if test "$cross_compiling" = yes; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming working" >&5 -$as_echo "$as_me: WARNING: cross compiling: assuming working" >&2;} - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#include - -int -main () -{ - - char buf[PATH_MAX]; - if (realpath("/opensshnonexistentfilename1234", buf) == NULL) - if (errno == ENOENT) - exit(1); - exit(0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - -$as_echo "#define BROKEN_REALPATH 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - -fi -done - - -for ac_func in gettimeofday time -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -for ac_func in endutent getutent getutid getutline pututline setutent -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -for ac_func in utmpname -do : - ac_fn_c_check_func "$LINENO" "utmpname" "ac_cv_func_utmpname" -if test "x$ac_cv_func_utmpname" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_UTMPNAME 1 -_ACEOF - -fi -done - -for ac_func in endutxent getutxent getutxid getutxline getutxuser pututxline -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -for ac_func in setutxdb setutxent utmpxname -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -for ac_func in getlastlogxbyname -do : - ac_fn_c_check_func "$LINENO" "getlastlogxbyname" "ac_cv_func_getlastlogxbyname" -if test "x$ac_cv_func_getlastlogxbyname" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_GETLASTLOGXBYNAME 1 -_ACEOF - -fi -done - - -ac_fn_c_check_func "$LINENO" "daemon" "ac_cv_func_daemon" -if test "x$ac_cv_func_daemon" = xyes; then : - -$as_echo "#define HAVE_DAEMON 1" >>confdefs.h - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for daemon in -lbsd" >&5 -$as_echo_n "checking for daemon in -lbsd... " >&6; } -if ${ac_cv_lib_bsd_daemon+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lbsd $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char daemon (); -int -main () -{ -return daemon (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_bsd_daemon=yes -else - ac_cv_lib_bsd_daemon=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_bsd_daemon" >&5 -$as_echo "$ac_cv_lib_bsd_daemon" >&6; } -if test "x$ac_cv_lib_bsd_daemon" = xyes; then : - LIBS="$LIBS -lbsd"; $as_echo "#define HAVE_DAEMON 1" >>confdefs.h - -fi - - -fi - - -ac_fn_c_check_func "$LINENO" "getpagesize" "ac_cv_func_getpagesize" -if test "x$ac_cv_func_getpagesize" = xyes; then : - -$as_echo "#define HAVE_GETPAGESIZE 1" >>confdefs.h - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for getpagesize in -lucb" >&5 -$as_echo_n "checking for getpagesize in -lucb... " >&6; } -if ${ac_cv_lib_ucb_getpagesize+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lucb $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getpagesize (); -int -main () -{ -return getpagesize (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_ucb_getpagesize=yes -else - ac_cv_lib_ucb_getpagesize=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ucb_getpagesize" >&5 -$as_echo "$ac_cv_lib_ucb_getpagesize" >&6; } -if test "x$ac_cv_lib_ucb_getpagesize" = xyes; then : - LIBS="$LIBS -lucb"; $as_echo "#define HAVE_GETPAGESIZE 1" >>confdefs.h - -fi - - -fi - - -# Check for broken snprintf -if test "x$ac_cv_func_snprintf" = "xyes" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether snprintf correctly terminates long strings" >&5 -$as_echo_n "checking whether snprintf correctly terminates long strings... " >&6; } - if test "$cross_compiling" = yes; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: Assuming working snprintf()" >&5 -$as_echo "$as_me: WARNING: cross compiling: Assuming working snprintf()" >&2;} - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - - char b[5]; - snprintf(b,5,"123456789"); - exit(b[4]!='\0'); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -$as_echo "#define BROKEN_SNPRINTF 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: ****** Your snprintf() function is broken, complain to your vendor" >&5 -$as_echo "$as_me: WARNING: ****** Your snprintf() function is broken, complain to your vendor" >&2;} - -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -fi - -# We depend on vsnprintf returning the right thing on overflow: the -# number of characters it tried to create (as per SUSv3) -if test "x$ac_cv_func_vsnprintf" = "xyes" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether vsnprintf returns correct values on overflow" >&5 -$as_echo_n "checking whether vsnprintf returns correct values on overflow... " >&6; } - if test "$cross_compiling" = yes; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: Assuming working vsnprintf()" >&5 -$as_echo "$as_me: WARNING: cross compiling: Assuming working vsnprintf()" >&2;} - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#include - -int x_snprintf(char *str, size_t count, const char *fmt, ...) -{ - size_t ret; - va_list ap; - - va_start(ap, fmt); - ret = vsnprintf(str, count, fmt, ap); - va_end(ap); - return ret; -} - -int -main () -{ - -char x[1]; -if (x_snprintf(x, 1, "%s %d", "hello", 12345) != 11) - return 1; -if (x_snprintf(NULL, 0, "%s %d", "hello", 12345) != 11) - return 1; -return 0; - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -$as_echo "#define BROKEN_SNPRINTF 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: ****** Your vsnprintf() function is broken, complain to your vendor" >&5 -$as_echo "$as_me: WARNING: ****** Your vsnprintf() function is broken, complain to your vendor" >&2;} - -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -fi - -# On systems where [v]snprintf is broken, but is declared in stdio, -# check that the fmt argument is const char * or just char *. -# This is only useful for when BROKEN_SNPRINTF -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether snprintf can declare const char *fmt" >&5 -$as_echo_n "checking whether snprintf can declare const char *fmt... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -int snprintf(char *a, size_t b, const char *c, ...) { return 0; } - -int -main () -{ - - snprintf(0, 0, 0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define SNPRINTF_CONST const" >>confdefs.h - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - $as_echo "#define SNPRINTF_CONST /* not const */" >>confdefs.h - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -# Check for missing getpeereid (or equiv) support -NO_PEERCHECK="" -if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether system supports SO_PEERCRED getsockopt" >&5 -$as_echo_n "checking whether system supports SO_PEERCRED getsockopt... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int -main () -{ -int i = SO_PEERCRED; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define HAVE_SO_PEERCRED 1" >>confdefs.h - - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - NO_PEERCHECK=1 - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -if test "x$ac_cv_func_mkdtemp" = "xyes" ; then -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for (overly) strict mkstemp" >&5 -$as_echo_n "checking for (overly) strict mkstemp... " >&6; } -if test "$cross_compiling" = yes; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - $as_echo "#define HAVE_STRICT_MKSTEMP 1" >>confdefs.h - - - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include - -int -main () -{ - - char template[]="conftest.mkstemp-test"; - if (mkstemp(template) == -1) - exit(1); - unlink(template); - exit(0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define HAVE_STRICT_MKSTEMP 1" >>confdefs.h - - -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -fi - -if test ! -z "$check_for_openpty_ctty_bug"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if openpty correctly handles controlling tty" >&5 -$as_echo_n "checking if openpty correctly handles controlling tty... " >&6; } - if test "$cross_compiling" = yes; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: cross-compiling, assuming yes" >&5 -$as_echo "cross-compiling, assuming yes" >&6; } - - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#include -#include - -int -main () -{ - - pid_t pid; - int fd, ptyfd, ttyfd, status; - - pid = fork(); - if (pid < 0) { /* failed */ - exit(1); - } else if (pid > 0) { /* parent */ - waitpid(pid, &status, 0); - if (WIFEXITED(status)) - exit(WEXITSTATUS(status)); - else - exit(2); - } else { /* child */ - close(0); close(1); close(2); - setsid(); - openpty(&ptyfd, &ttyfd, NULL, NULL, NULL); - fd = open("/dev/tty", O_RDWR | O_NOCTTY); - if (fd >= 0) - exit(3); /* Acquired ctty: broken */ - else - exit(0); /* Did not acquire ctty: OK */ - } - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - $as_echo "#define SSHD_ACQUIRES_CTTY 1" >>confdefs.h - - -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -fi - -if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ - test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if getaddrinfo seems to work" >&5 -$as_echo_n "checking if getaddrinfo seems to work... " >&6; } - if test "$cross_compiling" = yes; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: cross-compiling, assuming yes" >&5 -$as_echo "cross-compiling, assuming yes" >&6; } - - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#include -#include -#include - -#define TEST_PORT "2222" - -int -main () -{ - - int err, sock; - struct addrinfo *gai_ai, *ai, hints; - char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; - - memset(&hints, 0, sizeof(hints)); - hints.ai_family = PF_UNSPEC; - hints.ai_socktype = SOCK_STREAM; - hints.ai_flags = AI_PASSIVE; - - err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); - if (err != 0) { - fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); - exit(1); - } - - for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { - if (ai->ai_family != AF_INET6) - continue; - - err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, - sizeof(ntop), strport, sizeof(strport), - NI_NUMERICHOST|NI_NUMERICSERV); - - if (err != 0) { - if (err == EAI_SYSTEM) - perror("getnameinfo EAI_SYSTEM"); - else - fprintf(stderr, "getnameinfo failed: %s\n", - gai_strerror(err)); - exit(2); - } - - sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); - if (sock < 0) - perror("socket"); - if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { - if (errno == EBADF) - exit(3); - } - } - exit(0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - $as_echo "#define BROKEN_GETADDRINFO 1" >>confdefs.h - - -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -fi - -if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ - test "x$check_for_aix_broken_getaddrinfo" = "x1"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if getaddrinfo seems to work" >&5 -$as_echo_n "checking if getaddrinfo seems to work... " >&6; } - if test "$cross_compiling" = yes; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: cross-compiling, assuming no" >&5 -$as_echo "cross-compiling, assuming no" >&6; } - - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#include -#include -#include - -#define TEST_PORT "2222" - -int -main () -{ - - int err, sock; - struct addrinfo *gai_ai, *ai, hints; - char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; - - memset(&hints, 0, sizeof(hints)); - hints.ai_family = PF_UNSPEC; - hints.ai_socktype = SOCK_STREAM; - hints.ai_flags = AI_PASSIVE; - - err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); - if (err != 0) { - fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); - exit(1); - } - - for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { - if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) - continue; - - err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, - sizeof(ntop), strport, sizeof(strport), - NI_NUMERICHOST|NI_NUMERICSERV); - - if (ai->ai_family == AF_INET && err != 0) { - perror("getnameinfo"); - exit(2); - } - } - exit(0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define AIX_GETNAMEINFO_HACK 1" >>confdefs.h - - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - $as_echo "#define BROKEN_GETADDRINFO 1" >>confdefs.h - - -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -fi - -if test "x$ac_cv_func_getaddrinfo" = "xyes"; then - ac_fn_c_check_decl "$LINENO" "AI_NUMERICSERV" "ac_cv_have_decl_AI_NUMERICSERV" "#include - #include - #include -" -if test "x$ac_cv_have_decl_AI_NUMERICSERV" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_AI_NUMERICSERV $ac_have_decl -_ACEOF - -fi - -if test "x$check_for_conflicting_getspnam" = "x1"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for conflicting getspnam in shadow.h" >&5 -$as_echo_n "checking for conflicting getspnam in shadow.h... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - exit(0); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define GETSPNAM_CONFLICTING_DEFS 1" >>confdefs.h - - - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether getpgrp requires zero arguments" >&5 -$as_echo_n "checking whether getpgrp requires zero arguments... " >&6; } -if ${ac_cv_func_getpgrp_void+:} false; then : - $as_echo_n "(cached) " >&6 -else - # Use it with a single arg. -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$ac_includes_default -int -main () -{ -getpgrp (0); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_func_getpgrp_void=no -else - ac_cv_func_getpgrp_void=yes -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_getpgrp_void" >&5 -$as_echo "$ac_cv_func_getpgrp_void" >&6; } -if test $ac_cv_func_getpgrp_void = yes; then - -$as_echo "#define GETPGRP_VOID 1" >>confdefs.h - -fi - - -# Search for OpenSSL -saved_CPPFLAGS="$CPPFLAGS" -saved_LDFLAGS="$LDFLAGS" - -# Check whether --with-ssl-dir was given. -if test "${with_ssl_dir+set}" = set; then : - withval=$with_ssl_dir; - if test "x$openssl" = "xno" ; then - as_fn_error $? "cannot use --with-ssl-dir when OpenSSL disabled" "$LINENO" 5 - fi - if test "x$withval" != "xno" ; then - case "$withval" in - # Relative paths - ./*|../*) withval="`pwd`/$withval" - esac - if test -d "$withval/lib"; then - if test -n "${need_dash_r}"; then - LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" - else - LDFLAGS="-L${withval}/lib ${LDFLAGS}" - fi - elif test -d "$withval/lib64"; then - if test -n "${need_dash_r}"; then - LDFLAGS="-L${withval}/lib64 -R${withval}/lib64 ${LDFLAGS}" - else - LDFLAGS="-L${withval}/lib64 ${LDFLAGS}" - fi - else - if test -n "${need_dash_r}"; then - LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" - else - LDFLAGS="-L${withval} ${LDFLAGS}" - fi - fi - if test -d "$withval/include"; then - CPPFLAGS="-I${withval}/include ${CPPFLAGS}" - else - CPPFLAGS="-I${withval} ${CPPFLAGS}" - fi - fi - - -fi - - - -# Check whether --with-openssl-header-check was given. -if test "${with_openssl_header_check+set}" = set; then : - withval=$with_openssl_header_check; - if test "x$withval" = "xno" ; then - openssl_check_nonfatal=1 - fi - - -fi - - -openssl_engine=no - -# Check whether --with-ssl-engine was given. -if test "${with_ssl_engine+set}" = set; then : - withval=$with_ssl_engine; - if test "x$openssl" = "xno" ; then - as_fn_error $? "cannot use --with-ssl-engine when OpenSSL disabled" "$LINENO" 5 - fi - if test "x$withval" != "xno" ; then - openssl_engine=yes - fi - - -fi - - -if test "x$openssl" = "xyes" ; then - LIBS="-lcrypto $LIBS" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char RAND_add (); -int -main () -{ -return RAND_add (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - -$as_echo "#define HAVE_OPENSSL 1" >>confdefs.h - -else - - if test -n "${need_dash_r}"; then - LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}" - else - LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}" - fi - CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" - ac_fn_c_check_header_mongrel "$LINENO" "openssl/opensslv.h" "ac_cv_header_openssl_opensslv_h" "$ac_includes_default" -if test "x$ac_cv_header_openssl_opensslv_h" = xyes; then : - -else - as_fn_error $? "*** OpenSSL headers missing - please install first or check config.log ***" "$LINENO" 5 -fi - - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char RAND_add (); -int -main () -{ -return RAND_add (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - $as_echo "#define HAVE_OPENSSL 1" >>confdefs.h - -else - - as_fn_error $? "*** Can't find recent OpenSSL libcrypto (see config.log for details) ***" "$LINENO" 5 - - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - - # Determine OpenSSL header version - { $as_echo "$as_me:${as_lineno-$LINENO}: checking OpenSSL header version" >&5 -$as_echo_n "checking OpenSSL header version... " >&6; } - if test "$cross_compiling" = yes; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking" >&5 -$as_echo "$as_me: WARNING: cross compiling: not checking" >&2;} - - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #include - #include - #define DATA "conftest.sslincver" - -int -main () -{ - - FILE *fd; - int rc; - - fd = fopen(DATA,"w"); - if(fd == NULL) - exit(1); - - if ((rc = fprintf(fd ,"%08x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) - exit(1); - - exit(0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - - ssl_header_ver=`cat conftest.sslincver` - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ssl_header_ver" >&5 -$as_echo "$ssl_header_ver" >&6; } - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: not found" >&5 -$as_echo "not found" >&6; } - as_fn_error $? "OpenSSL version header not found." "$LINENO" 5 - -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - - # Determine OpenSSL library version - { $as_echo "$as_me:${as_lineno-$LINENO}: checking OpenSSL library version" >&5 -$as_echo_n "checking OpenSSL library version... " >&6; } - if test "$cross_compiling" = yes; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking" >&5 -$as_echo "$as_me: WARNING: cross compiling: not checking" >&2;} - - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #include - #include - #include - #define DATA "conftest.ssllibver" - -int -main () -{ - - FILE *fd; - int rc; - - fd = fopen(DATA,"w"); - if(fd == NULL) - exit(1); - - if ((rc = fprintf(fd ,"%08x (%s)\n", SSLeay(), - SSLeay_version(SSLEAY_VERSION))) <0) - exit(1); - - exit(0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - - ssl_library_ver=`cat conftest.ssllibver` - # Check version is supported. - case "$ssl_library_ver" in - 0090[0-7]*|009080[0-5]*) - as_fn_error $? "OpenSSL >= 0.9.8f required (have \"$ssl_library_ver\")" "$LINENO" 5 - ;; - *) ;; - esac - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ssl_library_ver" >&5 -$as_echo "$ssl_library_ver" >&6; } - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: not found" >&5 -$as_echo "not found" >&6; } - as_fn_error $? "OpenSSL library not found." "$LINENO" 5 - -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - - # Sanity check OpenSSL headers - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL's headers match the library" >&5 -$as_echo_n "checking whether OpenSSL's headers match the library... " >&6; } - if test "$cross_compiling" = yes; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking" >&5 -$as_echo "$as_me: WARNING: cross compiling: not checking" >&2;} - - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #include - -int -main () -{ - - exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - if test "x$openssl_check_nonfatal" = "x"; then - as_fn_error $? "Your OpenSSL headers do not match your - library. Check config.log for details. - If you are sure your installation is consistent, you can disable the check - by running \"./configure --without-openssl-header-check\". - Also see contrib/findssl.sh for help identifying header/library mismatches. - " "$LINENO" 5 - else - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Your OpenSSL headers do not match your - library. Check config.log for details. - Also see contrib/findssl.sh for help identifying header/library mismatches." >&5 -$as_echo "$as_me: WARNING: Your OpenSSL headers do not match your - library. Check config.log for details. - Also see contrib/findssl.sh for help identifying header/library mismatches." >&2;} - fi - -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if programs using OpenSSL functions will link" >&5 -$as_echo_n "checking if programs using OpenSSL functions will link... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - SSLeay_add_all_algorithms(); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - saved_LIBS="$LIBS" - LIBS="$LIBS -ldl" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if programs using OpenSSL need -ldl" >&5 -$as_echo_n "checking if programs using OpenSSL need -ldl... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - SSLeay_add_all_algorithms(); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - LIBS="$saved_LIBS" - - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - - for ac_func in \ - BN_is_prime_ex \ - DSA_generate_parameters_ex \ - EVP_DigestInit_ex \ - EVP_DigestFinal_ex \ - EVP_MD_CTX_init \ - EVP_MD_CTX_cleanup \ - EVP_MD_CTX_copy_ex \ - HMAC_CTX_init \ - RSA_generate_key_ex \ - RSA_get_default_method \ - -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - - - if test "x$openssl_engine" = "xyes" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for OpenSSL ENGINE support" >&5 -$as_echo_n "checking for OpenSSL ENGINE support... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - -int -main () -{ - - ENGINE_load_builtin_engines(); - ENGINE_register_all_complete(); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define USE_OPENSSL_ENGINE 1" >>confdefs.h - - -else - as_fn_error $? "OpenSSL ENGINE support not found" "$LINENO" 5 - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - fi - - # Check for OpenSSL without EVP_aes_{192,256}_cbc - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL has crippled AES support" >&5 -$as_echo_n "checking whether OpenSSL has crippled AES support... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #include - -int -main () -{ - - exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define OPENSSL_LOBOTOMISED_AES 1" >>confdefs.h - - - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - - # Check for OpenSSL with EVP_aes_*ctr - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL has AES CTR via EVP" >&5 -$as_echo_n "checking whether OpenSSL has AES CTR via EVP... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #include - -int -main () -{ - - exit(EVP_aes_128_ctr() == NULL || - EVP_aes_192_cbc() == NULL || - EVP_aes_256_cbc() == NULL); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define OPENSSL_HAVE_EVPCTR 1" >>confdefs.h - - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - - # Check for OpenSSL with EVP_aes_*gcm - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL has AES GCM via EVP" >&5 -$as_echo_n "checking whether OpenSSL has AES GCM via EVP... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #include - -int -main () -{ - - exit(EVP_aes_128_gcm() == NULL || - EVP_aes_256_gcm() == NULL || - EVP_CTRL_GCM_SET_IV_FIXED == 0 || - EVP_CTRL_GCM_IV_GEN == 0 || - EVP_CTRL_GCM_SET_TAG == 0 || - EVP_CTRL_GCM_GET_TAG == 0 || - EVP_CIPHER_CTX_ctrl(NULL, 0, 0, NULL) == 0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define OPENSSL_HAVE_EVPGCM 1" >>confdefs.h - - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - unsupported_algorithms="$unsupported_cipers \ - aes128-gcm@openssh.com aes256-gcm@openssh.com" - - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_CIPHER_CTX_ctrl" >&5 -$as_echo_n "checking for library containing EVP_CIPHER_CTX_ctrl... " >&6; } -if ${ac_cv_search_EVP_CIPHER_CTX_ctrl+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char EVP_CIPHER_CTX_ctrl (); -int -main () -{ -return EVP_CIPHER_CTX_ctrl (); - ; - return 0; -} -_ACEOF -for ac_lib in '' crypto; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_EVP_CIPHER_CTX_ctrl=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_EVP_CIPHER_CTX_ctrl+:} false; then : - break -fi -done -if ${ac_cv_search_EVP_CIPHER_CTX_ctrl+:} false; then : - -else - ac_cv_search_EVP_CIPHER_CTX_ctrl=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_CIPHER_CTX_ctrl" >&5 -$as_echo "$ac_cv_search_EVP_CIPHER_CTX_ctrl" >&6; } -ac_res=$ac_cv_search_EVP_CIPHER_CTX_ctrl -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -$as_echo "#define HAVE_EVP_CIPHER_CTX_CTRL 1" >>confdefs.h - -fi - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if EVP_DigestUpdate returns an int" >&5 -$as_echo_n "checking if EVP_DigestUpdate returns an int... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #include - -int -main () -{ - - if(EVP_DigestUpdate(NULL, NULL,0)) - exit(0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -$as_echo "#define OPENSSL_EVP_DIGESTUPDATE_VOID 1" >>confdefs.h - - - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - - # Some systems want crypt() from libcrypt, *not* the version in OpenSSL, - # because the system crypt() is more featureful. - if test "x$check_for_libcrypt_before" = "x1"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for crypt in -lcrypt" >&5 -$as_echo_n "checking for crypt in -lcrypt... " >&6; } -if ${ac_cv_lib_crypt_crypt+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lcrypt $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char crypt (); -int -main () -{ -return crypt (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_crypt_crypt=yes -else - ac_cv_lib_crypt_crypt=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crypt_crypt" >&5 -$as_echo "$ac_cv_lib_crypt_crypt" >&6; } -if test "x$ac_cv_lib_crypt_crypt" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_LIBCRYPT 1 -_ACEOF - - LIBS="-lcrypt $LIBS" - -fi - - fi - - # Some Linux systems (Slackware) need crypt() from libcrypt, *not* the - # version in OpenSSL. - if test "x$check_for_libcrypt_later" = "x1"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for crypt in -lcrypt" >&5 -$as_echo_n "checking for crypt in -lcrypt... " >&6; } -if ${ac_cv_lib_crypt_crypt+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lcrypt $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char crypt (); -int -main () -{ -return crypt (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_crypt_crypt=yes -else - ac_cv_lib_crypt_crypt=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crypt_crypt" >&5 -$as_echo "$ac_cv_lib_crypt_crypt" >&6; } -if test "x$ac_cv_lib_crypt_crypt" = xyes; then : - LIBS="$LIBS -lcrypt" -fi - - fi - for ac_func in crypt DES_crypt -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - - - # Search for SHA256 support in libc and/or OpenSSL - for ac_func in SHA256_Update EVP_sha256 -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -else - unsupported_algorithms="$unsupported_algorithms \ - hmac-sha2-256 hmac-sha2-512 \ - diffie-hellman-group-exchange-sha256 \ - hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" - - -fi -done - - # Search for RIPE-MD support in OpenSSL - for ac_func in EVP_ripemd160 -do : - ac_fn_c_check_func "$LINENO" "EVP_ripemd160" "ac_cv_func_EVP_ripemd160" -if test "x$ac_cv_func_EVP_ripemd160" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_EVP_RIPEMD160 1 -_ACEOF - -else - unsupported_algorithms="$unsupported_algorithms \ - hmac-ripemd160 - hmac-ripemd160@openssh.com - hmac-ripemd160-etm@openssh.com" - - -fi -done - - - # Check complete ECC support in OpenSSL - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL has NID_X9_62_prime256v1" >&5 -$as_echo_n "checking whether OpenSSL has NID_X9_62_prime256v1... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #include - #include - #include - #include - #include - #if OPENSSL_VERSION_NUMBER < 0x0090807f /* 0.9.8g */ - # error "OpenSSL < 0.9.8g has unreliable ECC code" - #endif - -int -main () -{ - - EC_KEY *e = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); - const EVP_MD *m = EVP_sha256(); /* We need this too */ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - enable_nistp256=1 -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL has NID_secp384r1" >&5 -$as_echo_n "checking whether OpenSSL has NID_secp384r1... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #include - #include - #include - #include - #include - #if OPENSSL_VERSION_NUMBER < 0x0090807f /* 0.9.8g */ - # error "OpenSSL < 0.9.8g has unreliable ECC code" - #endif - -int -main () -{ - - EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp384r1); - const EVP_MD *m = EVP_sha384(); /* We need this too */ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - enable_nistp384=1 -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL has NID_secp521r1" >&5 -$as_echo_n "checking whether OpenSSL has NID_secp521r1... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #include - #include - #include - #include - #include - #if OPENSSL_VERSION_NUMBER < 0x0090807f /* 0.9.8g */ - # error "OpenSSL < 0.9.8g has unreliable ECC code" - #endif - -int -main () -{ - - EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp521r1); - const EVP_MD *m = EVP_sha512(); /* We need this too */ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if OpenSSL's NID_secp521r1 is functional" >&5 -$as_echo_n "checking if OpenSSL's NID_secp521r1 is functional... " >&6; } - if test "$cross_compiling" = yes; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross-compiling: assuming yes" >&5 -$as_echo "$as_me: WARNING: cross-compiling: assuming yes" >&2;} - enable_nistp521=1 - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #include - #include - #include - #include - #include - -int -main () -{ - - EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp521r1); - const EVP_MD *m = EVP_sha512(); /* We need this too */ - exit(e == NULL || m == NULL); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - enable_nistp521=1 -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - - COMMENT_OUT_ECC="#no ecc#" - TEST_SSH_ECC=no - - if test x$enable_nistp256 = x1 || test x$enable_nistp384 = x1 || \ - test x$enable_nistp521 = x1; then - -$as_echo "#define OPENSSL_HAS_ECC 1" >>confdefs.h - - fi - if test x$enable_nistp256 = x1; then - -$as_echo "#define OPENSSL_HAS_NISTP256 1" >>confdefs.h - - TEST_SSH_ECC=yes - COMMENT_OUT_ECC="" - else - unsupported_algorithms="$unsupported_algorithms ecdsa-sha2-nistp256 \ - ecdh-sha2-nistp256 ecdsa-sha2-nistp256-cert-v01@openssh.com" - fi - if test x$enable_nistp384 = x1; then - -$as_echo "#define OPENSSL_HAS_NISTP384 1" >>confdefs.h - - TEST_SSH_ECC=yes - COMMENT_OUT_ECC="" - else - unsupported_algorithms="$unsupported_algorithms ecdsa-sha2-nistp384 \ - ecdh-sha2-nistp384 ecdsa-sha2-nistp384-cert-v01@openssh.com" - fi - if test x$enable_nistp521 = x1; then - -$as_echo "#define OPENSSL_HAS_NISTP521 1" >>confdefs.h - - TEST_SSH_ECC=yes - COMMENT_OUT_ECC="" - else - unsupported_algorithms="$unsupported_algorithms ecdh-sha2-nistp521 \ - ecdsa-sha2-nistp521 ecdsa-sha2-nistp521-cert-v01@openssh.com" - fi - - - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for crypt in -lcrypt" >&5 -$as_echo_n "checking for crypt in -lcrypt... " >&6; } -if ${ac_cv_lib_crypt_crypt+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lcrypt $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char crypt (); -int -main () -{ -return crypt (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_crypt_crypt=yes -else - ac_cv_lib_crypt_crypt=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crypt_crypt" >&5 -$as_echo "$ac_cv_lib_crypt_crypt" >&6; } -if test "x$ac_cv_lib_crypt_crypt" = xyes; then : - LIBS="$LIBS -lcrypt" -fi - - for ac_func in crypt -do : - ac_fn_c_check_func "$LINENO" "crypt" "ac_cv_func_crypt" -if test "x$ac_cv_func_crypt" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_CRYPT 1 -_ACEOF - -fi -done - -fi - -for ac_func in \ - arc4random \ - arc4random_buf \ - arc4random_stir \ - arc4random_uniform \ - -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - - -saved_LIBS="$LIBS" -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ia_openinfo in -liaf" >&5 -$as_echo_n "checking for ia_openinfo in -liaf... " >&6; } -if ${ac_cv_lib_iaf_ia_openinfo+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-liaf $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char ia_openinfo (); -int -main () -{ -return ia_openinfo (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_iaf_ia_openinfo=yes -else - ac_cv_lib_iaf_ia_openinfo=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_iaf_ia_openinfo" >&5 -$as_echo "$ac_cv_lib_iaf_ia_openinfo" >&6; } -if test "x$ac_cv_lib_iaf_ia_openinfo" = xyes; then : - - LIBS="$LIBS -liaf" - for ac_func in set_id -do : - ac_fn_c_check_func "$LINENO" "set_id" "ac_cv_func_set_id" -if test "x$ac_cv_func_set_id" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_SET_ID 1 -_ACEOF - SSHDLIBS="$SSHDLIBS -liaf" - -$as_echo "#define HAVE_LIBIAF 1" >>confdefs.h - - -fi -done - - -fi - -LIBS="$saved_LIBS" - -### Configure cryptographic random number support - -# Check wheter OpenSSL seeds itself -if test "x$openssl" = "xyes" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL's PRNG is internally seeded" >&5 -$as_echo_n "checking whether OpenSSL's PRNG is internally seeded... " >&6; } - if test "$cross_compiling" = yes; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming yes" >&5 -$as_echo "$as_me: WARNING: cross compiling: assuming yes" >&2;} - # This is safe, since we will fatal() at runtime if - # OpenSSL is not seeded correctly. - OPENSSL_SEEDS_ITSELF=yes - - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #include - -int -main () -{ - - exit(RAND_status() == 1 ? 0 : 1); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - - OPENSSL_SEEDS_ITSELF=yes - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -fi - -# PRNGD TCP socket - -# Check whether --with-prngd-port was given. -if test "${with_prngd_port+set}" = set; then : - withval=$with_prngd_port; - case "$withval" in - no) - withval="" - ;; - [0-9]*) - ;; - *) - as_fn_error $? "You must specify a numeric port number for --with-prngd-port" "$LINENO" 5 - ;; - esac - if test ! -z "$withval" ; then - PRNGD_PORT="$withval" - -cat >>confdefs.h <<_ACEOF -#define PRNGD_PORT $PRNGD_PORT -_ACEOF - - fi - - -fi - - -# PRNGD Unix domain socket - -# Check whether --with-prngd-socket was given. -if test "${with_prngd_socket+set}" = set; then : - withval=$with_prngd_socket; - case "$withval" in - yes) - withval="/var/run/egd-pool" - ;; - no) - withval="" - ;; - /*) - ;; - *) - as_fn_error $? "You must specify an absolute path to the entropy socket" "$LINENO" 5 - ;; - esac - - if test ! -z "$withval" ; then - if test ! -z "$PRNGD_PORT" ; then - as_fn_error $? "You may not specify both a PRNGD/EGD port and socket" "$LINENO" 5 - fi - if test ! -r "$withval" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Entropy socket is not readable" >&5 -$as_echo "$as_me: WARNING: Entropy socket is not readable" >&2;} - fi - PRNGD_SOCKET="$withval" - -cat >>confdefs.h <<_ACEOF -#define PRNGD_SOCKET "$PRNGD_SOCKET" -_ACEOF - - fi - -else - - # Check for existing socket only if we don't have a random device already - if test "x$OPENSSL_SEEDS_ITSELF" != "xyes" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for PRNGD/EGD socket" >&5 -$as_echo_n "checking for PRNGD/EGD socket... " >&6; } - # Insert other locations here - for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do - if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then - PRNGD_SOCKET="$sock" - cat >>confdefs.h <<_ACEOF -#define PRNGD_SOCKET "$PRNGD_SOCKET" -_ACEOF - - break; - fi - done - if test ! -z "$PRNGD_SOCKET" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PRNGD_SOCKET" >&5 -$as_echo "$PRNGD_SOCKET" >&6; } - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: not found" >&5 -$as_echo "not found" >&6; } - fi - fi - - -fi - - -# Which randomness source do we use? -if test ! -z "$PRNGD_PORT" ; then - RAND_MSG="PRNGd port $PRNGD_PORT" -elif test ! -z "$PRNGD_SOCKET" ; then - RAND_MSG="PRNGd socket $PRNGD_SOCKET" -elif test ! -z "$OPENSSL_SEEDS_ITSELF" ; then - -$as_echo "#define OPENSSL_PRNG_ONLY 1" >>confdefs.h - - RAND_MSG="OpenSSL internal ONLY" -elif test "x$openssl" = "xno" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: OpenSSH will use /dev/urandom as a source of random numbers. It will fail if this device is not supported or accessible" >&5 -$as_echo "$as_me: WARNING: OpenSSH will use /dev/urandom as a source of random numbers. It will fail if this device is not supported or accessible" >&2;} -else - as_fn_error $? "OpenSSH has no source of random numbers. Please configure OpenSSL with an entropy source or re-run configure using one of the --with-prngd-port or --with-prngd-socket options" "$LINENO" 5 -fi - -# Check for PAM libs -PAM_MSG="no" - -# Check whether --with-pam was given. -if test "${with_pam+set}" = set; then : - withval=$with_pam; - if test "x$withval" != "xno" ; then - if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \ - test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then - as_fn_error $? "PAM headers not found" "$LINENO" 5 - fi - - saved_LIBS="$LIBS" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5 -$as_echo_n "checking for dlopen in -ldl... " >&6; } -if ${ac_cv_lib_dl_dlopen+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-ldl $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dlopen (); -int -main () -{ -return dlopen (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_dl_dlopen=yes -else - ac_cv_lib_dl_dlopen=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5 -$as_echo "$ac_cv_lib_dl_dlopen" >&6; } -if test "x$ac_cv_lib_dl_dlopen" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_LIBDL 1 -_ACEOF - - LIBS="-ldl $LIBS" - -fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pam_set_item in -lpam" >&5 -$as_echo_n "checking for pam_set_item in -lpam... " >&6; } -if ${ac_cv_lib_pam_pam_set_item+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lpam $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char pam_set_item (); -int -main () -{ -return pam_set_item (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_pam_pam_set_item=yes -else - ac_cv_lib_pam_pam_set_item=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pam_pam_set_item" >&5 -$as_echo "$ac_cv_lib_pam_pam_set_item" >&6; } -if test "x$ac_cv_lib_pam_pam_set_item" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_LIBPAM 1 -_ACEOF - - LIBS="-lpam $LIBS" - -else - as_fn_error $? "*** libpam missing" "$LINENO" 5 -fi - - for ac_func in pam_getenvlist -do : - ac_fn_c_check_func "$LINENO" "pam_getenvlist" "ac_cv_func_pam_getenvlist" -if test "x$ac_cv_func_pam_getenvlist" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_PAM_GETENVLIST 1 -_ACEOF - -fi -done - - for ac_func in pam_putenv -do : - ac_fn_c_check_func "$LINENO" "pam_putenv" "ac_cv_func_pam_putenv" -if test "x$ac_cv_func_pam_putenv" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_PAM_PUTENV 1 -_ACEOF - -fi -done - - LIBS="$saved_LIBS" - - PAM_MSG="yes" - - SSHDLIBS="$SSHDLIBS -lpam" - -$as_echo "#define USE_PAM 1" >>confdefs.h - - - if test $ac_cv_lib_dl_dlopen = yes; then - case "$LIBS" in - *-ldl*) - # libdl already in LIBS - ;; - *) - SSHDLIBS="$SSHDLIBS -ldl" - ;; - esac - fi - fi - - -fi - - -# Check for older PAM -if test "x$PAM_MSG" = "xyes" ; then - # Check PAM strerror arguments (old PAM) - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether pam_strerror takes only one argument" >&5 -$as_echo_n "checking whether pam_strerror takes only one argument... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#if defined(HAVE_SECURITY_PAM_APPL_H) -#include -#elif defined (HAVE_PAM_PAM_APPL_H) -#include -#endif - -int -main () -{ - -(void)pam_strerror((pam_handle_t *)NULL, -1); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -else - - -$as_echo "#define HAVE_OLD_PAM 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - PAM_MSG="yes (old library)" - - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -case "$host" in -*-*-cygwin*) - SSH_PRIVSEP_USER=CYGWIN_SSH_PRIVSEP_USER - ;; -*) - SSH_PRIVSEP_USER=sshd - ;; -esac - -# Check whether --with-privsep-user was given. -if test "${with_privsep_user+set}" = set; then : - withval=$with_privsep_user; - if test -n "$withval" && test "x$withval" != "xno" && \ - test "x${withval}" != "xyes"; then - SSH_PRIVSEP_USER=$withval - fi - - -fi - -if test "x$SSH_PRIVSEP_USER" = "xCYGWIN_SSH_PRIVSEP_USER" ; then - -cat >>confdefs.h <<_ACEOF -#define SSH_PRIVSEP_USER CYGWIN_SSH_PRIVSEP_USER -_ACEOF - -else - -cat >>confdefs.h <<_ACEOF -#define SSH_PRIVSEP_USER "$SSH_PRIVSEP_USER" -_ACEOF - -fi - - -if test "x$have_linux_no_new_privs" = "x1" ; then -ac_fn_c_check_decl "$LINENO" "SECCOMP_MODE_FILTER" "ac_cv_have_decl_SECCOMP_MODE_FILTER" " - #include - #include - -" -if test "x$ac_cv_have_decl_SECCOMP_MODE_FILTER" = xyes; then : - have_seccomp_filter=1 -fi - -fi -if test "x$have_seccomp_filter" = "x1" ; then -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking kernel for seccomp_filter support" >&5 -$as_echo_n "checking kernel for seccomp_filter support... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #include - #include - #include - #include - #include - -int -main () -{ - int i = $seccomp_audit_arch; - errno = 0; - prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, NULL, 0, 0); - exit(errno == EFAULT ? 0 : 1); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - # Disable seccomp filter as a target - have_seccomp_filter=0 - - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -fi - -# Decide which sandbox style to use -sandbox_arg="" - -# Check whether --with-sandbox was given. -if test "${with_sandbox+set}" = set; then : - withval=$with_sandbox; - if test "x$withval" = "xyes" ; then - sandbox_arg="" - else - sandbox_arg="$withval" - fi - - -fi - - -# Some platforms (seems to be the ones that have a kernel poll(2)-type -# function with which they implement select(2)) use an extra file descriptor -# when calling select(2), which means we can't use the rlimit sandbox. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if select works with descriptor rlimit" >&5 -$as_echo_n "checking if select works with descriptor rlimit... " >&6; } -if test "$cross_compiling" = yes; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming yes" >&5 -$as_echo "$as_me: WARNING: cross compiling: assuming yes" >&2;} - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#ifdef HAVE_SYS_TIME_H -# include -#endif -#include -#ifdef HAVE_SYS_SELECT_H -# include -#endif -#include -#include -#include - -int -main () -{ - - struct rlimit rl_zero; - int fd, r; - fd_set fds; - struct timeval tv; - - fd = open("/dev/null", O_RDONLY); - FD_ZERO(&fds); - FD_SET(fd, &fds); - rl_zero.rlim_cur = rl_zero.rlim_max = 0; - setrlimit(RLIMIT_FSIZE, &rl_zero); - setrlimit(RLIMIT_NOFILE, &rl_zero); - tv.tv_sec = 1; - tv.tv_usec = 0; - r = select(fd+1, &fds, NULL, NULL, &tv); - exit (r == -1 ? 1 : 0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - select_works_with_rlimit=yes -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - select_works_with_rlimit=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if setrlimit(RLIMIT_NOFILE,{0,0}) works" >&5 -$as_echo_n "checking if setrlimit(RLIMIT_NOFILE,{0,0}) works... " >&6; } -if test "$cross_compiling" = yes; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming yes" >&5 -$as_echo "$as_me: WARNING: cross compiling: assuming yes" >&2;} - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#ifdef HAVE_SYS_TIME_H -# include -#endif -#include -#include -#include - -int -main () -{ - - struct rlimit rl_zero; - int fd, r; - fd_set fds; - - rl_zero.rlim_cur = rl_zero.rlim_max = 0; - r = setrlimit(RLIMIT_NOFILE, &rl_zero); - exit (r == -1 ? 1 : 0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - rlimit_nofile_zero_works=yes -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - rlimit_nofile_zero_works=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if setrlimit RLIMIT_FSIZE works" >&5 -$as_echo_n "checking if setrlimit RLIMIT_FSIZE works... " >&6; } -if test "$cross_compiling" = yes; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming yes" >&5 -$as_echo "$as_me: WARNING: cross compiling: assuming yes" >&2;} - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#include - -int -main () -{ - - struct rlimit rl_zero; - - rl_zero.rlim_cur = rl_zero.rlim_max = 0; - exit(setrlimit(RLIMIT_FSIZE, &rl_zero) != 0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -$as_echo "#define SANDBOX_SKIP_RLIMIT_FSIZE 1" >>confdefs.h - -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - -if test "x$sandbox_arg" = "xsystrace" || \ - ( test -z "$sandbox_arg" && test "x$have_systr_policy_kill" = "x1" ) ; then - test "x$have_systr_policy_kill" != "x1" && \ - as_fn_error $? "systrace sandbox requires systrace headers and SYSTR_POLICY_KILL support" "$LINENO" 5 - SANDBOX_STYLE="systrace" - -$as_echo "#define SANDBOX_SYSTRACE 1" >>confdefs.h - -elif test "x$sandbox_arg" = "xdarwin" || \ - ( test -z "$sandbox_arg" && test "x$ac_cv_func_sandbox_init" = "xyes" && \ - test "x$ac_cv_header_sandbox_h" = "xyes") ; then - test "x$ac_cv_func_sandbox_init" != "xyes" -o \ - "x$ac_cv_header_sandbox_h" != "xyes" && \ - as_fn_error $? "Darwin seatbelt sandbox requires sandbox.h and sandbox_init function" "$LINENO" 5 - SANDBOX_STYLE="darwin" - -$as_echo "#define SANDBOX_DARWIN 1" >>confdefs.h - -elif test "x$sandbox_arg" = "xseccomp_filter" || \ - ( test -z "$sandbox_arg" && \ - test "x$have_seccomp_filter" = "x1" && \ - test "x$ac_cv_header_elf_h" = "xyes" && \ - test "x$ac_cv_header_linux_audit_h" = "xyes" && \ - test "x$ac_cv_header_linux_filter_h" = "xyes" && \ - test "x$seccomp_audit_arch" != "x" && \ - test "x$have_linux_no_new_privs" = "x1" && \ - test "x$ac_cv_func_prctl" = "xyes" ) ; then - test "x$seccomp_audit_arch" = "x" && \ - as_fn_error $? "seccomp_filter sandbox not supported on $host" "$LINENO" 5 - test "x$have_linux_no_new_privs" != "x1" && \ - as_fn_error $? "seccomp_filter sandbox requires PR_SET_NO_NEW_PRIVS" "$LINENO" 5 - test "x$have_seccomp_filter" != "x1" && \ - as_fn_error $? "seccomp_filter sandbox requires seccomp headers" "$LINENO" 5 - test "x$ac_cv_func_prctl" != "xyes" && \ - as_fn_error $? "seccomp_filter sandbox requires prctl function" "$LINENO" 5 - SANDBOX_STYLE="seccomp_filter" - -$as_echo "#define SANDBOX_SECCOMP_FILTER 1" >>confdefs.h - -elif test "x$sandbox_arg" = "xcapsicum" || \ - ( test -z "$sandbox_arg" && \ - test "x$ac_cv_header_sys_capsicum_h" = "xyes" && \ - test "x$ac_cv_func_cap_rights_limit" = "xyes") ; then - test "x$ac_cv_header_sys_capsicum_h" != "xyes" && \ - as_fn_error $? "capsicum sandbox requires sys/capsicum.h header" "$LINENO" 5 - test "x$ac_cv_func_cap_rights_limit" != "xyes" && \ - as_fn_error $? "capsicum sandbox requires cap_rights_limit function" "$LINENO" 5 - SANDBOX_STYLE="capsicum" - -$as_echo "#define SANDBOX_CAPSICUM 1" >>confdefs.h - -elif test "x$sandbox_arg" = "xrlimit" || \ - ( test -z "$sandbox_arg" && test "x$ac_cv_func_setrlimit" = "xyes" && \ - test "x$select_works_with_rlimit" = "xyes" && \ - test "x$rlimit_nofile_zero_works" = "xyes" ) ; then - test "x$ac_cv_func_setrlimit" != "xyes" && \ - as_fn_error $? "rlimit sandbox requires setrlimit function" "$LINENO" 5 - test "x$select_works_with_rlimit" != "xyes" && \ - as_fn_error $? "rlimit sandbox requires select to work with rlimit" "$LINENO" 5 - SANDBOX_STYLE="rlimit" - -$as_echo "#define SANDBOX_RLIMIT 1" >>confdefs.h - -elif test -z "$sandbox_arg" || test "x$sandbox_arg" = "xno" || \ - test "x$sandbox_arg" = "xnone" || test "x$sandbox_arg" = "xnull" ; then - SANDBOX_STYLE="none" - -$as_echo "#define SANDBOX_NULL 1" >>confdefs.h - -else - as_fn_error $? "unsupported --with-sandbox" "$LINENO" 5 -fi - -# Cheap hack to ensure NEWS-OS libraries are arranged right. -if test ! -z "$SONY" ; then - LIBS="$LIBS -liberty"; -fi - -# Check for long long datatypes -ac_fn_c_check_type "$LINENO" "long long" "ac_cv_type_long_long" "$ac_includes_default" -if test "x$ac_cv_type_long_long" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_LONG_LONG 1 -_ACEOF - - -fi -ac_fn_c_check_type "$LINENO" "unsigned long long" "ac_cv_type_unsigned_long_long" "$ac_includes_default" -if test "x$ac_cv_type_unsigned_long_long" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_UNSIGNED_LONG_LONG 1 -_ACEOF - - -fi -ac_fn_c_check_type "$LINENO" "long double" "ac_cv_type_long_double" "$ac_includes_default" -if test "x$ac_cv_type_long_double" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_LONG_DOUBLE 1 -_ACEOF - - -fi - - -# Check datatype sizes -# The cast to long int works around a bug in the HP C Compiler -# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects -# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. -# This bug is HP SR number 8606223364. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of short int" >&5 -$as_echo_n "checking size of short int... " >&6; } -if ${ac_cv_sizeof_short_int+:} false; then : - $as_echo_n "(cached) " >&6 -else - if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (short int))" "ac_cv_sizeof_short_int" "$ac_includes_default"; then : - -else - if test "$ac_cv_type_short_int" = yes; then - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error 77 "cannot compute sizeof (short int) -See \`config.log' for more details" "$LINENO" 5; } - else - ac_cv_sizeof_short_int=0 - fi -fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_short_int" >&5 -$as_echo "$ac_cv_sizeof_short_int" >&6; } - - - -cat >>confdefs.h <<_ACEOF -#define SIZEOF_SHORT_INT $ac_cv_sizeof_short_int -_ACEOF - - -# The cast to long int works around a bug in the HP C Compiler -# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects -# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. -# This bug is HP SR number 8606223364. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of int" >&5 -$as_echo_n "checking size of int... " >&6; } -if ${ac_cv_sizeof_int+:} false; then : - $as_echo_n "(cached) " >&6 -else - if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (int))" "ac_cv_sizeof_int" "$ac_includes_default"; then : - -else - if test "$ac_cv_type_int" = yes; then - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error 77 "cannot compute sizeof (int) -See \`config.log' for more details" "$LINENO" 5; } - else - ac_cv_sizeof_int=0 - fi -fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_int" >&5 -$as_echo "$ac_cv_sizeof_int" >&6; } - - - -cat >>confdefs.h <<_ACEOF -#define SIZEOF_INT $ac_cv_sizeof_int -_ACEOF - - -# The cast to long int works around a bug in the HP C Compiler -# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects -# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. -# This bug is HP SR number 8606223364. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of long int" >&5 -$as_echo_n "checking size of long int... " >&6; } -if ${ac_cv_sizeof_long_int+:} false; then : - $as_echo_n "(cached) " >&6 -else - if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (long int))" "ac_cv_sizeof_long_int" "$ac_includes_default"; then : - -else - if test "$ac_cv_type_long_int" = yes; then - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error 77 "cannot compute sizeof (long int) -See \`config.log' for more details" "$LINENO" 5; } - else - ac_cv_sizeof_long_int=0 - fi -fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_long_int" >&5 -$as_echo "$ac_cv_sizeof_long_int" >&6; } - - - -cat >>confdefs.h <<_ACEOF -#define SIZEOF_LONG_INT $ac_cv_sizeof_long_int -_ACEOF - - -# The cast to long int works around a bug in the HP C Compiler -# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects -# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. -# This bug is HP SR number 8606223364. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of long long int" >&5 -$as_echo_n "checking size of long long int... " >&6; } -if ${ac_cv_sizeof_long_long_int+:} false; then : - $as_echo_n "(cached) " >&6 -else - if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (long long int))" "ac_cv_sizeof_long_long_int" "$ac_includes_default"; then : - -else - if test "$ac_cv_type_long_long_int" = yes; then - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error 77 "cannot compute sizeof (long long int) -See \`config.log' for more details" "$LINENO" 5; } - else - ac_cv_sizeof_long_long_int=0 - fi -fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_long_long_int" >&5 -$as_echo "$ac_cv_sizeof_long_long_int" >&6; } - - - -cat >>confdefs.h <<_ACEOF -#define SIZEOF_LONG_LONG_INT $ac_cv_sizeof_long_long_int -_ACEOF - - - -# Sanity check long long for some platforms (AIX) -if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then - ac_cv_sizeof_long_long_int=0 -fi - -# compute LLONG_MIN and LLONG_MAX if we don't know them. -if test -z "$have_llong_max"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for max value of long long" >&5 -$as_echo_n "checking for max value of long long... " >&6; } - if test "$cross_compiling" = yes; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking" >&5 -$as_echo "$as_me: WARNING: cross compiling: not checking" >&2;} - - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -/* Why is this so damn hard? */ -#ifdef __GNUC__ -# undef __GNUC__ -#endif -#define __USE_ISOC99 -#include -#define DATA "conftest.llminmax" -#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a)) - -/* - * printf in libc on some platforms (eg old Tru64) does not understand %lld so - * we do this the hard way. - */ -static int -fprint_ll(FILE *f, long long n) -{ - unsigned int i; - int l[sizeof(long long) * 8]; - - if (n < 0) - if (fprintf(f, "-") < 0) - return -1; - for (i = 0; n != 0; i++) { - l[i] = my_abs(n % 10); - n /= 10; - } - do { - if (fprintf(f, "%d", l[--i]) < 0) - return -1; - } while (i != 0); - if (fprintf(f, " ") < 0) - return -1; - return 0; -} - -int -main () -{ - - FILE *f; - long long i, llmin, llmax = 0; - - if((f = fopen(DATA,"w")) == NULL) - exit(1); - -#if defined(LLONG_MIN) && defined(LLONG_MAX) - fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n"); - llmin = LLONG_MIN; - llmax = LLONG_MAX; -#else - fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n"); - /* This will work on one's complement and two's complement */ - for (i = 1; i > llmax; i <<= 1, i++) - llmax = i; - llmin = llmax + 1LL; /* wrap */ -#endif - - /* Sanity check */ - if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax - || llmax - 1 > llmax || llmin == llmax || llmin == 0 - || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) { - fprintf(f, "unknown unknown\n"); - exit(2); - } - - if (fprint_ll(f, llmin) < 0) - exit(3); - if (fprint_ll(f, llmax) < 0) - exit(4); - if (fclose(f) < 0) - exit(5); - exit(0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - - llong_min=`$AWK '{print $1}' conftest.llminmax` - llong_max=`$AWK '{print $2}' conftest.llminmax` - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $llong_max" >&5 -$as_echo "$llong_max" >&6; } - -cat >>confdefs.h <<_ACEOF -#define LLONG_MAX ${llong_max}LL -_ACEOF - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for min value of long long" >&5 -$as_echo_n "checking for min value of long long... " >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $llong_min" >&5 -$as_echo "$llong_min" >&6; } - -cat >>confdefs.h <<_ACEOF -#define LLONG_MIN ${llong_min}LL -_ACEOF - - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: not found" >&5 -$as_echo "not found" >&6; } - -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -fi - - -# More checks for data types -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for u_int type" >&5 -$as_echo_n "checking for u_int type... " >&6; } -if ${ac_cv_have_u_int+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - u_int a; a = 1; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_u_int="yes" -else - ac_cv_have_u_int="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_u_int" >&5 -$as_echo "$ac_cv_have_u_int" >&6; } -if test "x$ac_cv_have_u_int" = "xyes" ; then - -$as_echo "#define HAVE_U_INT 1" >>confdefs.h - - have_u_int=1 -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for intXX_t types" >&5 -$as_echo_n "checking for intXX_t types... " >&6; } -if ${ac_cv_have_intxx_t+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - int8_t a; int16_t b; int32_t c; a = b = c = 1; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_intxx_t="yes" -else - ac_cv_have_intxx_t="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_intxx_t" >&5 -$as_echo "$ac_cv_have_intxx_t" >&6; } -if test "x$ac_cv_have_intxx_t" = "xyes" ; then - -$as_echo "#define HAVE_INTXX_T 1" >>confdefs.h - - have_intxx_t=1 -fi - -if (test -z "$have_intxx_t" && \ - test "x$ac_cv_header_stdint_h" = "xyes") -then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for intXX_t types in stdint.h" >&5 -$as_echo_n "checking for intXX_t types in stdint.h... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - int8_t a; int16_t b; int32_t c; a = b = c = 1; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - - $as_echo "#define HAVE_INTXX_T 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for int64_t type" >&5 -$as_echo_n "checking for int64_t type... " >&6; } -if ${ac_cv_have_int64_t+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#ifdef HAVE_STDINT_H -# include -#endif -#include -#ifdef HAVE_SYS_BITYPES_H -# include -#endif - -int -main () -{ - -int64_t a; a = 1; - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_int64_t="yes" -else - ac_cv_have_int64_t="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_int64_t" >&5 -$as_echo "$ac_cv_have_int64_t" >&6; } -if test "x$ac_cv_have_int64_t" = "xyes" ; then - -$as_echo "#define HAVE_INT64_T 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for u_intXX_t types" >&5 -$as_echo_n "checking for u_intXX_t types... " >&6; } -if ${ac_cv_have_u_intxx_t+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_u_intxx_t="yes" -else - ac_cv_have_u_intxx_t="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_u_intxx_t" >&5 -$as_echo "$ac_cv_have_u_intxx_t" >&6; } -if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then - -$as_echo "#define HAVE_U_INTXX_T 1" >>confdefs.h - - have_u_intxx_t=1 -fi - -if test -z "$have_u_intxx_t" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for u_intXX_t types in sys/socket.h" >&5 -$as_echo_n "checking for u_intXX_t types in sys/socket.h... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - - $as_echo "#define HAVE_U_INTXX_T 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for u_int64_t types" >&5 -$as_echo_n "checking for u_int64_t types... " >&6; } -if ${ac_cv_have_u_int64_t+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - u_int64_t a; a = 1; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_u_int64_t="yes" -else - ac_cv_have_u_int64_t="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_u_int64_t" >&5 -$as_echo "$ac_cv_have_u_int64_t" >&6; } -if test "x$ac_cv_have_u_int64_t" = "xyes" ; then - -$as_echo "#define HAVE_U_INT64_T 1" >>confdefs.h - - have_u_int64_t=1 -fi - -if (test -z "$have_u_int64_t" && \ - test "x$ac_cv_header_sys_bitypes_h" = "xyes") -then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for u_int64_t type in sys/bitypes.h" >&5 -$as_echo_n "checking for u_int64_t type in sys/bitypes.h... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - u_int64_t a; a = 1 - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - - $as_echo "#define HAVE_U_INT64_T 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -if test -z "$have_u_intxx_t" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for uintXX_t types" >&5 -$as_echo_n "checking for uintXX_t types... " >&6; } -if ${ac_cv_have_uintxx_t+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include - -int -main () -{ - - uint8_t a; - uint16_t b; - uint32_t c; - a = b = c = 1; - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_uintxx_t="yes" -else - ac_cv_have_uintxx_t="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_uintxx_t" >&5 -$as_echo "$ac_cv_have_uintxx_t" >&6; } - if test "x$ac_cv_have_uintxx_t" = "xyes" ; then - -$as_echo "#define HAVE_UINTXX_T 1" >>confdefs.h - - fi -fi - -if (test -z "$have_uintxx_t" && \ - test "x$ac_cv_header_stdint_h" = "xyes") -then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for uintXX_t types in stdint.h" >&5 -$as_echo_n "checking for uintXX_t types in stdint.h... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - - $as_echo "#define HAVE_UINTXX_T 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -if (test -z "$have_uintxx_t" && \ - test "x$ac_cv_header_inttypes_h" = "xyes") -then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for uintXX_t types in inttypes.h" >&5 -$as_echo_n "checking for uintXX_t types in inttypes.h... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - - $as_echo "#define HAVE_UINTXX_T 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ - test "x$ac_cv_header_sys_bitypes_h" = "xyes") -then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for intXX_t and u_intXX_t types in sys/bitypes.h" >&5 -$as_echo_n "checking for intXX_t and u_intXX_t types in sys/bitypes.h... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include - -int -main () -{ - - int8_t a; int16_t b; int32_t c; - u_int8_t e; u_int16_t f; u_int32_t g; - a = b = c = e = f = g = 1; - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - - $as_echo "#define HAVE_U_INTXX_T 1" >>confdefs.h - - $as_echo "#define HAVE_INTXX_T 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for u_char" >&5 -$as_echo_n "checking for u_char... " >&6; } -if ${ac_cv_have_u_char+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - u_char foo; foo = 125; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_u_char="yes" -else - ac_cv_have_u_char="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_u_char" >&5 -$as_echo "$ac_cv_have_u_char" >&6; } -if test "x$ac_cv_have_u_char" = "xyes" ; then - -$as_echo "#define HAVE_U_CHAR 1" >>confdefs.h - -fi - -ac_fn_c_check_type "$LINENO" "intmax_t" "ac_cv_type_intmax_t" " -#include -#include - -" -if test "x$ac_cv_type_intmax_t" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_INTMAX_T 1 -_ACEOF - - -fi -ac_fn_c_check_type "$LINENO" "uintmax_t" "ac_cv_type_uintmax_t" " -#include -#include - -" -if test "x$ac_cv_type_uintmax_t" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_UINTMAX_T 1 -_ACEOF - - -fi - - - - ac_fn_c_check_type "$LINENO" "socklen_t" "ac_cv_type_socklen_t" "#include -#include -" -if test "x$ac_cv_type_socklen_t" = xyes; then : - -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for socklen_t equivalent" >&5 -$as_echo_n "checking for socklen_t equivalent... " >&6; } - if ${curl_cv_socklen_t_equiv+:} false; then : - $as_echo_n "(cached) " >&6 -else - - # Systems have either "struct sockaddr *" or - # "void *" as the second argument to getpeername - curl_cv_socklen_t_equiv= - for arg2 in "struct sockaddr" void; do - for t in int size_t unsigned long "unsigned long"; do - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #include - - int getpeername (int, $arg2 *, $t *); - -int -main () -{ - - $t len; - getpeername(0,0,&len); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - - curl_cv_socklen_t_equiv="$t" - break - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - done - done - - if test "x$curl_cv_socklen_t_equiv" = x; then - as_fn_error $? "Cannot find a type to use in place of socklen_t" "$LINENO" 5 - fi - -fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_socklen_t_equiv" >&5 -$as_echo "$curl_cv_socklen_t_equiv" >&6; } - -cat >>confdefs.h <<_ACEOF -#define socklen_t $curl_cv_socklen_t_equiv -_ACEOF - -fi - - - -ac_fn_c_check_type "$LINENO" "sig_atomic_t" "ac_cv_type_sig_atomic_t" "#include -" -if test "x$ac_cv_type_sig_atomic_t" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_SIG_ATOMIC_T 1 -_ACEOF - - -fi - -ac_fn_c_check_type "$LINENO" "fsblkcnt_t" "ac_cv_type_fsblkcnt_t" " -#include -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_SYS_STATFS_H -#include -#endif -#ifdef HAVE_SYS_STATVFS_H -#include -#endif - -" -if test "x$ac_cv_type_fsblkcnt_t" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_FSBLKCNT_T 1 -_ACEOF - - -fi -ac_fn_c_check_type "$LINENO" "fsfilcnt_t" "ac_cv_type_fsfilcnt_t" " -#include -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_SYS_STATFS_H -#include -#endif -#ifdef HAVE_SYS_STATVFS_H -#include -#endif - -" -if test "x$ac_cv_type_fsfilcnt_t" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_FSFILCNT_T 1 -_ACEOF - - -fi - - -ac_fn_c_check_type "$LINENO" "in_addr_t" "ac_cv_type_in_addr_t" "#include -#include -" -if test "x$ac_cv_type_in_addr_t" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_IN_ADDR_T 1 -_ACEOF - - -fi -ac_fn_c_check_type "$LINENO" "in_port_t" "ac_cv_type_in_port_t" "#include -#include -" -if test "x$ac_cv_type_in_port_t" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_IN_PORT_T 1 -_ACEOF - - -fi - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for size_t" >&5 -$as_echo_n "checking for size_t... " >&6; } -if ${ac_cv_have_size_t+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - size_t foo; foo = 1235; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_size_t="yes" -else - ac_cv_have_size_t="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_size_t" >&5 -$as_echo "$ac_cv_have_size_t" >&6; } -if test "x$ac_cv_have_size_t" = "xyes" ; then - -$as_echo "#define HAVE_SIZE_T 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ssize_t" >&5 -$as_echo_n "checking for ssize_t... " >&6; } -if ${ac_cv_have_ssize_t+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - ssize_t foo; foo = 1235; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_ssize_t="yes" -else - ac_cv_have_ssize_t="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_ssize_t" >&5 -$as_echo "$ac_cv_have_ssize_t" >&6; } -if test "x$ac_cv_have_ssize_t" = "xyes" ; then - -$as_echo "#define HAVE_SSIZE_T 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for clock_t" >&5 -$as_echo_n "checking for clock_t... " >&6; } -if ${ac_cv_have_clock_t+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - clock_t foo; foo = 1235; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_clock_t="yes" -else - ac_cv_have_clock_t="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_clock_t" >&5 -$as_echo "$ac_cv_have_clock_t" >&6; } -if test "x$ac_cv_have_clock_t" = "xyes" ; then - -$as_echo "#define HAVE_CLOCK_T 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for sa_family_t" >&5 -$as_echo_n "checking for sa_family_t... " >&6; } -if ${ac_cv_have_sa_family_t+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include - -int -main () -{ - sa_family_t foo; foo = 1235; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_sa_family_t="yes" -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#include - -int -main () -{ - sa_family_t foo; foo = 1235; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_sa_family_t="yes" -else - ac_cv_have_sa_family_t="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_sa_family_t" >&5 -$as_echo "$ac_cv_have_sa_family_t" >&6; } -if test "x$ac_cv_have_sa_family_t" = "xyes" ; then - -$as_echo "#define HAVE_SA_FAMILY_T 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for pid_t" >&5 -$as_echo_n "checking for pid_t... " >&6; } -if ${ac_cv_have_pid_t+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - pid_t foo; foo = 1235; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_pid_t="yes" -else - ac_cv_have_pid_t="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_pid_t" >&5 -$as_echo "$ac_cv_have_pid_t" >&6; } -if test "x$ac_cv_have_pid_t" = "xyes" ; then - -$as_echo "#define HAVE_PID_T 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for mode_t" >&5 -$as_echo_n "checking for mode_t... " >&6; } -if ${ac_cv_have_mode_t+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - mode_t foo; foo = 1235; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_mode_t="yes" -else - ac_cv_have_mode_t="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_mode_t" >&5 -$as_echo "$ac_cv_have_mode_t" >&6; } -if test "x$ac_cv_have_mode_t" = "xyes" ; then - -$as_echo "#define HAVE_MODE_T 1" >>confdefs.h - -fi - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct sockaddr_storage" >&5 -$as_echo_n "checking for struct sockaddr_storage... " >&6; } -if ${ac_cv_have_struct_sockaddr_storage+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include - -int -main () -{ - struct sockaddr_storage s; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_struct_sockaddr_storage="yes" -else - ac_cv_have_struct_sockaddr_storage="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_struct_sockaddr_storage" >&5 -$as_echo "$ac_cv_have_struct_sockaddr_storage" >&6; } -if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then - -$as_echo "#define HAVE_STRUCT_SOCKADDR_STORAGE 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct sockaddr_in6" >&5 -$as_echo_n "checking for struct sockaddr_in6... " >&6; } -if ${ac_cv_have_struct_sockaddr_in6+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include - -int -main () -{ - struct sockaddr_in6 s; s.sin6_family = 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_struct_sockaddr_in6="yes" -else - ac_cv_have_struct_sockaddr_in6="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_struct_sockaddr_in6" >&5 -$as_echo "$ac_cv_have_struct_sockaddr_in6" >&6; } -if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then - -$as_echo "#define HAVE_STRUCT_SOCKADDR_IN6 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct in6_addr" >&5 -$as_echo_n "checking for struct in6_addr... " >&6; } -if ${ac_cv_have_struct_in6_addr+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include - -int -main () -{ - struct in6_addr s; s.s6_addr[0] = 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_struct_in6_addr="yes" -else - ac_cv_have_struct_in6_addr="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_struct_in6_addr" >&5 -$as_echo "$ac_cv_have_struct_in6_addr" >&6; } -if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then - -$as_echo "#define HAVE_STRUCT_IN6_ADDR 1" >>confdefs.h - - - ac_fn_c_check_member "$LINENO" "struct sockaddr_in6" "sin6_scope_id" "ac_cv_member_struct_sockaddr_in6_sin6_scope_id" " -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#include - -" -if test "x$ac_cv_member_struct_sockaddr_in6_sin6_scope_id" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_SOCKADDR_IN6_SIN6_SCOPE_ID 1 -_ACEOF - - -fi - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct addrinfo" >&5 -$as_echo_n "checking for struct addrinfo... " >&6; } -if ${ac_cv_have_struct_addrinfo+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#include - -int -main () -{ - struct addrinfo s; s.ai_flags = AI_PASSIVE; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_struct_addrinfo="yes" -else - ac_cv_have_struct_addrinfo="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_struct_addrinfo" >&5 -$as_echo "$ac_cv_have_struct_addrinfo" >&6; } -if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then - -$as_echo "#define HAVE_STRUCT_ADDRINFO 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct timeval" >&5 -$as_echo_n "checking for struct timeval... " >&6; } -if ${ac_cv_have_struct_timeval+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - struct timeval tv; tv.tv_sec = 1; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_struct_timeval="yes" -else - ac_cv_have_struct_timeval="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_struct_timeval" >&5 -$as_echo "$ac_cv_have_struct_timeval" >&6; } -if test "x$ac_cv_have_struct_timeval" = "xyes" ; then - -$as_echo "#define HAVE_STRUCT_TIMEVAL 1" >>confdefs.h - - have_struct_timeval=1 -fi - -ac_fn_c_check_type "$LINENO" "struct timespec" "ac_cv_type_struct_timespec" "$ac_includes_default" -if test "x$ac_cv_type_struct_timespec" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_TIMESPEC 1 -_ACEOF - - -fi - - -# We need int64_t or else certian parts of the compile will fail. -if test "x$ac_cv_have_int64_t" = "xno" && \ - test "x$ac_cv_sizeof_long_int" != "x8" && \ - test "x$ac_cv_sizeof_long_long_int" = "x0" ; then - echo "OpenSSH requires int64_t support. Contact your vendor or install" - echo "an alternative compiler (I.E., GCC) before continuing." - echo "" - exit 1; -else - if test "$cross_compiling" = yes; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: Assuming working snprintf()" >&5 -$as_echo "$as_me: WARNING: cross compiling: Assuming working snprintf()" >&2;} - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#ifdef HAVE_SNPRINTF -main() -{ - char buf[50]; - char expected_out[50]; - int mazsize = 50 ; -#if (SIZEOF_LONG_INT == 8) - long int num = 0x7fffffffffffffff; -#else - long long num = 0x7fffffffffffffffll; -#endif - strcpy(expected_out, "9223372036854775807"); - snprintf(buf, mazsize, "%lld", num); - if(strcmp(buf, expected_out) != 0) - exit(1); - exit(0); -} -#else -main() { exit(0); } -#endif - -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - true -else - $as_echo "#define BROKEN_SNPRINTF 1" >>confdefs.h - -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -fi - - -# look for field 'ut_host' in header 'utmp.h' - ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` - ossh_varname="ossh_cv_$ossh_safe""_has_"ut_host - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_host field in utmp.h" >&5 -$as_echo_n "checking for ut_host field in utmp.h... " >&6; } - if eval \${$ossh_varname+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ut_host" >/dev/null 2>&1; then : - eval "$ossh_varname=yes" -else - eval "$ossh_varname=no" -fi -rm -f conftest* - -fi - - ossh_result=`eval 'echo $'"$ossh_varname"` - if test -n "`echo $ossh_varname`"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 -$as_echo "$ossh_result" >&6; } - if test "x$ossh_result" = "xyes"; then - -$as_echo "#define HAVE_HOST_IN_UTMP 1" >>confdefs.h - - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - - -# look for field 'ut_host' in header 'utmpx.h' - ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` - ossh_varname="ossh_cv_$ossh_safe""_has_"ut_host - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_host field in utmpx.h" >&5 -$as_echo_n "checking for ut_host field in utmpx.h... " >&6; } - if eval \${$ossh_varname+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ut_host" >/dev/null 2>&1; then : - eval "$ossh_varname=yes" -else - eval "$ossh_varname=no" -fi -rm -f conftest* - -fi - - ossh_result=`eval 'echo $'"$ossh_varname"` - if test -n "`echo $ossh_varname`"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 -$as_echo "$ossh_result" >&6; } - if test "x$ossh_result" = "xyes"; then - -$as_echo "#define HAVE_HOST_IN_UTMPX 1" >>confdefs.h - - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - - -# look for field 'syslen' in header 'utmpx.h' - ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` - ossh_varname="ossh_cv_$ossh_safe""_has_"syslen - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for syslen field in utmpx.h" >&5 -$as_echo_n "checking for syslen field in utmpx.h... " >&6; } - if eval \${$ossh_varname+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "syslen" >/dev/null 2>&1; then : - eval "$ossh_varname=yes" -else - eval "$ossh_varname=no" -fi -rm -f conftest* - -fi - - ossh_result=`eval 'echo $'"$ossh_varname"` - if test -n "`echo $ossh_varname`"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 -$as_echo "$ossh_result" >&6; } - if test "x$ossh_result" = "xyes"; then - -$as_echo "#define HAVE_SYSLEN_IN_UTMPX 1" >>confdefs.h - - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - - -# look for field 'ut_pid' in header 'utmp.h' - ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` - ossh_varname="ossh_cv_$ossh_safe""_has_"ut_pid - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_pid field in utmp.h" >&5 -$as_echo_n "checking for ut_pid field in utmp.h... " >&6; } - if eval \${$ossh_varname+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ut_pid" >/dev/null 2>&1; then : - eval "$ossh_varname=yes" -else - eval "$ossh_varname=no" -fi -rm -f conftest* - -fi - - ossh_result=`eval 'echo $'"$ossh_varname"` - if test -n "`echo $ossh_varname`"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 -$as_echo "$ossh_result" >&6; } - if test "x$ossh_result" = "xyes"; then - -$as_echo "#define HAVE_PID_IN_UTMP 1" >>confdefs.h - - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - - -# look for field 'ut_type' in header 'utmp.h' - ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` - ossh_varname="ossh_cv_$ossh_safe""_has_"ut_type - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_type field in utmp.h" >&5 -$as_echo_n "checking for ut_type field in utmp.h... " >&6; } - if eval \${$ossh_varname+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ut_type" >/dev/null 2>&1; then : - eval "$ossh_varname=yes" -else - eval "$ossh_varname=no" -fi -rm -f conftest* - -fi - - ossh_result=`eval 'echo $'"$ossh_varname"` - if test -n "`echo $ossh_varname`"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 -$as_echo "$ossh_result" >&6; } - if test "x$ossh_result" = "xyes"; then - -$as_echo "#define HAVE_TYPE_IN_UTMP 1" >>confdefs.h - - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - - -# look for field 'ut_type' in header 'utmpx.h' - ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` - ossh_varname="ossh_cv_$ossh_safe""_has_"ut_type - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_type field in utmpx.h" >&5 -$as_echo_n "checking for ut_type field in utmpx.h... " >&6; } - if eval \${$ossh_varname+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ut_type" >/dev/null 2>&1; then : - eval "$ossh_varname=yes" -else - eval "$ossh_varname=no" -fi -rm -f conftest* - -fi - - ossh_result=`eval 'echo $'"$ossh_varname"` - if test -n "`echo $ossh_varname`"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 -$as_echo "$ossh_result" >&6; } - if test "x$ossh_result" = "xyes"; then - -$as_echo "#define HAVE_TYPE_IN_UTMPX 1" >>confdefs.h - - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - - -# look for field 'ut_tv' in header 'utmp.h' - ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` - ossh_varname="ossh_cv_$ossh_safe""_has_"ut_tv - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_tv field in utmp.h" >&5 -$as_echo_n "checking for ut_tv field in utmp.h... " >&6; } - if eval \${$ossh_varname+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ut_tv" >/dev/null 2>&1; then : - eval "$ossh_varname=yes" -else - eval "$ossh_varname=no" -fi -rm -f conftest* - -fi - - ossh_result=`eval 'echo $'"$ossh_varname"` - if test -n "`echo $ossh_varname`"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 -$as_echo "$ossh_result" >&6; } - if test "x$ossh_result" = "xyes"; then - -$as_echo "#define HAVE_TV_IN_UTMP 1" >>confdefs.h - - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - - -# look for field 'ut_id' in header 'utmp.h' - ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` - ossh_varname="ossh_cv_$ossh_safe""_has_"ut_id - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_id field in utmp.h" >&5 -$as_echo_n "checking for ut_id field in utmp.h... " >&6; } - if eval \${$ossh_varname+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ut_id" >/dev/null 2>&1; then : - eval "$ossh_varname=yes" -else - eval "$ossh_varname=no" -fi -rm -f conftest* - -fi - - ossh_result=`eval 'echo $'"$ossh_varname"` - if test -n "`echo $ossh_varname`"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 -$as_echo "$ossh_result" >&6; } - if test "x$ossh_result" = "xyes"; then - -$as_echo "#define HAVE_ID_IN_UTMP 1" >>confdefs.h - - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - - -# look for field 'ut_id' in header 'utmpx.h' - ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` - ossh_varname="ossh_cv_$ossh_safe""_has_"ut_id - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_id field in utmpx.h" >&5 -$as_echo_n "checking for ut_id field in utmpx.h... " >&6; } - if eval \${$ossh_varname+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ut_id" >/dev/null 2>&1; then : - eval "$ossh_varname=yes" -else - eval "$ossh_varname=no" -fi -rm -f conftest* - -fi - - ossh_result=`eval 'echo $'"$ossh_varname"` - if test -n "`echo $ossh_varname`"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 -$as_echo "$ossh_result" >&6; } - if test "x$ossh_result" = "xyes"; then - -$as_echo "#define HAVE_ID_IN_UTMPX 1" >>confdefs.h - - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - - -# look for field 'ut_addr' in header 'utmp.h' - ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` - ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_addr field in utmp.h" >&5 -$as_echo_n "checking for ut_addr field in utmp.h... " >&6; } - if eval \${$ossh_varname+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ut_addr" >/dev/null 2>&1; then : - eval "$ossh_varname=yes" -else - eval "$ossh_varname=no" -fi -rm -f conftest* - -fi - - ossh_result=`eval 'echo $'"$ossh_varname"` - if test -n "`echo $ossh_varname`"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 -$as_echo "$ossh_result" >&6; } - if test "x$ossh_result" = "xyes"; then - -$as_echo "#define HAVE_ADDR_IN_UTMP 1" >>confdefs.h - - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - - -# look for field 'ut_addr' in header 'utmpx.h' - ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` - ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_addr field in utmpx.h" >&5 -$as_echo_n "checking for ut_addr field in utmpx.h... " >&6; } - if eval \${$ossh_varname+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ut_addr" >/dev/null 2>&1; then : - eval "$ossh_varname=yes" -else - eval "$ossh_varname=no" -fi -rm -f conftest* - -fi - - ossh_result=`eval 'echo $'"$ossh_varname"` - if test -n "`echo $ossh_varname`"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 -$as_echo "$ossh_result" >&6; } - if test "x$ossh_result" = "xyes"; then - -$as_echo "#define HAVE_ADDR_IN_UTMPX 1" >>confdefs.h - - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - - -# look for field 'ut_addr_v6' in header 'utmp.h' - ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` - ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr_v6 - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_addr_v6 field in utmp.h" >&5 -$as_echo_n "checking for ut_addr_v6 field in utmp.h... " >&6; } - if eval \${$ossh_varname+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ut_addr_v6" >/dev/null 2>&1; then : - eval "$ossh_varname=yes" -else - eval "$ossh_varname=no" -fi -rm -f conftest* - -fi - - ossh_result=`eval 'echo $'"$ossh_varname"` - if test -n "`echo $ossh_varname`"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 -$as_echo "$ossh_result" >&6; } - if test "x$ossh_result" = "xyes"; then - -$as_echo "#define HAVE_ADDR_V6_IN_UTMP 1" >>confdefs.h - - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - - -# look for field 'ut_addr_v6' in header 'utmpx.h' - ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` - ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr_v6 - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_addr_v6 field in utmpx.h" >&5 -$as_echo_n "checking for ut_addr_v6 field in utmpx.h... " >&6; } - if eval \${$ossh_varname+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ut_addr_v6" >/dev/null 2>&1; then : - eval "$ossh_varname=yes" -else - eval "$ossh_varname=no" -fi -rm -f conftest* - -fi - - ossh_result=`eval 'echo $'"$ossh_varname"` - if test -n "`echo $ossh_varname`"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 -$as_echo "$ossh_result" >&6; } - if test "x$ossh_result" = "xyes"; then - -$as_echo "#define HAVE_ADDR_V6_IN_UTMPX 1" >>confdefs.h - - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - - -# look for field 'ut_exit' in header 'utmp.h' - ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` - ossh_varname="ossh_cv_$ossh_safe""_has_"ut_exit - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_exit field in utmp.h" >&5 -$as_echo_n "checking for ut_exit field in utmp.h... " >&6; } - if eval \${$ossh_varname+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ut_exit" >/dev/null 2>&1; then : - eval "$ossh_varname=yes" -else - eval "$ossh_varname=no" -fi -rm -f conftest* - -fi - - ossh_result=`eval 'echo $'"$ossh_varname"` - if test -n "`echo $ossh_varname`"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 -$as_echo "$ossh_result" >&6; } - if test "x$ossh_result" = "xyes"; then - -$as_echo "#define HAVE_EXIT_IN_UTMP 1" >>confdefs.h - - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - - -# look for field 'ut_time' in header 'utmp.h' - ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'` - ossh_varname="ossh_cv_$ossh_safe""_has_"ut_time - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_time field in utmp.h" >&5 -$as_echo_n "checking for ut_time field in utmp.h... " >&6; } - if eval \${$ossh_varname+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ut_time" >/dev/null 2>&1; then : - eval "$ossh_varname=yes" -else - eval "$ossh_varname=no" -fi -rm -f conftest* - -fi - - ossh_result=`eval 'echo $'"$ossh_varname"` - if test -n "`echo $ossh_varname`"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 -$as_echo "$ossh_result" >&6; } - if test "x$ossh_result" = "xyes"; then - -$as_echo "#define HAVE_TIME_IN_UTMP 1" >>confdefs.h - - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - - -# look for field 'ut_time' in header 'utmpx.h' - ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` - ossh_varname="ossh_cv_$ossh_safe""_has_"ut_time - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_time field in utmpx.h" >&5 -$as_echo_n "checking for ut_time field in utmpx.h... " >&6; } - if eval \${$ossh_varname+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ut_time" >/dev/null 2>&1; then : - eval "$ossh_varname=yes" -else - eval "$ossh_varname=no" -fi -rm -f conftest* - -fi - - ossh_result=`eval 'echo $'"$ossh_varname"` - if test -n "`echo $ossh_varname`"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 -$as_echo "$ossh_result" >&6; } - if test "x$ossh_result" = "xyes"; then - -$as_echo "#define HAVE_TIME_IN_UTMPX 1" >>confdefs.h - - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - - -# look for field 'ut_tv' in header 'utmpx.h' - ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'` - ossh_varname="ossh_cv_$ossh_safe""_has_"ut_tv - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_tv field in utmpx.h" >&5 -$as_echo_n "checking for ut_tv field in utmpx.h... " >&6; } - if eval \${$ossh_varname+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ut_tv" >/dev/null 2>&1; then : - eval "$ossh_varname=yes" -else - eval "$ossh_varname=no" -fi -rm -f conftest* - -fi - - ossh_result=`eval 'echo $'"$ossh_varname"` - if test -n "`echo $ossh_varname`"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5 -$as_echo "$ossh_result" >&6; } - if test "x$ossh_result" = "xyes"; then - -$as_echo "#define HAVE_TV_IN_UTMPX 1" >>confdefs.h - - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - - -ac_fn_c_check_member "$LINENO" "struct stat" "st_blksize" "ac_cv_member_struct_stat_st_blksize" "$ac_includes_default" -if test "x$ac_cv_member_struct_stat_st_blksize" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_STAT_ST_BLKSIZE 1 -_ACEOF - - -fi - -ac_fn_c_check_member "$LINENO" "struct passwd" "pw_gecos" "ac_cv_member_struct_passwd_pw_gecos" " -#include -#include - -" -if test "x$ac_cv_member_struct_passwd_pw_gecos" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_PASSWD_PW_GECOS 1 -_ACEOF - - -fi -ac_fn_c_check_member "$LINENO" "struct passwd" "pw_class" "ac_cv_member_struct_passwd_pw_class" " -#include -#include - -" -if test "x$ac_cv_member_struct_passwd_pw_class" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_PASSWD_PW_CLASS 1 -_ACEOF - - -fi -ac_fn_c_check_member "$LINENO" "struct passwd" "pw_change" "ac_cv_member_struct_passwd_pw_change" " -#include -#include - -" -if test "x$ac_cv_member_struct_passwd_pw_change" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_PASSWD_PW_CHANGE 1 -_ACEOF - - -fi -ac_fn_c_check_member "$LINENO" "struct passwd" "pw_expire" "ac_cv_member_struct_passwd_pw_expire" " -#include -#include - -" -if test "x$ac_cv_member_struct_passwd_pw_expire" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_PASSWD_PW_EXPIRE 1 -_ACEOF - - -fi - - -ac_fn_c_check_member "$LINENO" "struct __res_state" "retrans" "ac_cv_member_struct___res_state_retrans" " -#include -#if HAVE_SYS_TYPES_H -# include -#endif -#include -#include -#include - -" -if test "x$ac_cv_member_struct___res_state_retrans" = xyes; then : - -else - -$as_echo "#define __res_state state" >>confdefs.h - -fi - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ss_family field in struct sockaddr_storage" >&5 -$as_echo_n "checking for ss_family field in struct sockaddr_storage... " >&6; } -if ${ac_cv_have_ss_family_in_struct_ss+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include - -int -main () -{ - struct sockaddr_storage s; s.ss_family = 1; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_ss_family_in_struct_ss="yes" -else - ac_cv_have_ss_family_in_struct_ss="no" -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_ss_family_in_struct_ss" >&5 -$as_echo "$ac_cv_have_ss_family_in_struct_ss" >&6; } -if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then - -$as_echo "#define HAVE_SS_FAMILY_IN_SS 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for __ss_family field in struct sockaddr_storage" >&5 -$as_echo_n "checking for __ss_family field in struct sockaddr_storage... " >&6; } -if ${ac_cv_have___ss_family_in_struct_ss+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include - -int -main () -{ - struct sockaddr_storage s; s.__ss_family = 1; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have___ss_family_in_struct_ss="yes" -else - ac_cv_have___ss_family_in_struct_ss="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have___ss_family_in_struct_ss" >&5 -$as_echo "$ac_cv_have___ss_family_in_struct_ss" >&6; } -if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then - -$as_echo "#define HAVE___SS_FAMILY_IN_SS 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for msg_accrights field in struct msghdr" >&5 -$as_echo_n "checking for msg_accrights field in struct msghdr... " >&6; } -if ${ac_cv_have_accrights_in_msghdr+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#include - -int -main () -{ - -#ifdef msg_accrights -#error "msg_accrights is a macro" -exit(1); -#endif -struct msghdr m; -m.msg_accrights = 0; -exit(0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_accrights_in_msghdr="yes" -else - ac_cv_have_accrights_in_msghdr="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_accrights_in_msghdr" >&5 -$as_echo "$ac_cv_have_accrights_in_msghdr" >&6; } -if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then - -$as_echo "#define HAVE_ACCRIGHTS_IN_MSGHDR 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if struct statvfs.f_fsid is integral type" >&5 -$as_echo_n "checking if struct statvfs.f_fsid is integral type... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#ifdef HAVE_SYS_TIME_H -# include -#endif -#ifdef HAVE_SYS_MOUNT_H -#include -#endif -#ifdef HAVE_SYS_STATVFS_H -#include -#endif - -int -main () -{ - struct statvfs s; s.f_fsid = 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if fsid_t has member val" >&5 -$as_echo_n "checking if fsid_t has member val... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include - -int -main () -{ - fsid_t t; t.val[0] = 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define FSID_HAS_VAL 1" >>confdefs.h - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if f_fsid has member __val" >&5 -$as_echo_n "checking if f_fsid has member __val... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include - -int -main () -{ - fsid_t t; t.__val[0] = 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define FSID_HAS___VAL 1" >>confdefs.h - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for msg_control field in struct msghdr" >&5 -$as_echo_n "checking for msg_control field in struct msghdr... " >&6; } -if ${ac_cv_have_control_in_msghdr+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#include - -int -main () -{ - -#ifdef msg_control -#error "msg_control is a macro" -exit(1); -#endif -struct msghdr m; -m.msg_control = 0; -exit(0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_have_control_in_msghdr="yes" -else - ac_cv_have_control_in_msghdr="no" - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_control_in_msghdr" >&5 -$as_echo "$ac_cv_have_control_in_msghdr" >&6; } -if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then - -$as_echo "#define HAVE_CONTROL_IN_MSGHDR 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if libc defines __progname" >&5 -$as_echo_n "checking if libc defines __progname... " >&6; } -if ${ac_cv_libc_defines___progname+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - extern char *__progname; printf("%s", __progname); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_libc_defines___progname="yes" -else - ac_cv_libc_defines___progname="no" - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libc_defines___progname" >&5 -$as_echo "$ac_cv_libc_defines___progname" >&6; } -if test "x$ac_cv_libc_defines___progname" = "xyes" ; then - -$as_echo "#define HAVE___PROGNAME 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC implements __FUNCTION__" >&5 -$as_echo_n "checking whether $CC implements __FUNCTION__... " >&6; } -if ${ac_cv_cc_implements___FUNCTION__+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - printf("%s", __FUNCTION__); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_cc_implements___FUNCTION__="yes" -else - ac_cv_cc_implements___FUNCTION__="no" - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_cc_implements___FUNCTION__" >&5 -$as_echo "$ac_cv_cc_implements___FUNCTION__" >&6; } -if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then - -$as_echo "#define HAVE___FUNCTION__ 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC implements __func__" >&5 -$as_echo_n "checking whether $CC implements __func__... " >&6; } -if ${ac_cv_cc_implements___func__+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - printf("%s", __func__); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_cc_implements___func__="yes" -else - ac_cv_cc_implements___func__="no" - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_cc_implements___func__" >&5 -$as_echo "$ac_cv_cc_implements___func__" >&6; } -if test "x$ac_cv_cc_implements___func__" = "xyes" ; then - -$as_echo "#define HAVE___func__ 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether va_copy exists" >&5 -$as_echo_n "checking whether va_copy exists... " >&6; } -if ${ac_cv_have_va_copy+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -va_list x,y; - -int -main () -{ - va_copy(x,y); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_have_va_copy="yes" -else - ac_cv_have_va_copy="no" - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_va_copy" >&5 -$as_echo "$ac_cv_have_va_copy" >&6; } -if test "x$ac_cv_have_va_copy" = "xyes" ; then - -$as_echo "#define HAVE_VA_COPY 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether __va_copy exists" >&5 -$as_echo_n "checking whether __va_copy exists... " >&6; } -if ${ac_cv_have___va_copy+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -va_list x,y; - -int -main () -{ - __va_copy(x,y); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_have___va_copy="yes" -else - ac_cv_have___va_copy="no" - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have___va_copy" >&5 -$as_echo "$ac_cv_have___va_copy" >&6; } -if test "x$ac_cv_have___va_copy" = "xyes" ; then - -$as_echo "#define HAVE___VA_COPY 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether getopt has optreset support" >&5 -$as_echo_n "checking whether getopt has optreset support... " >&6; } -if ${ac_cv_have_getopt_optreset+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include -int -main () -{ - extern int optreset; optreset = 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_have_getopt_optreset="yes" -else - ac_cv_have_getopt_optreset="no" - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_getopt_optreset" >&5 -$as_echo "$ac_cv_have_getopt_optreset" >&6; } -if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then - -$as_echo "#define HAVE_GETOPT_OPTRESET 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if libc defines sys_errlist" >&5 -$as_echo_n "checking if libc defines sys_errlist... " >&6; } -if ${ac_cv_libc_defines_sys_errlist+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_libc_defines_sys_errlist="yes" -else - ac_cv_libc_defines_sys_errlist="no" - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libc_defines_sys_errlist" >&5 -$as_echo "$ac_cv_libc_defines_sys_errlist" >&6; } -if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then - -$as_echo "#define HAVE_SYS_ERRLIST 1" >>confdefs.h - -fi - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if libc defines sys_nerr" >&5 -$as_echo_n "checking if libc defines sys_nerr... " >&6; } -if ${ac_cv_libc_defines_sys_nerr+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - extern int sys_nerr; printf("%i", sys_nerr); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_libc_defines_sys_nerr="yes" -else - ac_cv_libc_defines_sys_nerr="no" - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libc_defines_sys_nerr" >&5 -$as_echo "$ac_cv_libc_defines_sys_nerr" >&6; } -if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then - -$as_echo "#define HAVE_SYS_NERR 1" >>confdefs.h - -fi - -# Check libraries needed by DNS fingerprint support -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing getrrsetbyname" >&5 -$as_echo_n "checking for library containing getrrsetbyname... " >&6; } -if ${ac_cv_search_getrrsetbyname+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getrrsetbyname (); -int -main () -{ -return getrrsetbyname (); - ; - return 0; -} -_ACEOF -for ac_lib in '' resolv; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_getrrsetbyname=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_getrrsetbyname+:} false; then : - break -fi -done -if ${ac_cv_search_getrrsetbyname+:} false; then : - -else - ac_cv_search_getrrsetbyname=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_getrrsetbyname" >&5 -$as_echo "$ac_cv_search_getrrsetbyname" >&6; } -ac_res=$ac_cv_search_getrrsetbyname -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -$as_echo "#define HAVE_GETRRSETBYNAME 1" >>confdefs.h - -else - - # Needed by our getrrsetbyname() - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing res_query" >&5 -$as_echo_n "checking for library containing res_query... " >&6; } -if ${ac_cv_search_res_query+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char res_query (); -int -main () -{ -return res_query (); - ; - return 0; -} -_ACEOF -for ac_lib in '' resolv; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_res_query=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_res_query+:} false; then : - break -fi -done -if ${ac_cv_search_res_query+:} false; then : - -else - ac_cv_search_res_query=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_res_query" >&5 -$as_echo "$ac_cv_search_res_query" >&6; } -ac_res=$ac_cv_search_res_query -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing dn_expand" >&5 -$as_echo_n "checking for library containing dn_expand... " >&6; } -if ${ac_cv_search_dn_expand+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dn_expand (); -int -main () -{ -return dn_expand (); - ; - return 0; -} -_ACEOF -for ac_lib in '' resolv; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_dn_expand=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_dn_expand+:} false; then : - break -fi -done -if ${ac_cv_search_dn_expand+:} false; then : - -else - ac_cv_search_dn_expand=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_dn_expand" >&5 -$as_echo "$ac_cv_search_dn_expand" >&6; } -ac_res=$ac_cv_search_dn_expand -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if res_query will link" >&5 -$as_echo_n "checking if res_query will link... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#include -#include -#include - -int -main () -{ - - res_query (0, 0, 0, 0, 0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - saved_LIBS="$LIBS" - LIBS="$LIBS -lresolv" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for res_query in -lresolv" >&5 -$as_echo_n "checking for res_query in -lresolv... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#include -#include -#include - -int -main () -{ - - res_query (0, 0, 0, 0, 0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - LIBS="$saved_LIBS" - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - for ac_func in _getshort _getlong -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - - ac_fn_c_check_decl "$LINENO" "_getshort" "ac_cv_have_decl__getshort" "#include - #include -" -if test "x$ac_cv_have_decl__getshort" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL__GETSHORT $ac_have_decl -_ACEOF -ac_fn_c_check_decl "$LINENO" "_getlong" "ac_cv_have_decl__getlong" "#include - #include -" -if test "x$ac_cv_have_decl__getlong" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL__GETLONG $ac_have_decl -_ACEOF - - ac_fn_c_check_member "$LINENO" "HEADER" "ad" "ac_cv_member_HEADER_ad" "#include -" -if test "x$ac_cv_member_HEADER_ad" = xyes; then : - -$as_echo "#define HAVE_HEADER_AD 1" >>confdefs.h - -fi - - -fi - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if struct __res_state _res is an extern" >&5 -$as_echo_n "checking if struct __res_state _res is an extern... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#if HAVE_SYS_TYPES_H -# include -#endif -#include -#include -#include -extern struct __res_state _res; - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define HAVE__RES_EXTERN 1" >>confdefs.h - - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - -# Check whether user wants SELinux support -SELINUX_MSG="no" -LIBSELINUX="" - -# Check whether --with-selinux was given. -if test "${with_selinux+set}" = set; then : - withval=$with_selinux; if test "x$withval" != "xno" ; then - save_LIBS="$LIBS" - -$as_echo "#define WITH_SELINUX 1" >>confdefs.h - - SELINUX_MSG="yes" - ac_fn_c_check_header_mongrel "$LINENO" "selinux/selinux.h" "ac_cv_header_selinux_selinux_h" "$ac_includes_default" -if test "x$ac_cv_header_selinux_selinux_h" = xyes; then : - -else - as_fn_error $? "SELinux support requires selinux.h header" "$LINENO" 5 -fi - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for setexeccon in -lselinux" >&5 -$as_echo_n "checking for setexeccon in -lselinux... " >&6; } -if ${ac_cv_lib_selinux_setexeccon+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lselinux $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char setexeccon (); -int -main () -{ -return setexeccon (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_selinux_setexeccon=yes -else - ac_cv_lib_selinux_setexeccon=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_selinux_setexeccon" >&5 -$as_echo "$ac_cv_lib_selinux_setexeccon" >&6; } -if test "x$ac_cv_lib_selinux_setexeccon" = xyes; then : - LIBSELINUX="-lselinux" - LIBS="$LIBS -lselinux" - -else - as_fn_error $? "SELinux support requires libselinux library" "$LINENO" 5 -fi - - SSHLIBS="$SSHLIBS $LIBSELINUX" - SSHDLIBS="$SSHDLIBS $LIBSELINUX" - for ac_func in getseuserbyname get_default_context_with_level -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - - LIBS="$save_LIBS" - fi - -fi - - - - -# Check whether user wants Kerberos 5 support -KRB5_MSG="no" - -# Check whether --with-kerberos5 was given. -if test "${with_kerberos5+set}" = set; then : - withval=$with_kerberos5; if test "x$withval" != "xno" ; then - if test "x$withval" = "xyes" ; then - KRB5ROOT="/usr/local" - else - KRB5ROOT=${withval} - fi - - -$as_echo "#define KRB5 1" >>confdefs.h - - KRB5_MSG="yes" - - # Extract the first word of "krb5-config", so it can be a program name with args. -set dummy krb5-config; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_KRB5CONF+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $KRB5CONF in - [\\/]* | ?:[\\/]*) - ac_cv_path_KRB5CONF="$KRB5CONF" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -as_dummy="$KRB5ROOT/bin:$PATH" -for as_dir in $as_dummy -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_KRB5CONF="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - test -z "$ac_cv_path_KRB5CONF" && ac_cv_path_KRB5CONF="$KRB5ROOT/bin/krb5-config" - ;; -esac -fi -KRB5CONF=$ac_cv_path_KRB5CONF -if test -n "$KRB5CONF"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $KRB5CONF" >&5 -$as_echo "$KRB5CONF" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - if test -x $KRB5CONF ; then - K5CFLAGS="`$KRB5CONF --cflags`" - K5LIBS="`$KRB5CONF --libs`" - CPPFLAGS="$CPPFLAGS $K5CFLAGS" - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gssapi support" >&5 -$as_echo_n "checking for gssapi support... " >&6; } - if $KRB5CONF | grep gssapi >/dev/null ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define GSSAPI 1" >>confdefs.h - - GSSCFLAGS="`$KRB5CONF --cflags gssapi`" - GSSLIBS="`$KRB5CONF --libs gssapi`" - CPPFLAGS="$CPPFLAGS $GSSCFLAGS" - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using Heimdal" >&5 -$as_echo_n "checking whether we are using Heimdal... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include - -int -main () -{ - char *tmp = heimdal_version; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define HEIMDAL 1" >>confdefs.h - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - else - CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" - LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using Heimdal" >&5 -$as_echo_n "checking whether we are using Heimdal... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include - -int -main () -{ - char *tmp = heimdal_version; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - $as_echo "#define HEIMDAL 1" >>confdefs.h - - K5LIBS="-lkrb5" - K5LIBS="$K5LIBS -lcom_err -lasn1" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for net_write in -lroken" >&5 -$as_echo_n "checking for net_write in -lroken... " >&6; } -if ${ac_cv_lib_roken_net_write+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lroken $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char net_write (); -int -main () -{ -return net_write (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_roken_net_write=yes -else - ac_cv_lib_roken_net_write=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_roken_net_write" >&5 -$as_echo "$ac_cv_lib_roken_net_write" >&6; } -if test "x$ac_cv_lib_roken_net_write" = xyes; then : - K5LIBS="$K5LIBS -lroken" -fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for des_cbc_encrypt in -ldes" >&5 -$as_echo_n "checking for des_cbc_encrypt in -ldes... " >&6; } -if ${ac_cv_lib_des_des_cbc_encrypt+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-ldes $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char des_cbc_encrypt (); -int -main () -{ -return des_cbc_encrypt (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_des_des_cbc_encrypt=yes -else - ac_cv_lib_des_des_cbc_encrypt=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_des_des_cbc_encrypt" >&5 -$as_echo "$ac_cv_lib_des_des_cbc_encrypt" >&6; } -if test "x$ac_cv_lib_des_des_cbc_encrypt" = xyes; then : - K5LIBS="$K5LIBS -ldes" -fi - - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - K5LIBS="-lkrb5 -lk5crypto -lcom_err" - - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing dn_expand" >&5 -$as_echo_n "checking for library containing dn_expand... " >&6; } -if ${ac_cv_search_dn_expand+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dn_expand (); -int -main () -{ -return dn_expand (); - ; - return 0; -} -_ACEOF -for ac_lib in '' resolv; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_dn_expand=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_dn_expand+:} false; then : - break -fi -done -if ${ac_cv_search_dn_expand+:} false; then : - -else - ac_cv_search_dn_expand=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_dn_expand" >&5 -$as_echo "$ac_cv_search_dn_expand" >&6; } -ac_res=$ac_cv_search_dn_expand -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -fi - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gss_init_sec_context in -lgssapi_krb5" >&5 -$as_echo_n "checking for gss_init_sec_context in -lgssapi_krb5... " >&6; } -if ${ac_cv_lib_gssapi_krb5_gss_init_sec_context+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lgssapi_krb5 $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char gss_init_sec_context (); -int -main () -{ -return gss_init_sec_context (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_gssapi_krb5_gss_init_sec_context=yes -else - ac_cv_lib_gssapi_krb5_gss_init_sec_context=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_gssapi_krb5_gss_init_sec_context" >&5 -$as_echo "$ac_cv_lib_gssapi_krb5_gss_init_sec_context" >&6; } -if test "x$ac_cv_lib_gssapi_krb5_gss_init_sec_context" = xyes; then : - $as_echo "#define GSSAPI 1" >>confdefs.h - - GSSLIBS="-lgssapi_krb5" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gss_init_sec_context in -lgssapi" >&5 -$as_echo_n "checking for gss_init_sec_context in -lgssapi... " >&6; } -if ${ac_cv_lib_gssapi_gss_init_sec_context+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lgssapi $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char gss_init_sec_context (); -int -main () -{ -return gss_init_sec_context (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_gssapi_gss_init_sec_context=yes -else - ac_cv_lib_gssapi_gss_init_sec_context=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_gssapi_gss_init_sec_context" >&5 -$as_echo "$ac_cv_lib_gssapi_gss_init_sec_context" >&6; } -if test "x$ac_cv_lib_gssapi_gss_init_sec_context" = xyes; then : - $as_echo "#define GSSAPI 1" >>confdefs.h - - GSSLIBS="-lgssapi" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gss_init_sec_context in -lgss" >&5 -$as_echo_n "checking for gss_init_sec_context in -lgss... " >&6; } -if ${ac_cv_lib_gss_gss_init_sec_context+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lgss $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char gss_init_sec_context (); -int -main () -{ -return gss_init_sec_context (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_gss_gss_init_sec_context=yes -else - ac_cv_lib_gss_gss_init_sec_context=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_gss_gss_init_sec_context" >&5 -$as_echo "$ac_cv_lib_gss_gss_init_sec_context" >&6; } -if test "x$ac_cv_lib_gss_gss_init_sec_context" = xyes; then : - $as_echo "#define GSSAPI 1" >>confdefs.h - - GSSLIBS="-lgss" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Cannot find any suitable gss-api library - build may fail" >&5 -$as_echo "$as_me: WARNING: Cannot find any suitable gss-api library - build may fail" >&2;} -fi - - -fi - - -fi - - - ac_fn_c_check_header_mongrel "$LINENO" "gssapi.h" "ac_cv_header_gssapi_h" "$ac_includes_default" -if test "x$ac_cv_header_gssapi_h" = xyes; then : - -else - unset ac_cv_header_gssapi_h - CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" - for ac_header in gssapi.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "gssapi.h" "ac_cv_header_gssapi_h" "$ac_includes_default" -if test "x$ac_cv_header_gssapi_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_GSSAPI_H 1 -_ACEOF - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Cannot find any suitable gss-api header - build may fail" >&5 -$as_echo "$as_me: WARNING: Cannot find any suitable gss-api header - build may fail" >&2;} - -fi - -done - - - -fi - - - - oldCPP="$CPPFLAGS" - CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" - ac_fn_c_check_header_mongrel "$LINENO" "gssapi_krb5.h" "ac_cv_header_gssapi_krb5_h" "$ac_includes_default" -if test "x$ac_cv_header_gssapi_krb5_h" = xyes; then : - -else - CPPFLAGS="$oldCPP" -fi - - - - fi - if test ! -z "$need_dash_r" ; then - LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" - fi - if test ! -z "$blibpath" ; then - blibpath="$blibpath:${KRB5ROOT}/lib" - fi - - for ac_header in gssapi.h gssapi/gssapi.h -do : - as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - for ac_header in gssapi_krb5.h gssapi/gssapi_krb5.h -do : - as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - for ac_header in gssapi_generic.h gssapi/gssapi_generic.h -do : - as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing k_hasafs" >&5 -$as_echo_n "checking for library containing k_hasafs... " >&6; } -if ${ac_cv_search_k_hasafs+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char k_hasafs (); -int -main () -{ -return k_hasafs (); - ; - return 0; -} -_ACEOF -for ac_lib in '' kafs; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_k_hasafs=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_k_hasafs+:} false; then : - break -fi -done -if ${ac_cv_search_k_hasafs+:} false; then : - -else - ac_cv_search_k_hasafs=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_k_hasafs" >&5 -$as_echo "$ac_cv_search_k_hasafs" >&6; } -ac_res=$ac_cv_search_k_hasafs -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -$as_echo "#define USE_AFS 1" >>confdefs.h - -fi - - - ac_fn_c_check_decl "$LINENO" "GSS_C_NT_HOSTBASED_SERVICE" "ac_cv_have_decl_GSS_C_NT_HOSTBASED_SERVICE" " -#ifdef HAVE_GSSAPI_H -# include -#elif defined(HAVE_GSSAPI_GSSAPI_H) -# include -#endif - -#ifdef HAVE_GSSAPI_GENERIC_H -# include -#elif defined(HAVE_GSSAPI_GSSAPI_GENERIC_H) -# include -#endif - -" -if test "x$ac_cv_have_decl_GSS_C_NT_HOSTBASED_SERVICE" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_GSS_C_NT_HOSTBASED_SERVICE $ac_have_decl -_ACEOF - - saved_LIBS="$LIBS" - LIBS="$LIBS $K5LIBS" - for ac_func in krb5_cc_new_unique krb5_get_error_message krb5_free_error_message -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - - LIBS="$saved_LIBS" - - fi - - -fi - - - - -# Looking for programs, paths and files - -PRIVSEP_PATH=/var/empty - -# Check whether --with-privsep-path was given. -if test "${with_privsep_path+set}" = set; then : - withval=$with_privsep_path; - if test -n "$withval" && test "x$withval" != "xno" && \ - test "x${withval}" != "xyes"; then - PRIVSEP_PATH=$withval - fi - - -fi - - - - -# Check whether --with-xauth was given. -if test "${with_xauth+set}" = set; then : - withval=$with_xauth; - if test -n "$withval" && test "x$withval" != "xno" && \ - test "x${withval}" != "xyes"; then - xauth_path=$withval - fi - -else - - TestPath="$PATH" - TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin" - TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11" - TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin" - TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin" - # Extract the first word of "xauth", so it can be a program name with args. -set dummy xauth; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_xauth_path+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $xauth_path in - [\\/]* | ?:[\\/]*) - ac_cv_path_xauth_path="$xauth_path" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $TestPath -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_xauth_path="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -xauth_path=$ac_cv_path_xauth_path -if test -n "$xauth_path"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $xauth_path" >&5 -$as_echo "$xauth_path" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then - xauth_path="/usr/openwin/bin/xauth" - fi - - -fi - - -STRIP_OPT=-s -# Check whether --enable-strip was given. -if test "${enable_strip+set}" = set; then : - enableval=$enable_strip; - if test "x$enableval" = "xno" ; then - STRIP_OPT= - fi - - -fi - - - -if test -z "$xauth_path" ; then - XAUTH_PATH="undefined" - -else - -cat >>confdefs.h <<_ACEOF -#define XAUTH_PATH "$xauth_path" -_ACEOF - - XAUTH_PATH=$xauth_path - -fi - -# Check for mail directory - -# Check whether --with-maildir was given. -if test "${with_maildir+set}" = set; then : - withval=$with_maildir; - if test "X$withval" != X && test "x$withval" != xno && \ - test "x${withval}" != xyes; then - -cat >>confdefs.h <<_ACEOF -#define MAIL_DIRECTORY "$withval" -_ACEOF - - fi - -else - - if test "X$maildir" != "X"; then - cat >>confdefs.h <<_ACEOF -#define MAIL_DIRECTORY "$maildir" -_ACEOF - - else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking Discovering system mail directory" >&5 -$as_echo_n "checking Discovering system mail directory... " >&6; } - if test "$cross_compiling" = yes; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: use --with-maildir=/path/to/mail" >&5 -$as_echo "$as_me: WARNING: cross compiling: use --with-maildir=/path/to/mail" >&2;} - - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#ifdef HAVE_PATHS_H -#include -#endif -#ifdef HAVE_MAILLOCK_H -#include -#endif -#define DATA "conftest.maildir" - -int -main () -{ - - FILE *fd; - int rc; - - fd = fopen(DATA,"w"); - if(fd == NULL) - exit(1); - -#if defined (_PATH_MAILDIR) - if ((rc = fprintf(fd ,"_PATH_MAILDIR:%s\n", _PATH_MAILDIR)) <0) - exit(1); -#elif defined (MAILDIR) - if ((rc = fprintf(fd ,"MAILDIR:%s\n", MAILDIR)) <0) - exit(1); -#elif defined (_PATH_MAIL) - if ((rc = fprintf(fd ,"_PATH_MAIL:%s\n", _PATH_MAIL)) <0) - exit(1); -#else - exit (2); -#endif - - exit(0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - - maildir_what=`awk -F: '{print $1}' conftest.maildir` - maildir=`awk -F: '{print $2}' conftest.maildir \ - | sed 's|/$||'` - { $as_echo "$as_me:${as_lineno-$LINENO}: result: Using: $maildir from $maildir_what" >&5 -$as_echo "Using: $maildir from $maildir_what" >&6; } - if test "x$maildir_what" != "x_PATH_MAILDIR"; then - cat >>confdefs.h <<_ACEOF -#define MAIL_DIRECTORY "$maildir" -_ACEOF - - fi - -else - - if test "X$ac_status" = "X2";then -# our test program didn't find it. Default to /var/spool/mail - { $as_echo "$as_me:${as_lineno-$LINENO}: result: Using: default value of /var/spool/mail" >&5 -$as_echo "Using: default value of /var/spool/mail" >&6; } - cat >>confdefs.h <<_ACEOF -#define MAIL_DIRECTORY "/var/spool/mail" -_ACEOF - - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: *** not found ***" >&5 -$as_echo "*** not found ***" >&6; } - fi - -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - fi - - -fi - # maildir - -if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: Disabling /dev/ptmx test" >&5 -$as_echo "$as_me: WARNING: cross compiling: Disabling /dev/ptmx test" >&2;} - disable_ptmx_check=yes -fi -if test -z "$no_dev_ptmx" ; then - if test "x$disable_ptmx_check" != "xyes" ; then - as_ac_File=`$as_echo "ac_cv_file_"/dev/ptmx"" | $as_tr_sh` -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for \"/dev/ptmx\"" >&5 -$as_echo_n "checking for \"/dev/ptmx\"... " >&6; } -if eval \${$as_ac_File+:} false; then : - $as_echo_n "(cached) " >&6 -else - test "$cross_compiling" = yes && - as_fn_error $? "cannot check for file existence when cross compiling" "$LINENO" 5 -if test -r ""/dev/ptmx""; then - eval "$as_ac_File=yes" -else - eval "$as_ac_File=no" -fi -fi -eval ac_res=\$$as_ac_File - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } -if eval test \"x\$"$as_ac_File"\" = x"yes"; then : - - -cat >>confdefs.h <<_ACEOF -#define HAVE_DEV_PTMX 1 -_ACEOF - - have_dev_ptmx=1 - - -fi - - fi -fi - -if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then - as_ac_File=`$as_echo "ac_cv_file_"/dev/ptc"" | $as_tr_sh` -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for \"/dev/ptc\"" >&5 -$as_echo_n "checking for \"/dev/ptc\"... " >&6; } -if eval \${$as_ac_File+:} false; then : - $as_echo_n "(cached) " >&6 -else - test "$cross_compiling" = yes && - as_fn_error $? "cannot check for file existence when cross compiling" "$LINENO" 5 -if test -r ""/dev/ptc""; then - eval "$as_ac_File=yes" -else - eval "$as_ac_File=no" -fi -fi -eval ac_res=\$$as_ac_File - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } -if eval test \"x\$"$as_ac_File"\" = x"yes"; then : - - -cat >>confdefs.h <<_ACEOF -#define HAVE_DEV_PTS_AND_PTC 1 -_ACEOF - - have_dev_ptc=1 - - -fi - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: Disabling /dev/ptc test" >&5 -$as_echo "$as_me: WARNING: cross compiling: Disabling /dev/ptc test" >&2;} -fi - -# Options from here on. Some of these are preset by platform above - -# Check whether --with-mantype was given. -if test "${with_mantype+set}" = set; then : - withval=$with_mantype; - case "$withval" in - man|cat|doc) - MANTYPE=$withval - ;; - *) - as_fn_error $? "invalid man type: $withval" "$LINENO" 5 - ;; - esac - - -fi - -if test -z "$MANTYPE"; then - TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb" - for ac_prog in nroff awf -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_NROFF+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $NROFF in - [\\/]* | ?:[\\/]*) - ac_cv_path_NROFF="$NROFF" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $TestPath -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_NROFF="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -NROFF=$ac_cv_path_NROFF -if test -n "$NROFF"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $NROFF" >&5 -$as_echo "$NROFF" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$NROFF" && break -done -test -n "$NROFF" || NROFF="/bin/false" - - if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then - MANTYPE=doc - elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then - MANTYPE=man - else - MANTYPE=cat - fi -fi - -if test "$MANTYPE" = "doc"; then - mansubdir=man; -else - mansubdir=$MANTYPE; -fi - - -# Check whether to enable MD5 passwords -MD5_MSG="no" - -# Check whether --with-md5-passwords was given. -if test "${with_md5_passwords+set}" = set; then : - withval=$with_md5_passwords; - if test "x$withval" != "xno" ; then - -$as_echo "#define HAVE_MD5_PASSWORDS 1" >>confdefs.h - - MD5_MSG="yes" - fi - - -fi - - -# Whether to disable shadow password support - -# Check whether --with-shadow was given. -if test "${with_shadow+set}" = set; then : - withval=$with_shadow; - if test "x$withval" = "xno" ; then - $as_echo "#define DISABLE_SHADOW 1" >>confdefs.h - - disable_shadow=yes - fi - - -fi - - -if test -z "$disable_shadow" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if the systems has expire shadow information" >&5 -$as_echo_n "checking if the systems has expire shadow information... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -struct spwd sp; - -int -main () -{ - sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - sp_expire_available=yes -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - - if test "x$sp_expire_available" = "xyes" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define HAS_SHADOW_EXPIRE 1" >>confdefs.h - - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi -fi - -# Use ip address instead of hostname in $DISPLAY -if test ! -z "$IPADDR_IN_DISPLAY" ; then - DISPLAY_HACK_MSG="yes" - -$as_echo "#define IPADDR_IN_DISPLAY 1" >>confdefs.h - -else - DISPLAY_HACK_MSG="no" - -# Check whether --with-ipaddr-display was given. -if test "${with_ipaddr_display+set}" = set; then : - withval=$with_ipaddr_display; - if test "x$withval" != "xno" ; then - $as_echo "#define IPADDR_IN_DISPLAY 1" >>confdefs.h - - DISPLAY_HACK_MSG="yes" - fi - - -fi - -fi - -# check for /etc/default/login and use it if present. -# Check whether --enable-etc-default-login was given. -if test "${enable_etc_default_login+set}" = set; then : - enableval=$enable_etc_default_login; if test "x$enableval" = "xno"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: /etc/default/login handling disabled" >&5 -$as_echo "$as_me: /etc/default/login handling disabled" >&6;} - etc_default_login=no - else - etc_default_login=yes - fi -else - if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; - then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking /etc/default/login" >&5 -$as_echo "$as_me: WARNING: cross compiling: not checking /etc/default/login" >&2;} - etc_default_login=no - else - etc_default_login=yes - fi - -fi - - -if test "x$etc_default_login" != "xno"; then - as_ac_File=`$as_echo "ac_cv_file_"/etc/default/login"" | $as_tr_sh` -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for \"/etc/default/login\"" >&5 -$as_echo_n "checking for \"/etc/default/login\"... " >&6; } -if eval \${$as_ac_File+:} false; then : - $as_echo_n "(cached) " >&6 -else - test "$cross_compiling" = yes && - as_fn_error $? "cannot check for file existence when cross compiling" "$LINENO" 5 -if test -r ""/etc/default/login""; then - eval "$as_ac_File=yes" -else - eval "$as_ac_File=no" -fi -fi -eval ac_res=\$$as_ac_File - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } -if eval test \"x\$"$as_ac_File"\" = x"yes"; then : - external_path_file=/etc/default/login -fi - - if test "x$external_path_file" = "x/etc/default/login"; then - -$as_echo "#define HAVE_ETC_DEFAULT_LOGIN 1" >>confdefs.h - - fi -fi - -if test $ac_cv_func_login_getcapbool = "yes" && \ - test $ac_cv_header_login_cap_h = "yes" ; then - external_path_file=/etc/login.conf -fi - -# Whether to mess with the default path -SERVER_PATH_MSG="(default)" - -# Check whether --with-default-path was given. -if test "${with_default_path+set}" = set; then : - withval=$with_default_path; - if test "x$external_path_file" = "x/etc/login.conf" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: ---with-default-path=PATH has no effect on this system. -Edit /etc/login.conf instead." >&5 -$as_echo "$as_me: WARNING: ---with-default-path=PATH has no effect on this system. -Edit /etc/login.conf instead." >&2;} - elif test "x$withval" != "xno" ; then - if test ! -z "$external_path_file" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: ---with-default-path=PATH will only be used if PATH is not defined in -$external_path_file ." >&5 -$as_echo "$as_me: WARNING: ---with-default-path=PATH will only be used if PATH is not defined in -$external_path_file ." >&2;} - fi - user_path="$withval" - SERVER_PATH_MSG="$withval" - fi - -else - if test "x$external_path_file" = "x/etc/login.conf" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Make sure the path to scp is in /etc/login.conf" >&5 -$as_echo "$as_me: WARNING: Make sure the path to scp is in /etc/login.conf" >&2;} - else - if test ! -z "$external_path_file" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: -If PATH is defined in $external_path_file, ensure the path to scp is included, -otherwise scp will not work." >&5 -$as_echo "$as_me: WARNING: -If PATH is defined in $external_path_file, ensure the path to scp is included, -otherwise scp will not work." >&2;} - fi - if test "$cross_compiling" = yes; then : - user_path="/usr/bin:/bin:/usr/sbin:/sbin" - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* find out what STDPATH is */ -#include -#ifdef HAVE_PATHS_H -# include -#endif -#ifndef _PATH_STDPATH -# ifdef _PATH_USERPATH /* Irix */ -# define _PATH_STDPATH _PATH_USERPATH -# else -# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin" -# endif -#endif -#include -#include -#include -#define DATA "conftest.stdpath" - -int -main () -{ - - FILE *fd; - int rc; - - fd = fopen(DATA,"w"); - if(fd == NULL) - exit(1); - - if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0) - exit(1); - - exit(0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - user_path=`cat conftest.stdpath` -else - user_path="/usr/bin:/bin:/usr/sbin:/sbin" -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -# make sure $bindir is in USER_PATH so scp will work - t_bindir="${bindir}" - while echo "${t_bindir}" | egrep '\$\{|NONE/' >/dev/null 2>&1; do - t_bindir=`eval echo ${t_bindir}` - case $t_bindir in - NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;; - esac - case $t_bindir in - NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;; - esac - done - echo $user_path | grep ":$t_bindir" > /dev/null 2>&1 - if test $? -ne 0 ; then - echo $user_path | grep "^$t_bindir" > /dev/null 2>&1 - if test $? -ne 0 ; then - user_path=$user_path:$t_bindir - { $as_echo "$as_me:${as_lineno-$LINENO}: result: Adding $t_bindir to USER_PATH so scp will work" >&5 -$as_echo "Adding $t_bindir to USER_PATH so scp will work" >&6; } - fi - fi - fi - -fi - -if test "x$external_path_file" != "x/etc/login.conf" ; then - -cat >>confdefs.h <<_ACEOF -#define USER_PATH "$user_path" -_ACEOF - - -fi - -# Set superuser path separately to user path - -# Check whether --with-superuser-path was given. -if test "${with_superuser_path+set}" = set; then : - withval=$with_superuser_path; - if test -n "$withval" && test "x$withval" != "xno" && \ - test "x${withval}" != "xyes"; then - -cat >>confdefs.h <<_ACEOF -#define SUPERUSER_PATH "$withval" -_ACEOF - - superuser_path=$withval - fi - - -fi - - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if we need to convert IPv4 in IPv6-mapped addresses" >&5 -$as_echo_n "checking if we need to convert IPv4 in IPv6-mapped addresses... " >&6; } -IPV4_IN6_HACK_MSG="no" - -# Check whether --with-4in6 was given. -if test "${with_4in6+set}" = set; then : - withval=$with_4in6; - if test "x$withval" != "xno" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define IPV4_IN_IPV6 1" >>confdefs.h - - IPV4_IN6_HACK_MSG="yes" - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - -else - - if test "x$inet6_default_4in6" = "xyes"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes (default)" >&5 -$as_echo "yes (default)" >&6; } - $as_echo "#define IPV4_IN_IPV6 1" >>confdefs.h - - IPV4_IN6_HACK_MSG="yes" - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no (default)" >&5 -$as_echo "no (default)" >&6; } - fi - - -fi - - -# Whether to enable BSD auth support -BSD_AUTH_MSG=no - -# Check whether --with-bsd-auth was given. -if test "${with_bsd_auth+set}" = set; then : - withval=$with_bsd_auth; - if test "x$withval" != "xno" ; then - -$as_echo "#define BSD_AUTH 1" >>confdefs.h - - BSD_AUTH_MSG=yes - fi - - -fi - - -# Where to place sshd.pid -piddir=/var/run -# make sure the directory exists -if test ! -d $piddir ; then - piddir=`eval echo ${sysconfdir}` - case $piddir in - NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; - esac -fi - - -# Check whether --with-pid-dir was given. -if test "${with_pid_dir+set}" = set; then : - withval=$with_pid_dir; - if test -n "$withval" && test "x$withval" != "xno" && \ - test "x${withval}" != "xyes"; then - piddir=$withval - if test ! -d $piddir ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: ** no $piddir directory on this system **" >&5 -$as_echo "$as_me: WARNING: ** no $piddir directory on this system **" >&2;} - fi - fi - - -fi - - - -cat >>confdefs.h <<_ACEOF -#define _PATH_SSH_PIDDIR "$piddir" -_ACEOF - - - -# Check whether --enable-lastlog was given. -if test "${enable_lastlog+set}" = set; then : - enableval=$enable_lastlog; - if test "x$enableval" = "xno" ; then - $as_echo "#define DISABLE_LASTLOG 1" >>confdefs.h - - fi - - -fi - -# Check whether --enable-utmp was given. -if test "${enable_utmp+set}" = set; then : - enableval=$enable_utmp; - if test "x$enableval" = "xno" ; then - $as_echo "#define DISABLE_UTMP 1" >>confdefs.h - - fi - - -fi - -# Check whether --enable-utmpx was given. -if test "${enable_utmpx+set}" = set; then : - enableval=$enable_utmpx; - if test "x$enableval" = "xno" ; then - -$as_echo "#define DISABLE_UTMPX 1" >>confdefs.h - - fi - - -fi - -# Check whether --enable-wtmp was given. -if test "${enable_wtmp+set}" = set; then : - enableval=$enable_wtmp; - if test "x$enableval" = "xno" ; then - $as_echo "#define DISABLE_WTMP 1" >>confdefs.h - - fi - - -fi - -# Check whether --enable-wtmpx was given. -if test "${enable_wtmpx+set}" = set; then : - enableval=$enable_wtmpx; - if test "x$enableval" = "xno" ; then - -$as_echo "#define DISABLE_WTMPX 1" >>confdefs.h - - fi - - -fi - -# Check whether --enable-libutil was given. -if test "${enable_libutil+set}" = set; then : - enableval=$enable_libutil; - if test "x$enableval" = "xno" ; then - $as_echo "#define DISABLE_LOGIN 1" >>confdefs.h - - fi - - -fi - -# Check whether --enable-pututline was given. -if test "${enable_pututline+set}" = set; then : - enableval=$enable_pututline; - if test "x$enableval" = "xno" ; then - -$as_echo "#define DISABLE_PUTUTLINE 1" >>confdefs.h - - fi - - -fi - -# Check whether --enable-pututxline was given. -if test "${enable_pututxline+set}" = set; then : - enableval=$enable_pututxline; - if test "x$enableval" = "xno" ; then - -$as_echo "#define DISABLE_PUTUTXLINE 1" >>confdefs.h - - fi - - -fi - - -# Check whether --with-lastlog was given. -if test "${with_lastlog+set}" = set; then : - withval=$with_lastlog; - if test "x$withval" = "xno" ; then - $as_echo "#define DISABLE_LASTLOG 1" >>confdefs.h - - elif test -n "$withval" && test "x${withval}" != "xyes"; then - conf_lastlog_location=$withval - fi - - -fi - - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if your system defines LASTLOG_FILE" >&5 -$as_echo_n "checking if your system defines LASTLOG_FILE... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#ifdef HAVE_LASTLOG_H -# include -#endif -#ifdef HAVE_PATHS_H -# include -#endif -#ifdef HAVE_LOGIN_H -# include -#endif - -int -main () -{ - char *lastlog = LASTLOG_FILE; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if your system defines _PATH_LASTLOG" >&5 -$as_echo_n "checking if your system defines _PATH_LASTLOG... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#ifdef HAVE_LASTLOG_H -# include -#endif -#ifdef HAVE_PATHS_H -# include -#endif - -int -main () -{ - char *lastlog = _PATH_LASTLOG; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - system_lastlog_path=no - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -if test -z "$conf_lastlog_location"; then - if test x"$system_lastlog_path" = x"no" ; then - for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do - if (test -d "$f" || test -f "$f") ; then - conf_lastlog_location=$f - fi - done - if test -z "$conf_lastlog_location"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: ** Cannot find lastlog **" >&5 -$as_echo "$as_me: WARNING: ** Cannot find lastlog **" >&2;} - fi - fi -fi - -if test -n "$conf_lastlog_location"; then - -cat >>confdefs.h <<_ACEOF -#define CONF_LASTLOG_FILE "$conf_lastlog_location" -_ACEOF - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if your system defines UTMP_FILE" >&5 -$as_echo_n "checking if your system defines UTMP_FILE... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#ifdef HAVE_PATHS_H -# include -#endif - -int -main () -{ - char *utmp = UTMP_FILE; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - system_utmp_path=no - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -if test -z "$conf_utmp_location"; then - if test x"$system_utmp_path" = x"no" ; then - for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do - if test -f $f ; then - conf_utmp_location=$f - fi - done - if test -z "$conf_utmp_location"; then - $as_echo "#define DISABLE_UTMP 1" >>confdefs.h - - fi - fi -fi -if test -n "$conf_utmp_location"; then - -cat >>confdefs.h <<_ACEOF -#define CONF_UTMP_FILE "$conf_utmp_location" -_ACEOF - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if your system defines WTMP_FILE" >&5 -$as_echo_n "checking if your system defines WTMP_FILE... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#ifdef HAVE_PATHS_H -# include -#endif - -int -main () -{ - char *wtmp = WTMP_FILE; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - system_wtmp_path=no - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -if test -z "$conf_wtmp_location"; then - if test x"$system_wtmp_path" = x"no" ; then - for f in /usr/adm/wtmp /var/log/wtmp; do - if test -f $f ; then - conf_wtmp_location=$f - fi - done - if test -z "$conf_wtmp_location"; then - $as_echo "#define DISABLE_WTMP 1" >>confdefs.h - - fi - fi -fi -if test -n "$conf_wtmp_location"; then - -cat >>confdefs.h <<_ACEOF -#define CONF_WTMP_FILE "$conf_wtmp_location" -_ACEOF - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if your system defines WTMPX_FILE" >&5 -$as_echo_n "checking if your system defines WTMPX_FILE... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#ifdef HAVE_UTMPX_H -#include -#endif -#ifdef HAVE_PATHS_H -# include -#endif - -int -main () -{ - char *wtmpx = WTMPX_FILE; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - system_wtmpx_path=no - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -if test -z "$conf_wtmpx_location"; then - if test x"$system_wtmpx_path" = x"no" ; then - $as_echo "#define DISABLE_WTMPX 1" >>confdefs.h - - fi -else - -cat >>confdefs.h <<_ACEOF -#define CONF_WTMPX_FILE "$conf_wtmpx_location" -_ACEOF - -fi - - -if test ! -z "$blibpath" ; then - LDFLAGS="$LDFLAGS $blibflags$blibpath" - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Please check and edit blibpath in LDFLAGS in Makefile" >&5 -$as_echo "$as_me: WARNING: Please check and edit blibpath in LDFLAGS in Makefile" >&2;} -fi - -ac_fn_c_check_member "$LINENO" "struct lastlog" "ll_line" "ac_cv_member_struct_lastlog_ll_line" " -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_UTMP_H -#include -#endif -#ifdef HAVE_UTMPX_H -#include -#endif -#ifdef HAVE_LASTLOG_H -#include -#endif - -" -if test "x$ac_cv_member_struct_lastlog_ll_line" = xyes; then : - -else - - if test x$SKIP_DISABLE_LASTLOG_DEFINE != "xyes" ; then - $as_echo "#define DISABLE_LASTLOG 1" >>confdefs.h - - fi - -fi - - -ac_fn_c_check_member "$LINENO" "struct utmp" "ut_line" "ac_cv_member_struct_utmp_ut_line" " -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_UTMP_H -#include -#endif -#ifdef HAVE_UTMPX_H -#include -#endif -#ifdef HAVE_LASTLOG_H -#include -#endif - -" -if test "x$ac_cv_member_struct_utmp_ut_line" = xyes; then : - -else - - $as_echo "#define DISABLE_UTMP 1" >>confdefs.h - - $as_echo "#define DISABLE_WTMP 1" >>confdefs.h - - -fi - - -CFLAGS="$CFLAGS $werror_flags" - -if test "x$ac_cv_func_getaddrinfo" != "xyes" ; then - TEST_SSH_IPV6=no -else - TEST_SSH_IPV6=yes -fi -ac_fn_c_check_decl "$LINENO" "BROKEN_GETADDRINFO" "ac_cv_have_decl_BROKEN_GETADDRINFO" "$ac_includes_default" -if test "x$ac_cv_have_decl_BROKEN_GETADDRINFO" = xyes; then : - TEST_SSH_IPV6=no -fi - -TEST_SSH_IPV6=$TEST_SSH_IPV6 - -TEST_MALLOC_OPTIONS=$TEST_MALLOC_OPTIONS - -UNSUPPORTED_ALGORITHMS=$unsupported_algorithms - - - -ac_config_files="$ac_config_files Makefile buildpkg.sh opensshd.init openssh.xml openbsd-compat/Makefile openbsd-compat/regress/Makefile survey.sh" - -cat >confcache <<\_ACEOF -# This file is a shell script that caches the results of configure -# tests run on this system so they can be shared between configure -# scripts and configure runs, see configure's option --config-cache. -# It is not useful on other systems. If it contains results you don't -# want to keep, you may remove or edit it. -# -# config.status only pays attention to the cache file if you give it -# the --recheck option to rerun configure. -# -# `ac_cv_env_foo' variables (set or unset) will be overridden when -# loading this file, other *unset* `ac_cv_foo' will be assigned the -# following values. - -_ACEOF - -# The following way of writing the cache mishandles newlines in values, -# but we know of no workaround that is simple, portable, and efficient. -# So, we kill variables containing newlines. -# Ultrix sh set writes to stderr and can't be redirected directly, -# and sets the high bit in the cache file unless we assign to the vars. -( - for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do - eval ac_val=\$$ac_var - case $ac_val in #( - *${as_nl}*) - case $ac_var in #( - *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 -$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; - esac - case $ac_var in #( - _ | IFS | as_nl) ;; #( - BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( - *) { eval $ac_var=; unset $ac_var;} ;; - esac ;; - esac - done - - (set) 2>&1 | - case $as_nl`(ac_space=' '; set) 2>&1` in #( - *${as_nl}ac_space=\ *) - # `set' does not quote correctly, so add quotes: double-quote - # substitution turns \\\\ into \\, and sed turns \\ into \. - sed -n \ - "s/'/'\\\\''/g; - s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" - ;; #( - *) - # `set' quotes correctly as required by POSIX, so do not add quotes. - sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" - ;; - esac | - sort -) | - sed ' - /^ac_cv_env_/b end - t clear - :clear - s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ - t end - s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ - :end' >>confcache -if diff "$cache_file" confcache >/dev/null 2>&1; then :; else - if test -w "$cache_file"; then - if test "x$cache_file" != "x/dev/null"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 -$as_echo "$as_me: updating cache $cache_file" >&6;} - if test ! -f "$cache_file" || test -h "$cache_file"; then - cat confcache >"$cache_file" - else - case $cache_file in #( - */* | ?:*) - mv -f confcache "$cache_file"$$ && - mv -f "$cache_file"$$ "$cache_file" ;; #( - *) - mv -f confcache "$cache_file" ;; - esac - fi - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 -$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} - fi -fi -rm -f confcache - -test "x$prefix" = xNONE && prefix=$ac_default_prefix -# Let make expand exec_prefix. -test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' - -DEFS=-DHAVE_CONFIG_H - -ac_libobjs= -ac_ltlibobjs= -U= -for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue - # 1. Remove the extension, and $U if already installed. - ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' - ac_i=`$as_echo "$ac_i" | sed "$ac_script"` - # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR - # will be set to the directory where LIBOBJS objects are built. - as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" - as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo' -done -LIBOBJS=$ac_libobjs - -LTLIBOBJS=$ac_ltlibobjs - - - - -: "${CONFIG_STATUS=./config.status}" -ac_write_fail=0 -ac_clean_files_save=$ac_clean_files -ac_clean_files="$ac_clean_files $CONFIG_STATUS" -{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 -$as_echo "$as_me: creating $CONFIG_STATUS" >&6;} -as_write_fail=0 -cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 -#! $SHELL -# Generated by $as_me. -# Run this file to recreate the current configuration. -# Compiler output produced by configure, useful for debugging -# configure, is in config.log if it exists. - -debug=false -ac_cs_recheck=false -ac_cs_silent=false - -SHELL=\${CONFIG_SHELL-$SHELL} -export SHELL -_ASEOF -cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 -## -------------------- ## -## M4sh Initialization. ## -## -------------------- ## - -# Be more Bourne compatible -DUALCASE=1; export DUALCASE # for MKS sh -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : - emulate sh - NULLCMD=: - # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' - setopt NO_GLOB_SUBST -else - case `(set -o) 2>/dev/null` in #( - *posix*) : - set -o posix ;; #( - *) : - ;; -esac -fi - - -as_nl=' -' -export as_nl -# Printing a long string crashes Solaris 7 /usr/bin/printf. -as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' -as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo -as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo -# Prefer a ksh shell builtin over an external printf program on Solaris, -# but without wasting forks for bash or zsh. -if test -z "$BASH_VERSION$ZSH_VERSION" \ - && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then - as_echo='print -r --' - as_echo_n='print -rn --' -elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then - as_echo='printf %s\n' - as_echo_n='printf %s' -else - if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then - as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' - as_echo_n='/usr/ucb/echo -n' - else - as_echo_body='eval expr "X$1" : "X\\(.*\\)"' - as_echo_n_body='eval - arg=$1; - case $arg in #( - *"$as_nl"*) - expr "X$arg" : "X\\(.*\\)$as_nl"; - arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; - esac; - expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" - ' - export as_echo_n_body - as_echo_n='sh -c $as_echo_n_body as_echo' - fi - export as_echo_body - as_echo='sh -c $as_echo_body as_echo' -fi - -# The user is always right. -if test "${PATH_SEPARATOR+set}" != set; then - PATH_SEPARATOR=: - (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { - (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || - PATH_SEPARATOR=';' - } -fi - - -# IFS -# We need space, tab and new line, in precisely that order. Quoting is -# there to prevent editors from complaining about space-tab. -# (If _AS_PATH_WALK were called with IFS unset, it would disable word -# splitting by setting IFS to empty value.) -IFS=" "" $as_nl" - -# Find who we are. Look in the path if we contain no directory separator. -as_myself= -case $0 in #(( - *[\\/]* ) as_myself=$0 ;; - *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break - done -IFS=$as_save_IFS - - ;; -esac -# We did not find ourselves, most probably we were run as `sh COMMAND' -# in which case we are not to be found in the path. -if test "x$as_myself" = x; then - as_myself=$0 -fi -if test ! -f "$as_myself"; then - $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 - exit 1 -fi - -# Unset variables that we do not need and which cause bugs (e.g. in -# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" -# suppresses any "Segmentation fault" message there. '((' could -# trigger a bug in pdksh 5.2.14. -for as_var in BASH_ENV ENV MAIL MAILPATH -do eval test x\${$as_var+set} = xset \ - && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : -done -PS1='$ ' -PS2='> ' -PS4='+ ' - -# NLS nuisances. -LC_ALL=C -export LC_ALL -LANGUAGE=C -export LANGUAGE - -# CDPATH. -(unset CDPATH) >/dev/null 2>&1 && unset CDPATH - - -# as_fn_error STATUS ERROR [LINENO LOG_FD] -# ---------------------------------------- -# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are -# provided, also output the error to LOG_FD, referencing LINENO. Then exit the -# script with STATUS, using 1 if that was 0. -as_fn_error () -{ - as_status=$1; test $as_status -eq 0 && as_status=1 - if test "$4"; then - as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 - fi - $as_echo "$as_me: error: $2" >&2 - as_fn_exit $as_status -} # as_fn_error - - -# as_fn_set_status STATUS -# ----------------------- -# Set $? to STATUS, without forking. -as_fn_set_status () -{ - return $1 -} # as_fn_set_status - -# as_fn_exit STATUS -# ----------------- -# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. -as_fn_exit () -{ - set +e - as_fn_set_status $1 - exit $1 -} # as_fn_exit - -# as_fn_unset VAR -# --------------- -# Portably unset VAR. -as_fn_unset () -{ - { eval $1=; unset $1;} -} -as_unset=as_fn_unset -# as_fn_append VAR VALUE -# ---------------------- -# Append the text in VALUE to the end of the definition contained in VAR. Take -# advantage of any shell optimizations that allow amortized linear growth over -# repeated appends, instead of the typical quadratic growth present in naive -# implementations. -if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : - eval 'as_fn_append () - { - eval $1+=\$2 - }' -else - as_fn_append () - { - eval $1=\$$1\$2 - } -fi # as_fn_append - -# as_fn_arith ARG... -# ------------------ -# Perform arithmetic evaluation on the ARGs, and store the result in the -# global $as_val. Take advantage of shells that can avoid forks. The arguments -# must be portable across $(()) and expr. -if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : - eval 'as_fn_arith () - { - as_val=$(( $* )) - }' -else - as_fn_arith () - { - as_val=`expr "$@" || test $? -eq 1` - } -fi # as_fn_arith - - -if expr a : '\(a\)' >/dev/null 2>&1 && - test "X`expr 00001 : '.*\(...\)'`" = X001; then - as_expr=expr -else - as_expr=false -fi - -if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then - as_basename=basename -else - as_basename=false -fi - -if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then - as_dirname=dirname -else - as_dirname=false -fi - -as_me=`$as_basename -- "$0" || -$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ - X"$0" : 'X\(//\)$' \| \ - X"$0" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X/"$0" | - sed '/^.*\/\([^/][^/]*\)\/*$/{ - s//\1/ - q - } - /^X\/\(\/\/\)$/{ - s//\1/ - q - } - /^X\/\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - -# Avoid depending upon Character Ranges. -as_cr_letters='abcdefghijklmnopqrstuvwxyz' -as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' -as_cr_Letters=$as_cr_letters$as_cr_LETTERS -as_cr_digits='0123456789' -as_cr_alnum=$as_cr_Letters$as_cr_digits - -ECHO_C= ECHO_N= ECHO_T= -case `echo -n x` in #((((( --n*) - case `echo 'xy\c'` in - *c*) ECHO_T=' ';; # ECHO_T is single tab character. - xy) ECHO_C='\c';; - *) echo `echo ksh88 bug on AIX 6.1` > /dev/null - ECHO_T=' ';; - esac;; -*) - ECHO_N='-n';; -esac - -rm -f conf$$ conf$$.exe conf$$.file -if test -d conf$$.dir; then - rm -f conf$$.dir/conf$$.file -else - rm -f conf$$.dir - mkdir conf$$.dir 2>/dev/null -fi -if (echo >conf$$.file) 2>/dev/null; then - if ln -s conf$$.file conf$$ 2>/dev/null; then - as_ln_s='ln -s' - # ... but there are two gotchas: - # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. - # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -pR'. - ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -pR' - elif ln conf$$.file conf$$ 2>/dev/null; then - as_ln_s=ln - else - as_ln_s='cp -pR' - fi -else - as_ln_s='cp -pR' -fi -rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file -rmdir conf$$.dir 2>/dev/null - - -# as_fn_mkdir_p -# ------------- -# Create "$as_dir" as a directory, including parents if necessary. -as_fn_mkdir_p () -{ - - case $as_dir in #( - -*) as_dir=./$as_dir;; - esac - test -d "$as_dir" || eval $as_mkdir_p || { - as_dirs= - while :; do - case $as_dir in #( - *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( - *) as_qdir=$as_dir;; - esac - as_dirs="'$as_qdir' $as_dirs" - as_dir=`$as_dirname -- "$as_dir" || -$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$as_dir" : 'X\(//\)[^/]' \| \ - X"$as_dir" : 'X\(//\)$' \| \ - X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X"$as_dir" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - test -d "$as_dir" && break - done - test -z "$as_dirs" || eval "mkdir $as_dirs" - } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" - - -} # as_fn_mkdir_p -if mkdir -p . 2>/dev/null; then - as_mkdir_p='mkdir -p "$as_dir"' -else - test -d ./-p && rmdir ./-p - as_mkdir_p=false -fi - - -# as_fn_executable_p FILE -# ----------------------- -# Test if FILE is an executable regular file. -as_fn_executable_p () -{ - test -f "$1" && test -x "$1" -} # as_fn_executable_p -as_test_x='test -x' -as_executable_p=as_fn_executable_p - -# Sed expression to map a string onto a valid CPP name. -as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" - -# Sed expression to map a string onto a valid variable name. -as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" - - -exec 6>&1 -## ----------------------------------- ## -## Main body of $CONFIG_STATUS script. ## -## ----------------------------------- ## -_ASEOF -test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 - -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 -# Save the log message, to keep $0 and so on meaningful, and to -# report actual input values of CONFIG_FILES etc. instead of their -# values after options handling. -ac_log=" -This file was extended by OpenSSH $as_me Portable, which was -generated by GNU Autoconf 2.69. Invocation command line was - - CONFIG_FILES = $CONFIG_FILES - CONFIG_HEADERS = $CONFIG_HEADERS - CONFIG_LINKS = $CONFIG_LINKS - CONFIG_COMMANDS = $CONFIG_COMMANDS - $ $0 $@ - -on `(hostname || uname -n) 2>/dev/null | sed 1q` -" - -_ACEOF - -case $ac_config_files in *" -"*) set x $ac_config_files; shift; ac_config_files=$*;; -esac - -case $ac_config_headers in *" -"*) set x $ac_config_headers; shift; ac_config_headers=$*;; -esac - - -cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 -# Files that config.status was made for. -config_files="$ac_config_files" -config_headers="$ac_config_headers" - -_ACEOF - -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 -ac_cs_usage="\ -\`$as_me' instantiates files and other configuration actions -from templates according to the current configuration. Unless the files -and actions are specified as TAGs, all are instantiated by default. - -Usage: $0 [OPTION]... [TAG]... - - -h, --help print this help, then exit - -V, --version print version number and configuration settings, then exit - --config print configuration, then exit - -q, --quiet, --silent - do not print progress messages - -d, --debug don't remove temporary files - --recheck update $as_me by reconfiguring in the same conditions - --file=FILE[:TEMPLATE] - instantiate the configuration file FILE - --header=FILE[:TEMPLATE] - instantiate the configuration header FILE - -Configuration files: -$config_files - -Configuration headers: -$config_headers - -Report bugs to ." - -_ACEOF -cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 -ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" -ac_cs_version="\\ -OpenSSH config.status Portable -configured by $0, generated by GNU Autoconf 2.69, - with options \\"\$ac_cs_config\\" - -Copyright (C) 2012 Free Software Foundation, Inc. -This config.status script is free software; the Free Software Foundation -gives unlimited permission to copy, distribute and modify it." - -ac_pwd='$ac_pwd' -srcdir='$srcdir' -INSTALL='$INSTALL' -AWK='$AWK' -test -n "\$AWK" || AWK=awk -_ACEOF - -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 -# The default lists apply if the user does not specify any file. -ac_need_defaults=: -while test $# != 0 -do - case $1 in - --*=?*) - ac_option=`expr "X$1" : 'X\([^=]*\)='` - ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` - ac_shift=: - ;; - --*=) - ac_option=`expr "X$1" : 'X\([^=]*\)='` - ac_optarg= - ac_shift=: - ;; - *) - ac_option=$1 - ac_optarg=$2 - ac_shift=shift - ;; - esac - - case $ac_option in - # Handling of the options. - -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) - ac_cs_recheck=: ;; - --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) - $as_echo "$ac_cs_version"; exit ;; - --config | --confi | --conf | --con | --co | --c ) - $as_echo "$ac_cs_config"; exit ;; - --debug | --debu | --deb | --de | --d | -d ) - debug=: ;; - --file | --fil | --fi | --f ) - $ac_shift - case $ac_optarg in - *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; - '') as_fn_error $? "missing file argument" ;; - esac - as_fn_append CONFIG_FILES " '$ac_optarg'" - ac_need_defaults=false;; - --header | --heade | --head | --hea ) - $ac_shift - case $ac_optarg in - *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; - esac - as_fn_append CONFIG_HEADERS " '$ac_optarg'" - ac_need_defaults=false;; - --he | --h) - # Conflict between --help and --header - as_fn_error $? "ambiguous option: \`$1' -Try \`$0 --help' for more information.";; - --help | --hel | -h ) - $as_echo "$ac_cs_usage"; exit ;; - -q | -quiet | --quiet | --quie | --qui | --qu | --q \ - | -silent | --silent | --silen | --sile | --sil | --si | --s) - ac_cs_silent=: ;; - - # This is an error. - -*) as_fn_error $? "unrecognized option: \`$1' -Try \`$0 --help' for more information." ;; - - *) as_fn_append ac_config_targets " $1" - ac_need_defaults=false ;; - - esac - shift -done - -ac_configure_extra_args= - -if $ac_cs_silent; then - exec 6>/dev/null - ac_configure_extra_args="$ac_configure_extra_args --silent" -fi - -_ACEOF -cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 -if \$ac_cs_recheck; then - set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion - shift - \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 - CONFIG_SHELL='$SHELL' - export CONFIG_SHELL - exec "\$@" -fi - -_ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 -exec 5>>config.log -{ - echo - sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX -## Running $as_me. ## -_ASBOX - $as_echo "$ac_log" -} >&5 - -_ACEOF -cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 -_ACEOF - -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 - -# Handling of arguments. -for ac_config_target in $ac_config_targets -do - case $ac_config_target in - "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; - "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; - "buildpkg.sh") CONFIG_FILES="$CONFIG_FILES buildpkg.sh" ;; - "opensshd.init") CONFIG_FILES="$CONFIG_FILES opensshd.init" ;; - "openssh.xml") CONFIG_FILES="$CONFIG_FILES openssh.xml" ;; - "openbsd-compat/Makefile") CONFIG_FILES="$CONFIG_FILES openbsd-compat/Makefile" ;; - "openbsd-compat/regress/Makefile") CONFIG_FILES="$CONFIG_FILES openbsd-compat/regress/Makefile" ;; - "survey.sh") CONFIG_FILES="$CONFIG_FILES survey.sh" ;; - - *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; - esac -done - - -# If the user did not use the arguments to specify the items to instantiate, -# then the envvar interface is used. Set only those that are not. -# We use the long form for the default assignment because of an extremely -# bizarre bug on SunOS 4.1.3. -if $ac_need_defaults; then - test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files - test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers -fi - -# Have a temporary directory for convenience. Make it in the build tree -# simply because there is no reason against having it here, and in addition, -# creating and moving files from /tmp can sometimes cause problems. -# Hook for its removal unless debugging. -# Note that there is a small window in which the directory will not be cleaned: -# after its creation but before its name has been assigned to `$tmp'. -$debug || -{ - tmp= ac_tmp= - trap 'exit_status=$? - : "${ac_tmp:=$tmp}" - { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status -' 0 - trap 'as_fn_exit 1' 1 2 13 15 -} -# Create a (secure) tmp directory for tmp files. - -{ - tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && - test -d "$tmp" -} || -{ - tmp=./conf$$-$RANDOM - (umask 077 && mkdir "$tmp") -} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 -ac_tmp=$tmp - -# Set up the scripts for CONFIG_FILES section. -# No need to generate them if there are no CONFIG_FILES. -# This happens for instance with `./config.status config.h'. -if test -n "$CONFIG_FILES"; then - - -ac_cr=`echo X | tr X '\015'` -# On cygwin, bash can eat \r inside `` if the user requested igncr. -# But we know of no other shell where ac_cr would be empty at this -# point, so we can use a bashism as a fallback. -if test "x$ac_cr" = x; then - eval ac_cr=\$\'\\r\' -fi -ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` -if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then - ac_cs_awk_cr='\\r' -else - ac_cs_awk_cr=$ac_cr -fi - -echo 'BEGIN {' >"$ac_tmp/subs1.awk" && -_ACEOF - - -{ - echo "cat >conf$$subs.awk <<_ACEOF" && - echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && - echo "_ACEOF" -} >conf$$subs.sh || - as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 -ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'` -ac_delim='%!_!# ' -for ac_last_try in false false false false false :; do - . ./conf$$subs.sh || - as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 - - ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` - if test $ac_delim_n = $ac_delim_num; then - break - elif $ac_last_try; then - as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 - else - ac_delim="$ac_delim!$ac_delim _$ac_delim!! " - fi -done -rm -f conf$$subs.sh - -cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 -cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK && -_ACEOF -sed -n ' -h -s/^/S["/; s/!.*/"]=/ -p -g -s/^[^!]*!// -:repl -t repl -s/'"$ac_delim"'$// -t delim -:nl -h -s/\(.\{148\}\)..*/\1/ -t more1 -s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/ -p -n -b repl -:more1 -s/["\\]/\\&/g; s/^/"/; s/$/"\\/ -p -g -s/.\{148\}// -t nl -:delim -h -s/\(.\{148\}\)..*/\1/ -t more2 -s/["\\]/\\&/g; s/^/"/; s/$/"/ -p -b -:more2 -s/["\\]/\\&/g; s/^/"/; s/$/"\\/ -p -g -s/.\{148\}// -t delim -' >$CONFIG_STATUS || ac_write_fail=1 -rm -f conf$$subs.awk -cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 -_ACAWK -cat >>"\$ac_tmp/subs1.awk" <<_ACAWK && - for (key in S) S_is_set[key] = 1 - FS = "" - -} -{ - line = $ 0 - nfields = split(line, field, "@") - substed = 0 - len = length(field[1]) - for (i = 2; i < nfields; i++) { - key = field[i] - keylen = length(key) - if (S_is_set[key]) { - value = S[key] - line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3) - len += length(value) + length(field[++i]) - substed = 1 - } else - len += 1 + keylen - } - - print line -} - -_ACAWK -_ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 -if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then - sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" -else - cat -fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \ - || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 -_ACEOF - -# VPATH may cause trouble with some makes, so we remove sole $(srcdir), -# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and -# trailing colons and then remove the whole line if VPATH becomes empty -# (actually we leave an empty line to preserve line numbers). -if test "x$srcdir" = x.; then - ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{ -h -s/// -s/^/:/ -s/[ ]*$/:/ -s/:\$(srcdir):/:/g -s/:\${srcdir}:/:/g -s/:@srcdir@:/:/g -s/^:*// -s/:*$// -x -s/\(=[ ]*\).*/\1/ -G -s/\n// -s/^[^=]*=[ ]*$// -}' -fi - -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 -fi # test -n "$CONFIG_FILES" - -# Set up the scripts for CONFIG_HEADERS section. -# No need to generate them if there are no CONFIG_HEADERS. -# This happens for instance with `./config.status Makefile'. -if test -n "$CONFIG_HEADERS"; then -cat >"$ac_tmp/defines.awk" <<\_ACAWK || -BEGIN { -_ACEOF - -# Transform confdefs.h into an awk script `defines.awk', embedded as -# here-document in config.status, that substitutes the proper values into -# config.h.in to produce config.h. - -# Create a delimiter string that does not exist in confdefs.h, to ease -# handling of long lines. -ac_delim='%!_!# ' -for ac_last_try in false false :; do - ac_tt=`sed -n "/$ac_delim/p" confdefs.h` - if test -z "$ac_tt"; then - break - elif $ac_last_try; then - as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5 - else - ac_delim="$ac_delim!$ac_delim _$ac_delim!! " - fi -done - -# For the awk script, D is an array of macro values keyed by name, -# likewise P contains macro parameters if any. Preserve backslash -# newline sequences. - -ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]* -sed -n ' -s/.\{148\}/&'"$ac_delim"'/g -t rset -:rset -s/^[ ]*#[ ]*define[ ][ ]*/ / -t def -d -:def -s/\\$// -t bsnl -s/["\\]/\\&/g -s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ -D["\1"]=" \3"/p -s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2"/p -d -:bsnl -s/["\\]/\\&/g -s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ -D["\1"]=" \3\\\\\\n"\\/p -t cont -s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p -t cont -d -:cont -n -s/.\{148\}/&'"$ac_delim"'/g -t clear -:clear -s/\\$// -t bsnlc -s/["\\]/\\&/g; s/^/"/; s/$/"/p -d -:bsnlc -s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p -b cont -' >$CONFIG_STATUS || ac_write_fail=1 - -cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 - for (key in D) D_is_set[key] = 1 - FS = "" -} -/^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ { - line = \$ 0 - split(line, arg, " ") - if (arg[1] == "#") { - defundef = arg[2] - mac1 = arg[3] - } else { - defundef = substr(arg[1], 2) - mac1 = arg[2] - } - split(mac1, mac2, "(") #) - macro = mac2[1] - prefix = substr(line, 1, index(line, defundef) - 1) - if (D_is_set[macro]) { - # Preserve the white space surrounding the "#". - print prefix "define", macro P[macro] D[macro] - next - } else { - # Replace #undef with comments. This is necessary, for example, - # in the case of _POSIX_SOURCE, which is predefined and required - # on some systems where configure will not decide to define it. - if (defundef == "undef") { - print "/*", prefix defundef, macro, "*/" - next - } - } -} -{ print } -_ACAWK -_ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 - as_fn_error $? "could not setup config headers machinery" "$LINENO" 5 -fi # test -n "$CONFIG_HEADERS" - - -eval set X " :F $CONFIG_FILES :H $CONFIG_HEADERS " -shift -for ac_tag -do - case $ac_tag in - :[FHLC]) ac_mode=$ac_tag; continue;; - esac - case $ac_mode$ac_tag in - :[FHL]*:*);; - :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;; - :[FH]-) ac_tag=-:-;; - :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; - esac - ac_save_IFS=$IFS - IFS=: - set x $ac_tag - IFS=$ac_save_IFS - shift - ac_file=$1 - shift - - case $ac_mode in - :L) ac_source=$1;; - :[FH]) - ac_file_inputs= - for ac_f - do - case $ac_f in - -) ac_f="$ac_tmp/stdin";; - *) # Look for the file first in the build tree, then in the source tree - # (if the path is not absolute). The absolute path cannot be DOS-style, - # because $ac_f cannot contain `:'. - test -f "$ac_f" || - case $ac_f in - [\\/$]*) false;; - *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; - esac || - as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;; - esac - case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac - as_fn_append ac_file_inputs " '$ac_f'" - done - - # Let's still pretend it is `configure' which instantiates (i.e., don't - # use $as_me), people would be surprised to read: - # /* config.h. Generated by config.status. */ - configure_input='Generated from '` - $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' - `' by configure.' - if test x"$ac_file" != x-; then - configure_input="$ac_file. $configure_input" - { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 -$as_echo "$as_me: creating $ac_file" >&6;} - fi - # Neutralize special characters interpreted by sed in replacement strings. - case $configure_input in #( - *\&* | *\|* | *\\* ) - ac_sed_conf_input=`$as_echo "$configure_input" | - sed 's/[\\\\&|]/\\\\&/g'`;; #( - *) ac_sed_conf_input=$configure_input;; - esac - - case $ac_tag in - *:-:* | *:-) cat >"$ac_tmp/stdin" \ - || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; - esac - ;; - esac - - ac_dir=`$as_dirname -- "$ac_file" || -$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$ac_file" : 'X\(//\)[^/]' \| \ - X"$ac_file" : 'X\(//\)$' \| \ - X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X"$ac_file" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - as_dir="$ac_dir"; as_fn_mkdir_p - ac_builddir=. - -case "$ac_dir" in -.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; -*) - ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` - # A ".." for each directory in $ac_dir_suffix. - ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` - case $ac_top_builddir_sub in - "") ac_top_builddir_sub=. ac_top_build_prefix= ;; - *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; - esac ;; -esac -ac_abs_top_builddir=$ac_pwd -ac_abs_builddir=$ac_pwd$ac_dir_suffix -# for backward compatibility: -ac_top_builddir=$ac_top_build_prefix - -case $srcdir in - .) # We are building in place. - ac_srcdir=. - ac_top_srcdir=$ac_top_builddir_sub - ac_abs_top_srcdir=$ac_pwd ;; - [\\/]* | ?:[\\/]* ) # Absolute name. - ac_srcdir=$srcdir$ac_dir_suffix; - ac_top_srcdir=$srcdir - ac_abs_top_srcdir=$srcdir ;; - *) # Relative name. - ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix - ac_top_srcdir=$ac_top_build_prefix$srcdir - ac_abs_top_srcdir=$ac_pwd/$srcdir ;; -esac -ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix - - - case $ac_mode in - :F) - # - # CONFIG_FILE - # - - case $INSTALL in - [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;; - *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;; - esac -_ACEOF - -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 -# If the template does not know about datarootdir, expand it. -# FIXME: This hack should be removed a few years after 2.60. -ac_datarootdir_hack=; ac_datarootdir_seen= -ac_sed_dataroot=' -/datarootdir/ { - p - q -} -/@datadir@/p -/@docdir@/p -/@infodir@/p -/@localedir@/p -/@mandir@/p' -case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in -*datarootdir*) ac_datarootdir_seen=yes;; -*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 -$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} -_ACEOF -cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 - ac_datarootdir_hack=' - s&@datadir@&$datadir&g - s&@docdir@&$docdir&g - s&@infodir@&$infodir&g - s&@localedir@&$localedir&g - s&@mandir@&$mandir&g - s&\\\${datarootdir}&$datarootdir&g' ;; -esac -_ACEOF - -# Neutralize VPATH when `$srcdir' = `.'. -# Shell code in configure.ac might set extrasub. -# FIXME: do we really want to maintain this feature? -cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 -ac_sed_extra="$ac_vpsub -$extrasub -_ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 -:t -/@[a-zA-Z_][a-zA-Z_0-9]*@/!b -s|@configure_input@|$ac_sed_conf_input|;t t -s&@top_builddir@&$ac_top_builddir_sub&;t t -s&@top_build_prefix@&$ac_top_build_prefix&;t t -s&@srcdir@&$ac_srcdir&;t t -s&@abs_srcdir@&$ac_abs_srcdir&;t t -s&@top_srcdir@&$ac_top_srcdir&;t t -s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t -s&@builddir@&$ac_builddir&;t t -s&@abs_builddir@&$ac_abs_builddir&;t t -s&@abs_top_builddir@&$ac_abs_top_builddir&;t t -s&@INSTALL@&$ac_INSTALL&;t t -$ac_datarootdir_hack -" -eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \ - >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5 - -test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && - { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } && - { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \ - "$ac_tmp/out"`; test -z "$ac_out"; } && - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' -which seems to be undefined. Please make sure it is defined" >&5 -$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' -which seems to be undefined. Please make sure it is defined" >&2;} - - rm -f "$ac_tmp/stdin" - case $ac_file in - -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";; - *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";; - esac \ - || as_fn_error $? "could not create $ac_file" "$LINENO" 5 - ;; - :H) - # - # CONFIG_HEADER - # - if test x"$ac_file" != x-; then - { - $as_echo "/* $configure_input */" \ - && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" - } >"$ac_tmp/config.h" \ - || as_fn_error $? "could not create $ac_file" "$LINENO" 5 - if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then - { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5 -$as_echo "$as_me: $ac_file is unchanged" >&6;} - else - rm -f "$ac_file" - mv "$ac_tmp/config.h" "$ac_file" \ - || as_fn_error $? "could not create $ac_file" "$LINENO" 5 - fi - else - $as_echo "/* $configure_input */" \ - && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \ - || as_fn_error $? "could not create -" "$LINENO" 5 - fi - ;; - - - esac - -done # for ac_tag - - -as_fn_exit 0 -_ACEOF -ac_clean_files=$ac_clean_files_save - -test $ac_write_fail = 0 || - as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5 - - -# configure is writing to config.log, and then calls config.status. -# config.status does its own redirection, appending to config.log. -# Unfortunately, on DOS this fails, as config.log is still kept open -# by configure, so config.status won't be able to write to it; its -# output is simply discarded. So we exec the FD to /dev/null, -# effectively closing config.log, so it can be properly (re)opened and -# appended to by config.status. When coming back to configure, we -# need to make the FD available again. -if test "$no_create" != yes; then - ac_cs_success=: - ac_config_status_args= - test "$silent" = yes && - ac_config_status_args="$ac_config_status_args --quiet" - exec 5>/dev/null - $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false - exec 5>>config.log - # Use ||, not &&, to avoid exiting from the if with $? = 1, which - # would make configure fail if this is the last instruction. - $ac_cs_success || as_fn_exit 1 -fi -if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 -$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} -fi - - -# Print summary of options - -# Someone please show me a better way :) -A=`eval echo ${prefix}` ; A=`eval echo ${A}` -B=`eval echo ${bindir}` ; B=`eval echo ${B}` -C=`eval echo ${sbindir}` ; C=`eval echo ${C}` -D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}` -E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}` -F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` -G=`eval echo ${piddir}` ; G=`eval echo ${G}` -H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}` -I=`eval echo ${user_path}` ; I=`eval echo ${I}` -J=`eval echo ${superuser_path}` ; J=`eval echo ${J}` - -echo "" -echo "OpenSSH has been configured with the following options:" -echo " User binaries: $B" -echo " System binaries: $C" -echo " Configuration files: $D" -echo " Askpass program: $E" -echo " Manual pages: $F" -echo " PID file: $G" -echo " Privilege separation chroot path: $H" -if test "x$external_path_file" = "x/etc/login.conf" ; then -echo " At runtime, sshd will use the path defined in $external_path_file" -echo " Make sure the path to scp is present, otherwise scp will not work" -else -echo " sshd default user PATH: $I" - if test ! -z "$external_path_file"; then -echo " (If PATH is set in $external_path_file it will be used instead. If" -echo " used, ensure the path to scp is present, otherwise scp will not work.)" - fi -fi -if test ! -z "$superuser_path" ; then -echo " sshd superuser user PATH: $J" -fi -echo " Manpage format: $MANTYPE" -echo " PAM support: $PAM_MSG" -echo " OSF SIA support: $SIA_MSG" -echo " KerberosV support: $KRB5_MSG" -echo " SELinux support: $SELINUX_MSG" -echo " Smartcard support: $SCARD_MSG" -echo " S/KEY support: $SKEY_MSG" -echo " TCP Wrappers support: $TCPW_MSG" -echo " MD5 password support: $MD5_MSG" -echo " libedit support: $LIBEDIT_MSG" -echo " Solaris process contract support: $SPC_MSG" -echo " Solaris project support: $SP_MSG" -echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" -echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" -echo " BSD Auth support: $BSD_AUTH_MSG" -echo " Random number source: $RAND_MSG" -echo " Privsep sandbox style: $SANDBOX_STYLE" - -echo "" - -echo " Host: ${host}" -echo " Compiler: ${CC}" -echo " Compiler flags: ${CFLAGS}" -echo "Preprocessor flags: ${CPPFLAGS}" -echo " Linker flags: ${LDFLAGS}" -echo " Libraries: ${LIBS}" -if test ! -z "${SSHDLIBS}"; then -echo " +for sshd: ${SSHDLIBS}" -fi -if test ! -z "${SSHLIBS}"; then -echo " +for ssh: ${SSHLIBS}" -fi - -echo "" - -if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then - echo "SVR4 style packages are supported with \"make package\"" - echo "" -fi - -if test "x$PAM_MSG" = "xyes" ; then - echo "PAM is enabled. You may need to install a PAM control file " - echo "for sshd, otherwise password authentication may fail. " - echo "Example PAM control files can be found in the contrib/ " - echo "subdirectory" - echo "" -fi - -if test ! -z "$NO_PEERCHECK" ; then - echo "WARNING: the operating system that you are using does not" - echo "appear to support getpeereid(), getpeerucred() or the" - echo "SO_PEERCRED getsockopt() option. These facilities are used to" - echo "enforce security checks to prevent unauthorised connections to" - echo "ssh-agent. Their absence increases the risk that a malicious" - echo "user can connect to your agent." - echo "" -fi - -if test "$AUDIT_MODULE" = "bsm" ; then - echo "WARNING: BSM audit support is currently considered EXPERIMENTAL." - echo "See the Solaris section in README.platform for details." -fi diff --git a/crypto/openssh/moduli.0 b/crypto/openssh/moduli.0 deleted file mode 100644 index 087e5963e4d..00000000000 --- a/crypto/openssh/moduli.0 +++ /dev/null @@ -1,74 +0,0 @@ -MODULI(5) File Formats Manual MODULI(5) - -NAME - moduli M-bM-^@M-^S Diffie-Hellman moduli - -DESCRIPTION - The /etc/moduli file contains prime numbers and generators for use by - sshd(8) in the Diffie-Hellman Group Exchange key exchange method. - - New moduli may be generated with ssh-keygen(1) using a two-step process. - An initial candidate generation pass, using ssh-keygen -G, calculates - numbers that are likely to be useful. A second primality testing pass, - using ssh-keygen -T, provides a high degree of assurance that the numbers - are prime and are safe for use in Diffie-Hellman operations by sshd(8). - This moduli format is used as the output from each pass. - - The file consists of newline-separated records, one per modulus, - containing seven space-separated fields. These fields are as follows: - - timestamp The time that the modulus was last processed as - YYYYMMDDHHMMSS. - - type Decimal number specifying the internal structure of - the prime modulus. Supported types are: - - 0 Unknown, not tested. - 2 "Safe" prime; (p-1)/2 is also prime. - 4 Sophie Germain; 2p+1 is also prime. - - Moduli candidates initially produced by ssh-keygen(1) - are Sophie Germain primes (type 4). Further primality - testing with ssh-keygen(1) produces safe prime moduli - (type 2) that are ready for use in sshd(8). Other - types are not used by OpenSSH. - - tests Decimal number indicating the type of primality tests - that the number has been subjected to represented as a - bitmask of the following values: - - 0x00 Not tested. - 0x01 Composite number M-bM-^@M-^S not prime. - 0x02 Sieve of Eratosthenes. - 0x04 Probabilistic Miller-Rabin primality tests. - - The ssh-keygen(1) moduli candidate generation uses the - Sieve of Eratosthenes (flag 0x02). Subsequent - ssh-keygen(1) primality tests are Miller-Rabin tests - (flag 0x04). - - trials Decimal number indicating the number of primality - trials that have been performed on the modulus. - - size Decimal number indicating the size of the prime in - bits. - - generator The recommended generator for use with this modulus - (hexadecimal). - - modulus The modulus itself in hexadecimal. - - When performing Diffie-Hellman Group Exchange, sshd(8) first estimates - the size of the modulus required to produce enough Diffie-Hellman output - to sufficiently key the selected symmetric cipher. sshd(8) then randomly - selects a modulus from /etc/moduli that best meets the size requirement. - -SEE ALSO - ssh-keygen(1), sshd(8) - -STANDARDS - M. Friedl, N. Provos, and W. Simpson, Diffie-Hellman Group Exchange for - the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006, - 2006. - -OpenBSD 5.8 September 26, 2012 OpenBSD 5.8 diff --git a/crypto/openssh/scp.0 b/crypto/openssh/scp.0 deleted file mode 100644 index 8f41f614040..00000000000 --- a/crypto/openssh/scp.0 +++ /dev/null @@ -1,165 +0,0 @@ -SCP(1) General Commands Manual SCP(1) - -NAME - scp M-bM-^@M-^S secure copy (remote file copy program) - -SYNOPSIS - scp [-12346BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file] - [-l limit] [-o ssh_option] [-P port] [-S program] - [[user@]host1:]file1 ... [[user@]host2:]file2 - -DESCRIPTION - scp copies files between hosts on a network. It uses ssh(1) for data - transfer, and uses the same authentication and provides the same security - as ssh(1). scp will ask for passwords or passphrases if they are needed - for authentication. - - File names may contain a user and host specification to indicate that the - file is to be copied to/from that host. Local file names can be made - explicit using absolute or relative pathnames to avoid scp treating file - names containing M-bM-^@M-^X:M-bM-^@M-^Y as host specifiers. Copies between two remote hosts - are also permitted. - - The options are as follows: - - -1 Forces scp to use protocol 1. - - -2 Forces scp to use protocol 2. - - -3 Copies between two remote hosts are transferred through the local - host. Without this option the data is copied directly between - the two remote hosts. Note that this option disables the - progress meter. - - -4 Forces scp to use IPv4 addresses only. - - -6 Forces scp to use IPv6 addresses only. - - -B Selects batch mode (prevents asking for passwords or - passphrases). - - -C Compression enable. Passes the -C flag to ssh(1) to enable - compression. - - -c cipher - Selects the cipher to use for encrypting the data transfer. This - option is directly passed to ssh(1). - - -F ssh_config - Specifies an alternative per-user configuration file for ssh. - This option is directly passed to ssh(1). - - -i identity_file - Selects the file from which the identity (private key) for public - key authentication is read. This option is directly passed to - ssh(1). - - -l limit - Limits the used bandwidth, specified in Kbit/s. - - -o ssh_option - Can be used to pass options to ssh in the format used in - ssh_config(5). This is useful for specifying options for which - there is no separate scp command-line flag. For full details of - the options listed below, and their possible values, see - ssh_config(5). - - AddressFamily - BatchMode - BindAddress - CanonicalDomains - CanonicalizeFallbackLocal - CanonicalizeHostname - CanonicalizeMaxDots - CanonicalizePermittedCNAMEs - ChallengeResponseAuthentication - CheckHostIP - Cipher - Ciphers - Compression - CompressionLevel - ConnectionAttempts - ConnectTimeout - ControlMaster - ControlPath - ControlPersist - GlobalKnownHostsFile - GSSAPIAuthentication - GSSAPIDelegateCredentials - HashKnownHosts - Host - HostbasedAuthentication - HostbasedKeyTypes - HostKeyAlgorithms - HostKeyAlias - HostName - IdentityFile - IdentitiesOnly - IPQoS - KbdInteractiveAuthentication - KbdInteractiveDevices - KexAlgorithms - LogLevel - MACs - NoHostAuthenticationForLocalhost - NumberOfPasswordPrompts - PasswordAuthentication - PKCS11Provider - Port - PreferredAuthentications - Protocol - ProxyCommand - PubkeyAcceptedKeyTypes - PubkeyAuthentication - RekeyLimit - RhostsRSAAuthentication - RSAAuthentication - SendEnv - ServerAliveInterval - ServerAliveCountMax - StrictHostKeyChecking - TCPKeepAlive - UpdateHostKeys - UsePrivilegedPort - User - UserKnownHostsFile - VerifyHostKeyDNS - - -P port - Specifies the port to connect to on the remote host. Note that - this option is written with a capital M-bM-^@M-^XPM-bM-^@M-^Y, because -p is already - reserved for preserving the times and modes of the file. - - -p Preserves modification times, access times, and modes from the - original file. - - -q Quiet mode: disables the progress meter as well as warning and - diagnostic messages from ssh(1). - - -r Recursively copy entire directories. Note that scp follows - symbolic links encountered in the tree traversal. - - -S program - Name of program to use for the encrypted connection. The program - must understand ssh(1) options. - - -v Verbose mode. Causes scp and ssh(1) to print debugging messages - about their progress. This is helpful in debugging connection, - authentication, and configuration problems. - -EXIT STATUS - The scp utility exitsM-BM- 0 on success, andM-BM- >0 if an error occurs. - -SEE ALSO - sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), ssh_config(5), - sshd(8) - -HISTORY - scp is based on the rcp program in BSD source code from the Regents of - the University of California. - -AUTHORS - Timo Rinne - Tatu Ylonen - -OpenBSD 5.8 July 10, 2015 OpenBSD 5.8 diff --git a/crypto/openssh/sftp-server.0 b/crypto/openssh/sftp-server.0 deleted file mode 100644 index b971cef4039..00000000000 --- a/crypto/openssh/sftp-server.0 +++ /dev/null @@ -1,96 +0,0 @@ -SFTP-SERVER(8) System Manager's Manual SFTP-SERVER(8) - -NAME - sftp-server M-bM-^@M-^S SFTP server subsystem - -SYNOPSIS - sftp-server [-ehR] [-d start_directory] [-f log_facility] [-l log_level] - [-P blacklisted_requests] [-p whitelisted_requests] - [-u umask] - sftp-server -Q protocol_feature - -DESCRIPTION - sftp-server is a program that speaks the server side of SFTP protocol to - stdout and expects client requests from stdin. sftp-server is not - intended to be called directly, but from sshd(8) using the Subsystem - option. - - Command-line flags to sftp-server should be specified in the Subsystem - declaration. See sshd_config(5) for more information. - - Valid options are: - - -d start_directory - specifies an alternate starting directory for users. The - pathname may contain the following tokens that are expanded at - runtime: %% is replaced by a literal '%', %d is replaced by the - home directory of the user being authenticated, and %u is - replaced by the username of that user. The default is to use the - user's home directory. This option is useful in conjunction with - the sshd_config(5) ChrootDirectory option. - - -e Causes sftp-server to print logging information to stderr instead - of syslog for debugging. - - -f log_facility - Specifies the facility code that is used when logging messages - from sftp-server. The possible values are: DAEMON, USER, AUTH, - LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. - The default is AUTH. - - -h Displays sftp-server usage information. - - -l log_level - Specifies which messages will be logged by sftp-server. The - possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, - DEBUG1, DEBUG2, and DEBUG3. INFO and VERBOSE log transactions - that sftp-server performs on behalf of the client. DEBUG and - DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher - levels of debugging output. The default is ERROR. - - -P blacklisted_requests - Specify a comma-separated list of SFTP protocol requests that are - banned by the server. sftp-server will reply to any blacklisted - request with a failure. The -Q flag can be used to determine the - supported request types. If both a blacklist and a whitelist are - specified, then the blacklist is applied before the whitelist. - - -p whitelisted_requests - Specify a comma-separated list of SFTP protocol requests that are - permitted by the server. All request types that are not on the - whitelist will be logged and replied to with a failure message. - - Care must be taken when using this feature to ensure that - requests made implicitly by SFTP clients are permitted. - - -Q protocol_feature - Query protocol features supported by sftp-server. At present the - only feature that may be queried is M-bM-^@M-^\requestsM-bM-^@M-^], which may be used - for black or whitelisting (flags -P and -p respectively). - - -R Places this instance of sftp-server into a read-only mode. - Attempts to open files for writing, as well as other operations - that change the state of the filesystem, will be denied. - - -u umask - Sets an explicit umask(2) to be applied to newly-created files - and directories, instead of the user's default mask. - - On some systems, sftp-server must be able to access /dev/log for logging - to work, and use of sftp-server in a chroot configuration therefore - requires that syslogd(8) establish a logging socket inside the chroot - directory. - -SEE ALSO - sftp(1), ssh(1), sshd_config(5), sshd(8) - - T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- - filexfer-02.txt, October 2001, work in progress material. - -HISTORY - sftp-server first appeared in OpenBSD 2.8. - -AUTHORS - Markus Friedl - -OpenBSD 5.8 December 11, 2014 OpenBSD 5.8 diff --git a/crypto/openssh/sftp.0 b/crypto/openssh/sftp.0 deleted file mode 100644 index 550f27648c8..00000000000 --- a/crypto/openssh/sftp.0 +++ /dev/null @@ -1,383 +0,0 @@ -SFTP(1) General Commands Manual SFTP(1) - -NAME - sftp M-bM-^@M-^S secure file transfer program - -SYNOPSIS - sftp [-1246aCfpqrv] [-B buffer_size] [-b batchfile] [-c cipher] - [-D sftp_server_path] [-F ssh_config] [-i identity_file] [-l limit] - [-o ssh_option] [-P port] [-R num_requests] [-S program] - [-s subsystem | sftp_server] host - sftp [user@]host[:file ...] - sftp [user@]host[:dir[/]] - sftp -b batchfile [user@]host - -DESCRIPTION - sftp is an interactive file transfer program, similar to ftp(1), which - performs all operations over an encrypted ssh(1) transport. It may also - use many features of ssh, such as public key authentication and - compression. sftp connects and logs into the specified host, then enters - an interactive command mode. - - The second usage format will retrieve files automatically if a non- - interactive authentication method is used; otherwise it will do so after - successful interactive authentication. - - The third usage format allows sftp to start in a remote directory. - - The final usage format allows for automated sessions using the -b option. - In such cases, it is necessary to configure non-interactive - authentication to obviate the need to enter a password at connection time - (see sshd(8) and ssh-keygen(1) for details). - - Since some usage formats use colon characters to delimit host names from - path names, IPv6 addresses must be enclosed in square brackets to avoid - ambiguity. - - The options are as follows: - - -1 Specify the use of protocol version 1. - - -2 Specify the use of protocol version 2. - - -4 Forces sftp to use IPv4 addresses only. - - -6 Forces sftp to use IPv6 addresses only. - - -a Attempt to continue interrupted transfers rather than overwriting - existing partial or complete copies of files. If the partial - contents differ from those being transferred, then the resultant - file is likely to be corrupt. - - -B buffer_size - Specify the size of the buffer that sftp uses when transferring - files. Larger buffers require fewer round trips at the cost of - higher memory consumption. The default is 32768 bytes. - - -b batchfile - Batch mode reads a series of commands from an input batchfile - instead of stdin. Since it lacks user interaction it should be - used in conjunction with non-interactive authentication. A - batchfile of M-bM-^@M-^X-M-bM-^@M-^Y may be used to indicate standard input. sftp - will abort if any of the following commands fail: get, put, - reget, reput, rename, ln, rm, mkdir, chdir, ls, lchdir, chmod, - chown, chgrp, lpwd, df, symlink, and lmkdir. Termination on - error can be suppressed on a command by command basis by - prefixing the command with a M-bM-^@M-^X-M-bM-^@M-^Y character (for example, -rm - /tmp/blah*). - - -C Enables compression (via ssh's -C flag). - - -c cipher - Selects the cipher to use for encrypting the data transfers. - This option is directly passed to ssh(1). - - -D sftp_server_path - Connect directly to a local sftp server (rather than via ssh(1)). - This option may be useful in debugging the client and server. - - -F ssh_config - Specifies an alternative per-user configuration file for ssh(1). - This option is directly passed to ssh(1). - - -f Requests that files be flushed to disk immediately after - transfer. When uploading files, this feature is only enabled if - the server implements the "fsync@openssh.com" extension. - - -i identity_file - Selects the file from which the identity (private key) for public - key authentication is read. This option is directly passed to - ssh(1). - - -l limit - Limits the used bandwidth, specified in Kbit/s. - - -o ssh_option - Can be used to pass options to ssh in the format used in - ssh_config(5). This is useful for specifying options for which - there is no separate sftp command-line flag. For example, to - specify an alternate port use: sftp -oPort=24. For full details - of the options listed below, and their possible values, see - ssh_config(5). - - AddressFamily - BatchMode - BindAddress - CanonicalDomains - CanonicalizeFallbackLocal - CanonicalizeHostname - CanonicalizeMaxDots - CanonicalizePermittedCNAMEs - ChallengeResponseAuthentication - CheckHostIP - Cipher - Ciphers - Compression - CompressionLevel - ConnectionAttempts - ConnectTimeout - ControlMaster - ControlPath - ControlPersist - GlobalKnownHostsFile - GSSAPIAuthentication - GSSAPIDelegateCredentials - HashKnownHosts - Host - HostbasedAuthentication - HostbasedKeyTypes - HostKeyAlgorithms - HostKeyAlias - HostName - IdentityFile - IdentitiesOnly - IPQoS - KbdInteractiveAuthentication - KbdInteractiveDevices - KexAlgorithms - LogLevel - MACs - NoHostAuthenticationForLocalhost - NumberOfPasswordPrompts - PasswordAuthentication - PKCS11Provider - Port - PreferredAuthentications - Protocol - ProxyCommand - PubkeyAuthentication - RekeyLimit - RhostsRSAAuthentication - RSAAuthentication - SendEnv - ServerAliveInterval - ServerAliveCountMax - StrictHostKeyChecking - TCPKeepAlive - UpdateHostKeys - UsePrivilegedPort - User - UserKnownHostsFile - VerifyHostKeyDNS - - -P port - Specifies the port to connect to on the remote host. - - -p Preserves modification times, access times, and modes from the - original files transferred. - - -q Quiet mode: disables the progress meter as well as warning and - diagnostic messages from ssh(1). - - -R num_requests - Specify how many requests may be outstanding at any one time. - Increasing this may slightly improve file transfer speed but will - increase memory usage. The default is 64 outstanding requests. - - -r Recursively copy entire directories when uploading and - downloading. Note that sftp does not follow symbolic links - encountered in the tree traversal. - - -S program - Name of the program to use for the encrypted connection. The - program must understand ssh(1) options. - - -s subsystem | sftp_server - Specifies the SSH2 subsystem or the path for an sftp server on - the remote host. A path is useful for using sftp over protocol - version 1, or when the remote sshd(8) does not have an sftp - subsystem configured. - - -v Raise logging level. This option is also passed to ssh. - -INTERACTIVE COMMANDS - Once in interactive mode, sftp understands a set of commands similar to - those of ftp(1). Commands are case insensitive. Pathnames that contain - spaces must be enclosed in quotes. Any special characters contained - within pathnames that are recognized by glob(3) must be escaped with - backslashes (M-bM-^@M-^X\M-bM-^@M-^Y). - - bye Quit sftp. - - cd path - Change remote directory to path. - - chgrp grp path - Change group of file path to grp. path may contain glob(3) - characters and may match multiple files. grp must be a numeric - GID. - - chmod mode path - Change permissions of file path to mode. path may contain - glob(3) characters and may match multiple files. - - chown own path - Change owner of file path to own. path may contain glob(3) - characters and may match multiple files. own must be a numeric - UID. - - df [-hi] [path] - Display usage information for the filesystem holding the current - directory (or path if specified). If the -h flag is specified, - the capacity information will be displayed using "human-readable" - suffixes. The -i flag requests display of inode information in - addition to capacity information. This command is only supported - on servers that implement the M-bM-^@M-^\statvfs@openssh.comM-bM-^@M-^] extension. - - exit Quit sftp. - - get [-afPpr] remote-path [local-path] - Retrieve the remote-path and store it on the local machine. If - the local path name is not specified, it is given the same name - it has on the remote machine. remote-path may contain glob(3) - characters and may match multiple files. If it does and - local-path is specified, then local-path must specify a - directory. - - If the -a flag is specified, then attempt to resume partial - transfers of existing files. Note that resumption assumes that - any partial copy of the local file matches the remote copy. If - the remote file contents differ from the partial local copy then - the resultant file is likely to be corrupt. - - If the -f flag is specified, then fsync(2) will be called after - the file transfer has completed to flush the file to disk. - - If either the -P or -p flag is specified, then full file - permissions and access times are copied too. - - If the -r flag is specified then directories will be copied - recursively. Note that sftp does not follow symbolic links when - performing recursive transfers. - - help Display help text. - - lcd path - Change local directory to path. - - lls [ls-options [path]] - Display local directory listing of either path or current - directory if path is not specified. ls-options may contain any - flags supported by the local system's ls(1) command. path may - contain glob(3) characters and may match multiple files. - - lmkdir path - Create local directory specified by path. - - ln [-s] oldpath newpath - Create a link from oldpath to newpath. If the -s flag is - specified the created link is a symbolic link, otherwise it is a - hard link. - - lpwd Print local working directory. - - ls [-1afhlnrSt] [path] - Display a remote directory listing of either path or the current - directory if path is not specified. path may contain glob(3) - characters and may match multiple files. - - The following flags are recognized and alter the behaviour of ls - accordingly: - - -1 Produce single columnar output. - - -a List files beginning with a dot (M-bM-^@M-^X.M-bM-^@M-^Y). - - -f Do not sort the listing. The default sort order is - lexicographical. - - -h When used with a long format option, use unit suffixes: - Byte, Kilobyte, Megabyte, Gigabyte, Terabyte, Petabyte, - and Exabyte in order to reduce the number of digits to - four or fewer using powers of 2 for sizes (K=1024, - M=1048576, etc.). - - -l Display additional details including permissions and - ownership information. - - -n Produce a long listing with user and group information - presented numerically. - - -r Reverse the sort order of the listing. - - -S Sort the listing by file size. - - -t Sort the listing by last modification time. - - lumask umask - Set local umask to umask. - - mkdir path - Create remote directory specified by path. - - progress - Toggle display of progress meter. - - put [-afPpr] local-path [remote-path] - Upload local-path and store it on the remote machine. If the - remote path name is not specified, it is given the same name it - has on the local machine. local-path may contain glob(3) - characters and may match multiple files. If it does and - remote-path is specified, then remote-path must specify a - directory. - - If the -a flag is specified, then attempt to resume partial - transfers of existing files. Note that resumption assumes that - any partial copy of the remote file matches the local copy. If - the local file contents differ from the remote local copy then - the resultant file is likely to be corrupt. - - If the -f flag is specified, then a request will be sent to the - server to call fsync(2) after the file has been transferred. - Note that this is only supported by servers that implement the - "fsync@openssh.com" extension. - - If either the -P or -p flag is specified, then full file - permissions and access times are copied too. - - If the -r flag is specified then directories will be copied - recursively. Note that sftp does not follow symbolic links when - performing recursive transfers. - - pwd Display remote working directory. - - quit Quit sftp. - - reget [-Ppr] remote-path [local-path] - Resume download of remote-path. Equivalent to get with the -a - flag set. - - reput [-Ppr] [local-path] remote-path - Resume upload of [local-path]. Equivalent to put with the -a - flag set. - - rename oldpath newpath - Rename remote file from oldpath to newpath. - - rm path - Delete remote file specified by path. - - rmdir path - Remove remote directory specified by path. - - symlink oldpath newpath - Create a symbolic link from oldpath to newpath. - - version - Display the sftp protocol version. - - !command - Execute command in local shell. - - ! Escape to local shell. - - ? Synonym for help. - -SEE ALSO - ftp(1), ls(1), scp(1), ssh(1), ssh-add(1), ssh-keygen(1), glob(3), - ssh_config(5), sftp-server(8), sshd(8) - - T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- - filexfer-00.txt, January 2001, work in progress material. - -OpenBSD 5.8 January 30, 2015 OpenBSD 5.8 diff --git a/crypto/openssh/ssh-add.0 b/crypto/openssh/ssh-add.0 deleted file mode 100644 index 29db710abcc..00000000000 --- a/crypto/openssh/ssh-add.0 +++ /dev/null @@ -1,129 +0,0 @@ -SSH-ADD(1) General Commands Manual SSH-ADD(1) - -NAME - ssh-add M-bM-^@M-^S adds private key identities to the authentication agent - -SYNOPSIS - ssh-add [-cDdkLlXx] [-E fingerprint_hash] [-t life] [file ...] - ssh-add -s pkcs11 - ssh-add -e pkcs11 - -DESCRIPTION - ssh-add adds private key identities to the authentication agent, - ssh-agent(1). When run without arguments, it adds the files - ~/.ssh/id_rsa, ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 and - ~/.ssh/identity. After loading a private key, ssh-add will try to load - corresponding certificate information from the filename obtained by - appending -cert.pub to the name of the private key file. Alternative - file names can be given on the command line. - - If any file requires a passphrase, ssh-add asks for the passphrase from - the user. The passphrase is read from the user's tty. ssh-add retries - the last passphrase if multiple identity files are given. - - The authentication agent must be running and the SSH_AUTH_SOCK - environment variable must contain the name of its socket for ssh-add to - work. - - The options are as follows: - - -c Indicates that added identities should be subject to confirmation - before being used for authentication. Confirmation is performed - by ssh-askpass(1). Successful confirmation is signaled by a zero - exit status from ssh-askpass(1), rather than text entered into - the requester. - - -D Deletes all identities from the agent. - - -d Instead of adding identities, removes identities from the agent. - If ssh-add has been run without arguments, the keys for the - default identities and their corresponding certificates will be - removed. Otherwise, the argument list will be interpreted as a - list of paths to public key files to specify keys and - certificates to be removed from the agent. If no public key is - found at a given path, ssh-add will append .pub and retry. - - -E fingerprint_hash - Specifies the hash algorithm used when displaying key - fingerprints. Valid options are: M-bM-^@M-^\md5M-bM-^@M-^] and M-bM-^@M-^\sha256M-bM-^@M-^]. The - default is M-bM-^@M-^\sha256M-bM-^@M-^]. - - -e pkcs11 - Remove keys provided by the PKCS#11 shared library pkcs11. - - -k When loading keys into or deleting keys from the agent, process - plain private keys only and skip certificates. - - -L Lists public key parameters of all identities currently - represented by the agent. - - -l Lists fingerprints of all identities currently represented by the - agent. - - -s pkcs11 - Add keys provided by the PKCS#11 shared library pkcs11. - - -t life - Set a maximum lifetime when adding identities to an agent. The - lifetime may be specified in seconds or in a time format - specified in sshd_config(5). - - -X Unlock the agent. - - -x Lock the agent with a password. - -ENVIRONMENT - DISPLAY and SSH_ASKPASS - If ssh-add needs a passphrase, it will read the passphrase from - the current terminal if it was run from a terminal. If ssh-add - does not have a terminal associated with it but DISPLAY and - SSH_ASKPASS are set, it will execute the program specified by - SSH_ASKPASS (by default M-bM-^@M-^\ssh-askpassM-bM-^@M-^]) and open an X11 window to - read the passphrase. This is particularly useful when calling - ssh-add from a .xsession or related script. (Note that on some - machines it may be necessary to redirect the input from /dev/null - to make this work.) - - SSH_AUTH_SOCK - Identifies the path of a UNIX-domain socket used to communicate - with the agent. - -FILES - ~/.ssh/identity - Contains the protocol version 1 RSA authentication identity of - the user. - - ~/.ssh/id_dsa - Contains the protocol version 2 DSA authentication identity of - the user. - - ~/.ssh/id_ecdsa - Contains the protocol version 2 ECDSA authentication identity of - the user. - - ~/.ssh/id_ed25519 - Contains the protocol version 2 Ed25519 authentication identity - of the user. - - ~/.ssh/id_rsa - Contains the protocol version 2 RSA authentication identity of - the user. - - Identity files should not be readable by anyone but the user. Note that - ssh-add ignores identity files if they are accessible by others. - -EXIT STATUS - Exit status is 0 on success, 1 if the specified command fails, and 2 if - ssh-add is unable to contact the authentication agent. - -SEE ALSO - ssh(1), ssh-agent(1), ssh-askpass(1), ssh-keygen(1), sshd(8) - -AUTHORS - OpenSSH is a derivative of the original and free ssh 1.2.12 release by - Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo - de Raadt and Dug Song removed many bugs, re-added newer features and - created OpenSSH. Markus Friedl contributed the support for SSH protocol - versions 1.5 and 2.0. - -OpenBSD 5.8 March 30, 2015 OpenBSD 5.8 diff --git a/crypto/openssh/ssh-agent.0 b/crypto/openssh/ssh-agent.0 deleted file mode 100644 index 65bf6e70fd8..00000000000 --- a/crypto/openssh/ssh-agent.0 +++ /dev/null @@ -1,112 +0,0 @@ -SSH-AGENT(1) General Commands Manual SSH-AGENT(1) - -NAME - ssh-agent M-bM-^@M-^S authentication agent - -SYNOPSIS - ssh-agent [-c | -s] [-Dd] [-a bind_address] [-E fingerprint_hash] - [-t life] [command [arg ...]] - ssh-agent [-c | -s] -k - -DESCRIPTION - ssh-agent is a program to hold private keys used for public key - authentication (RSA, DSA, ECDSA, Ed25519). ssh-agent is usually started - in the beginning of an X-session or a login session, and all other - windows or programs are started as clients to the ssh-agent program. - Through use of environment variables the agent can be located and - automatically used for authentication when logging in to other machines - using ssh(1). - - The agent initially does not have any private keys. Keys are added using - ssh-add(1). Multiple identities may be stored in ssh-agent concurrently - and ssh(1) will automatically use them if present. ssh-add(1) is also - used to remove keys from ssh-agent and to query the keys that are held in - one. - - The options are as follows: - - -a bind_address - Bind the agent to the UNIX-domain socket bind_address. The - default is $TMPDIR/ssh-XXXXXXXXXX/agent.. - - -c Generate C-shell commands on stdout. This is the default if - SHELL looks like it's a csh style of shell. - - -D Foreground mode. When this option is specified ssh-agent will - not fork. - - -d Debug mode. When this option is specified ssh-agent will not - fork and will write debug information to standard error. - - -E fingerprint_hash - Specifies the hash algorithm used when displaying key - fingerprints. Valid options are: M-bM-^@M-^\md5M-bM-^@M-^] and M-bM-^@M-^\sha256M-bM-^@M-^]. The - default is M-bM-^@M-^\sha256M-bM-^@M-^]. - - -k Kill the current agent (given by the SSH_AGENT_PID environment - variable). - - -s Generate Bourne shell commands on stdout. This is the default if - SHELL does not look like it's a csh style of shell. - - -t life - Set a default value for the maximum lifetime of identities added - to the agent. The lifetime may be specified in seconds or in a - time format specified in sshd_config(5). A lifetime specified - for an identity with ssh-add(1) overrides this value. Without - this option the default maximum lifetime is forever. - - If a commandline is given, this is executed as a subprocess of the agent. - When the command dies, so does the agent. - - The idea is that the agent is run in the user's local PC, laptop, or - terminal. Authentication data need not be stored on any other machine, - and authentication passphrases never go over the network. However, the - connection to the agent is forwarded over SSH remote logins, and the user - can thus use the privileges given by the identities anywhere in the - network in a secure way. - - There are two main ways to get an agent set up: The first is that the - agent starts a new subcommand into which some environment variables are - exported, eg ssh-agent xterm &. The second is that the agent prints the - needed shell commands (either sh(1) or csh(1) syntax can be generated) - which can be evaluated in the calling shell, eg eval `ssh-agent -s` for - Bourne-type shells such as sh(1) or ksh(1) and eval `ssh-agent -c` for - csh(1) and derivatives. - - Later ssh(1) looks at these variables and uses them to establish a - connection to the agent. - - The agent will never send a private key over its request channel. - Instead, operations that require a private key will be performed by the - agent, and the result will be returned to the requester. This way, - private keys are not exposed to clients using the agent. - - A UNIX-domain socket is created and the name of this socket is stored in - the SSH_AUTH_SOCK environment variable. The socket is made accessible - only to the current user. This method is easily abused by root or - another instance of the same user. - - The SSH_AGENT_PID environment variable holds the agent's process ID. - - The agent exits automatically when the command given on the command line - terminates. - -FILES - $TMPDIR/ssh-XXXXXXXXXX/agent. - UNIX-domain sockets used to contain the connection to the - authentication agent. These sockets should only be readable by - the owner. The sockets should get automatically removed when the - agent exits. - -SEE ALSO - ssh(1), ssh-add(1), ssh-keygen(1), sshd(8) - -AUTHORS - OpenSSH is a derivative of the original and free ssh 1.2.12 release by - Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo - de Raadt and Dug Song removed many bugs, re-added newer features and - created OpenSSH. Markus Friedl contributed the support for SSH protocol - versions 1.5 and 2.0. - -OpenBSD 5.8 April 24, 2015 OpenBSD 5.8 diff --git a/crypto/openssh/ssh-keygen.0 b/crypto/openssh/ssh-keygen.0 deleted file mode 100644 index a471a40559e..00000000000 --- a/crypto/openssh/ssh-keygen.0 +++ /dev/null @@ -1,566 +0,0 @@ -SSH-KEYGEN(1) General Commands Manual SSH-KEYGEN(1) - -NAME - ssh-keygen M-bM-^@M-^S authentication key generation, management and conversion - -SYNOPSIS - ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1] - [-N new_passphrase] [-C comment] [-f output_keyfile] - ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile] - ssh-keygen -i [-m key_format] [-f input_keyfile] - ssh-keygen -e [-m key_format] [-f input_keyfile] - ssh-keygen -y [-f input_keyfile] - ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile] - ssh-keygen -l [-v] [-E fingerprint_hash] [-f input_keyfile] - ssh-keygen -B [-f input_keyfile] - ssh-keygen -D pkcs11 - ssh-keygen -F hostname [-f known_hosts_file] [-l] - ssh-keygen -H [-f known_hosts_file] - ssh-keygen -R hostname [-f known_hosts_file] - ssh-keygen -r hostname [-f input_keyfile] [-g] - ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point] - ssh-keygen -T output_file -f input_file [-v] [-a rounds] [-J num_lines] - [-j start_line] [-K checkpt] [-W generator] - ssh-keygen -s ca_key -I certificate_identity [-h] [-n principals] - [-O option] [-V validity_interval] [-z serial_number] file ... - ssh-keygen -L [-f input_keyfile] - ssh-keygen -A - ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number] - file ... - ssh-keygen -Q -f krl_file file ... - -DESCRIPTION - ssh-keygen generates, manages and converts authentication keys for - ssh(1). ssh-keygen can create RSA keys for use by SSH protocol version 1 - and DSA, ECDSA, Ed25519 or RSA keys for use by SSH protocol version 2. - The type of key to be generated is specified with the -t option. If - invoked without any arguments, ssh-keygen will generate an RSA key for - use in SSH protocol 2 connections. - - ssh-keygen is also used to generate groups for use in Diffie-Hellman - group exchange (DH-GEX). See the MODULI GENERATION section for details. - - Finally, ssh-keygen can be used to generate and update Key Revocation - Lists, and to test whether given keys have been revoked by one. See the - KEY REVOCATION LISTS section for details. - - Normally each user wishing to use SSH with public key authentication runs - this once to create the authentication key in ~/.ssh/identity, - ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 or ~/.ssh/id_rsa. - Additionally, the system administrator may use this to generate host - keys, as seen in /etc/rc. - - Normally this program generates the key and asks for a file in which to - store the private key. The public key is stored in a file with the same - name but M-bM-^@M-^\.pubM-bM-^@M-^] appended. The program also asks for a passphrase. The - passphrase may be empty to indicate no passphrase (host keys must have an - empty passphrase), or it may be a string of arbitrary length. A - passphrase is similar to a password, except it can be a phrase with a - series of words, punctuation, numbers, whitespace, or any string of - characters you want. Good passphrases are 10-30 characters long, are not - simple sentences or otherwise easily guessable (English prose has only - 1-2 bits of entropy per character, and provides very bad passphrases), - and contain a mix of upper and lowercase letters, numbers, and non- - alphanumeric characters. The passphrase can be changed later by using - the -p option. - - There is no way to recover a lost passphrase. If the passphrase is lost - or forgotten, a new key must be generated and the corresponding public - key copied to other machines. - - For RSA1 keys, there is also a comment field in the key file that is only - for convenience to the user to help identify the key. The comment can - tell what the key is for, or whatever is useful. The comment is - initialized to M-bM-^@M-^\user@hostM-bM-^@M-^] when the key is created, but can be changed - using the -c option. - - After a key is generated, instructions below detail where the keys should - be placed to be activated. - - The options are as follows: - - -A For each of the key types (rsa1, rsa, dsa, ecdsa and ed25519) for - which host keys do not exist, generate the host keys with the - default key file path, an empty passphrase, default bits for the - key type, and default comment. This is used by /etc/rc to - generate new host keys. - - -a rounds - When saving a new-format private key (i.e. an ed25519 key or any - SSH protocol 2 key when the -o flag is set), this option - specifies the number of KDF (key derivation function) rounds - used. Higher numbers result in slower passphrase verification - and increased resistance to brute-force password cracking (should - the keys be stolen). - - When screening DH-GEX candidates ( using the -T command). This - option specifies the number of primality tests to perform. - - -B Show the bubblebabble digest of specified private or public key - file. - - -b bits - Specifies the number of bits in the key to create. For RSA keys, - the minimum size is 1024 bits and the default is 2048 bits. - Generally, 2048 bits is considered sufficient. DSA keys must be - exactly 1024 bits as specified by FIPS 186-2. For ECDSA keys, - the -b flag determines the key length by selecting from one of - three elliptic curve sizes: 256, 384 or 521 bits. Attempting to - use bit lengths other than these three values for ECDSA keys will - fail. Ed25519 keys have a fixed length and the -b flag will be - ignored. - - -C comment - Provides a new comment. - - -c Requests changing the comment in the private and public key - files. This operation is only supported for RSA1 keys. The - program will prompt for the file containing the private keys, for - the passphrase if the key has one, and for the new comment. - - -D pkcs11 - Download the RSA public keys provided by the PKCS#11 shared - library pkcs11. When used in combination with -s, this option - indicates that a CA key resides in a PKCS#11 token (see the - CERTIFICATES section for details). - - -E fingerprint_hash - Specifies the hash algorithm used when displaying key - fingerprints. Valid options are: M-bM-^@M-^\md5M-bM-^@M-^] and M-bM-^@M-^\sha256M-bM-^@M-^]. The - default is M-bM-^@M-^\sha256M-bM-^@M-^]. - - -e This option will read a private or public OpenSSH key file and - print to stdout the key in one of the formats specified by the -m - option. The default export format is M-bM-^@M-^\RFC4716M-bM-^@M-^]. This option - allows exporting OpenSSH keys for use by other programs, - including several commercial SSH implementations. - - -F hostname - Search for the specified hostname in a known_hosts file, listing - any occurrences found. This option is useful to find hashed host - names or addresses and may also be used in conjunction with the - -H option to print found keys in a hashed format. - - -f filename - Specifies the filename of the key file. - - -G output_file - Generate candidate primes for DH-GEX. These primes must be - screened for safety (using the -T option) before use. - - -g Use generic DNS format when printing fingerprint resource records - using the -r command. - - -H Hash a known_hosts file. This replaces all hostnames and - addresses with hashed representations within the specified file; - the original content is moved to a file with a .old suffix. - These hashes may be used normally by ssh and sshd, but they do - not reveal identifying information should the file's contents be - disclosed. This option will not modify existing hashed hostnames - and is therefore safe to use on files that mix hashed and non- - hashed names. - - -h When signing a key, create a host certificate instead of a user - certificate. Please see the CERTIFICATES section for details. - - -I certificate_identity - Specify the key identity when signing a public key. Please see - the CERTIFICATES section for details. - - -i This option will read an unencrypted private (or public) key file - in the format specified by the -m option and print an OpenSSH - compatible private (or public) key to stdout. This option allows - importing keys from other software, including several commercial - SSH implementations. The default import format is M-bM-^@M-^\RFC4716M-bM-^@M-^]. - - -J num_lines - Exit after screening the specified number of lines while - performing DH candidate screening using the -T option. - - -j start_line - Start screening at the specified line number while performing DH - candidate screening using the -T option. - - -K checkpt - Write the last line processed to the file checkpt while - performing DH candidate screening using the -T option. This will - be used to skip lines in the input file that have already been - processed if the job is restarted. - - -k Generate a KRL file. In this mode, ssh-keygen will generate a - KRL file at the location specified via the -f flag that revokes - every key or certificate presented on the command line. - Keys/certificates to be revoked may be specified by public key - file or using the format described in the KEY REVOCATION LISTS - section. - - -L Prints the contents of a certificate. - - -l Show fingerprint of specified public key file. Private RSA1 keys - are also supported. For RSA and DSA keys ssh-keygen tries to - find the matching public key file and prints its fingerprint. If - combined with -v, an ASCII art representation of the key is - supplied with the fingerprint. - - -M memory - Specify the amount of memory to use (in megabytes) when - generating candidate moduli for DH-GEX. - - -m key_format - Specify a key format for the -i (import) or -e (export) - conversion options. The supported key formats are: M-bM-^@M-^\RFC4716M-bM-^@M-^] - (RFC 4716/SSH2 public or private key), M-bM-^@M-^\PKCS8M-bM-^@M-^] (PEM PKCS8 public - key) or M-bM-^@M-^\PEMM-bM-^@M-^] (PEM public key). The default conversion format is - M-bM-^@M-^\RFC4716M-bM-^@M-^]. - - -N new_passphrase - Provides the new passphrase. - - -n principals - Specify one or more principals (user or host names) to be - included in a certificate when signing a key. Multiple - principals may be specified, separated by commas. Please see the - CERTIFICATES section for details. - - -O option - Specify a certificate option when signing a key. This option may - be specified multiple times. Please see the CERTIFICATES section - for details. The options that are valid for user certificates - are: - - clear Clear all enabled permissions. This is useful for - clearing the default set of permissions so permissions - may be added individually. - - force-command=command - Forces the execution of command instead of any shell or - command specified by the user when the certificate is - used for authentication. - - no-agent-forwarding - Disable ssh-agent(1) forwarding (permitted by default). - - no-port-forwarding - Disable port forwarding (permitted by default). - - no-pty Disable PTY allocation (permitted by default). - - no-user-rc - Disable execution of ~/.ssh/rc by sshd(8) (permitted by - default). - - no-x11-forwarding - Disable X11 forwarding (permitted by default). - - permit-agent-forwarding - Allows ssh-agent(1) forwarding. - - permit-port-forwarding - Allows port forwarding. - - permit-pty - Allows PTY allocation. - - permit-user-rc - Allows execution of ~/.ssh/rc by sshd(8). - - permit-x11-forwarding - Allows X11 forwarding. - - source-address=address_list - Restrict the source addresses from which the certificate - is considered valid. The address_list is a comma- - separated list of one or more address/netmask pairs in - CIDR format. - - At present, no options are valid for host keys. - - -o Causes ssh-keygen to save SSH protocol 2 private keys using the - new OpenSSH format rather than the more compatible PEM format. - The new format has increased resistance to brute-force password - cracking but is not supported by versions of OpenSSH prior to - 6.5. Ed25519 keys always use the new private key format. - - -P passphrase - Provides the (old) passphrase. - - -p Requests changing the passphrase of a private key file instead of - creating a new private key. The program will prompt for the file - containing the private key, for the old passphrase, and twice for - the new passphrase. - - -Q Test whether keys have been revoked in a KRL. - - -q Silence ssh-keygen. - - -R hostname - Removes all keys belonging to hostname from a known_hosts file. - This option is useful to delete hashed hosts (see the -H option - above). - - -r hostname - Print the SSHFP fingerprint resource record named hostname for - the specified public key file. - - -S start - Specify start point (in hex) when generating candidate moduli for - DH-GEX. - - -s ca_key - Certify (sign) a public key using the specified CA key. Please - see the CERTIFICATES section for details. - - When generating a KRL, -s specifies a path to a CA public key - file used to revoke certificates directly by key ID or serial - number. See the KEY REVOCATION LISTS section for details. - - -T output_file - Test DH group exchange candidate primes (generated using the -G - option) for safety. - - -t dsa | ecdsa | ed25519 | rsa | rsa1 - Specifies the type of key to create. The possible values are - M-bM-^@M-^\rsa1M-bM-^@M-^] for protocol version 1 and M-bM-^@M-^\dsaM-bM-^@M-^], M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ed25519M-bM-^@M-^], or - M-bM-^@M-^\rsaM-bM-^@M-^] for protocol version 2. - - -u Update a KRL. When specified with -k, keys listed via the - command line are added to the existing KRL rather than a new KRL - being created. - - -V validity_interval - Specify a validity interval when signing a certificate. A - validity interval may consist of a single time, indicating that - the certificate is valid beginning now and expiring at that time, - or may consist of two times separated by a colon to indicate an - explicit time interval. The start time may be specified as a - date in YYYYMMDD format, a time in YYYYMMDDHHMMSS format or a - relative time (to the current time) consisting of a minus sign - followed by a relative time in the format described in the TIME - FORMATS section of sshd_config(5). The end time may be specified - as a YYYYMMDD date, a YYYYMMDDHHMMSS time or a relative time - starting with a plus character. - - For example: M-bM-^@M-^\+52w1dM-bM-^@M-^] (valid from now to 52 weeks and one day - from now), M-bM-^@M-^\-4w:+4wM-bM-^@M-^] (valid from four weeks ago to four weeks - from now), M-bM-^@M-^\20100101123000:20110101123000M-bM-^@M-^] (valid from 12:30 PM, - January 1st, 2010 to 12:30 PM, January 1st, 2011), M-bM-^@M-^\-1d:20110101M-bM-^@M-^] - (valid from yesterday to midnight, January 1st, 2011). - - -v Verbose mode. Causes ssh-keygen to print debugging messages - about its progress. This is helpful for debugging moduli - generation. Multiple -v options increase the verbosity. The - maximum is 3. - - -W generator - Specify desired generator when testing candidate moduli for DH- - GEX. - - -y This option will read a private OpenSSH format file and print an - OpenSSH public key to stdout. - - -z serial_number - Specifies a serial number to be embedded in the certificate to - distinguish this certificate from others from the same CA. The - default serial number is zero. - - When generating a KRL, the -z flag is used to specify a KRL - version number. - -MODULI GENERATION - ssh-keygen may be used to generate groups for the Diffie-Hellman Group - Exchange (DH-GEX) protocol. Generating these groups is a two-step - process: first, candidate primes are generated using a fast, but memory - intensive process. These candidate primes are then tested for - suitability (a CPU-intensive process). - - Generation of primes is performed using the -G option. The desired - length of the primes may be specified by the -b option. For example: - - # ssh-keygen -G moduli-2048.candidates -b 2048 - - By default, the search for primes begins at a random point in the desired - length range. This may be overridden using the -S option, which - specifies a different start point (in hex). - - Once a set of candidates have been generated, they must be screened for - suitability. This may be performed using the -T option. In this mode - ssh-keygen will read candidates from standard input (or a file specified - using the -f option). For example: - - # ssh-keygen -T moduli-2048 -f moduli-2048.candidates - - By default, each candidate will be subjected to 100 primality tests. - This may be overridden using the -a option. The DH generator value will - be chosen automatically for the prime under consideration. If a specific - generator is desired, it may be requested using the -W option. Valid - generator values are 2, 3, and 5. - - Screened DH groups may be installed in /etc/moduli. It is important that - this file contains moduli of a range of bit lengths and that both ends of - a connection share common moduli. - -CERTIFICATES - ssh-keygen supports signing of keys to produce certificates that may be - used for user or host authentication. Certificates consist of a public - key, some identity information, zero or more principal (user or host) - names and a set of options that are signed by a Certification Authority - (CA) key. Clients or servers may then trust only the CA key and verify - its signature on a certificate rather than trusting many user/host keys. - Note that OpenSSH certificates are a different, and much simpler, format - to the X.509 certificates used in ssl(8). - - ssh-keygen supports two types of certificates: user and host. User - certificates authenticate users to servers, whereas host certificates - authenticate server hosts to users. To generate a user certificate: - - $ ssh-keygen -s /path/to/ca_key -I key_id /path/to/user_key.pub - - The resultant certificate will be placed in /path/to/user_key-cert.pub. - A host certificate requires the -h option: - - $ ssh-keygen -s /path/to/ca_key -I key_id -h /path/to/host_key.pub - - The host certificate will be output to /path/to/host_key-cert.pub. - - It is possible to sign using a CA key stored in a PKCS#11 token by - providing the token library using -D and identifying the CA key by - providing its public half as an argument to -s: - - $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I key_id host_key.pub - - In all cases, key_id is a "key identifier" that is logged by the server - when the certificate is used for authentication. - - Certificates may be limited to be valid for a set of principal - (user/host) names. By default, generated certificates are valid for all - users or hosts. To generate a certificate for a specified set of - principals: - - $ ssh-keygen -s ca_key -I key_id -n user1,user2 user_key.pub - $ ssh-keygen -s ca_key -I key_id -h -n host.domain user_key.pub - - Additional limitations on the validity and use of user certificates may - be specified through certificate options. A certificate option may - disable features of the SSH session, may be valid only when presented - from particular source addresses or may force the use of a specific - command. For a list of valid certificate options, see the documentation - for the -O option above. - - Finally, certificates may be defined with a validity lifetime. The -V - option allows specification of certificate start and end times. A - certificate that is presented at a time outside this range will not be - considered valid. By default, certificates are valid from UNIX Epoch to - the distant future. - - For certificates to be used for user or host authentication, the CA - public key must be trusted by sshd(8) or ssh(1). Please refer to those - manual pages for details. - -KEY REVOCATION LISTS - ssh-keygen is able to manage OpenSSH format Key Revocation Lists (KRLs). - These binary files specify keys or certificates to be revoked using a - compact format, taking as little as one bit per certificate if they are - being revoked by serial number. - - KRLs may be generated using the -k flag. This option reads one or more - files from the command line and generates a new KRL. The files may - either contain a KRL specification (see below) or public keys, listed one - per line. Plain public keys are revoked by listing their hash or - contents in the KRL and certificates revoked by serial number or key ID - (if the serial is zero or not available). - - Revoking keys using a KRL specification offers explicit control over the - types of record used to revoke keys and may be used to directly revoke - certificates by serial number or key ID without having the complete - original certificate on hand. A KRL specification consists of lines - containing one of the following directives followed by a colon and some - directive-specific information. - - serial: serial_number[-serial_number] - Revokes a certificate with the specified serial number. Serial - numbers are 64-bit values, not including zero and may be - expressed in decimal, hex or octal. If two serial numbers are - specified separated by a hyphen, then the range of serial numbers - including and between each is revoked. The CA key must have been - specified on the ssh-keygen command line using the -s option. - - id: key_id - Revokes a certificate with the specified key ID string. The CA - key must have been specified on the ssh-keygen command line using - the -s option. - - key: public_key - Revokes the specified key. If a certificate is listed, then it - is revoked as a plain public key. - - sha1: public_key - Revokes the specified key by its SHA1 hash. - - KRLs may be updated using the -u flag in addition to -k. When this - option is specified, keys listed via the command line are merged into the - KRL, adding to those already there. - - It is also possible, given a KRL, to test whether it revokes a particular - key (or keys). The -Q flag will query an existing KRL, testing each key - specified on the commandline. If any key listed on the command line has - been revoked (or an error encountered) then ssh-keygen will exit with a - non-zero exit status. A zero exit status will only be returned if no key - was revoked. - -FILES - ~/.ssh/identity - Contains the protocol version 1 RSA authentication identity of - the user. This file should not be readable by anyone but the - user. It is possible to specify a passphrase when generating the - key; that passphrase will be used to encrypt the private part of - this file using 3DES. This file is not automatically accessed by - ssh-keygen but it is offered as the default file for the private - key. ssh(1) will read this file when a login attempt is made. - - ~/.ssh/identity.pub - Contains the protocol version 1 RSA public key for - authentication. The contents of this file should be added to - ~/.ssh/authorized_keys on all machines where the user wishes to - log in using RSA authentication. There is no need to keep the - contents of this file secret. - - ~/.ssh/id_dsa - ~/.ssh/id_ecdsa - ~/.ssh/id_ed25519 - ~/.ssh/id_rsa - Contains the protocol version 2 DSA, ECDSA, Ed25519 or RSA - authentication identity of the user. This file should not be - readable by anyone but the user. It is possible to specify a - passphrase when generating the key; that passphrase will be used - to encrypt the private part of this file using 128-bit AES. This - file is not automatically accessed by ssh-keygen but it is - offered as the default file for the private key. ssh(1) will - read this file when a login attempt is made. - - ~/.ssh/id_dsa.pub - ~/.ssh/id_ecdsa.pub - ~/.ssh/id_ed25519.pub - ~/.ssh/id_rsa.pub - Contains the protocol version 2 DSA, ECDSA, Ed25519 or RSA public - key for authentication. The contents of this file should be - added to ~/.ssh/authorized_keys on all machines where the user - wishes to log in using public key authentication. There is no - need to keep the contents of this file secret. - - /etc/moduli - Contains Diffie-Hellman groups used for DH-GEX. The file format - is described in moduli(5). - -SEE ALSO - ssh(1), ssh-add(1), ssh-agent(1), moduli(5), sshd(8) - - The Secure Shell (SSH) Public Key File Format, RFC 4716, 2006. - -AUTHORS - OpenSSH is a derivative of the original and free ssh 1.2.12 release by - Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo - de Raadt and Dug Song removed many bugs, re-added newer features and - created OpenSSH. Markus Friedl contributed the support for SSH protocol - versions 1.5 and 2.0. - -OpenBSD 5.8 July 3, 2015 OpenBSD 5.8 diff --git a/crypto/openssh/ssh-keyscan.0 b/crypto/openssh/ssh-keyscan.0 deleted file mode 100644 index 500c1dd3079..00000000000 --- a/crypto/openssh/ssh-keyscan.0 +++ /dev/null @@ -1,109 +0,0 @@ -SSH-KEYSCAN(1) General Commands Manual SSH-KEYSCAN(1) - -NAME - ssh-keyscan M-bM-^@M-^S gather ssh public keys - -SYNOPSIS - ssh-keyscan [-46Hv] [-f file] [-p port] [-T timeout] [-t type] - [host | addrlist namelist] ... - -DESCRIPTION - ssh-keyscan is a utility for gathering the public ssh host keys of a - number of hosts. It was designed to aid in building and verifying - ssh_known_hosts files. ssh-keyscan provides a minimal interface suitable - for use by shell and perl scripts. - - ssh-keyscan uses non-blocking socket I/O to contact as many hosts as - possible in parallel, so it is very efficient. The keys from a domain of - 1,000 hosts can be collected in tens of seconds, even when some of those - hosts are down or do not run ssh. For scanning, one does not need login - access to the machines that are being scanned, nor does the scanning - process involve any encryption. - - The options are as follows: - - -4 Forces ssh-keyscan to use IPv4 addresses only. - - -6 Forces ssh-keyscan to use IPv6 addresses only. - - -f file - Read hosts or M-bM-^@M-^\addrlist namelistM-bM-^@M-^] pairs from file, one per line. - If - is supplied instead of a filename, ssh-keyscan will read - hosts or M-bM-^@M-^\addrlist namelistM-bM-^@M-^] pairs from the standard input. - - -H Hash all hostnames and addresses in the output. Hashed names may - be used normally by ssh and sshd, but they do not reveal - identifying information should the file's contents be disclosed. - - -p port - Port to connect to on the remote host. - - -T timeout - Set the timeout for connection attempts. If timeout seconds have - elapsed since a connection was initiated to a host or since the - last time anything was read from that host, then the connection - is closed and the host in question considered unavailable. - Default is 5 seconds. - - -t type - Specifies the type of the key to fetch from the scanned hosts. - The possible values are M-bM-^@M-^\rsa1M-bM-^@M-^] for protocol version 1 and M-bM-^@M-^\dsaM-bM-^@M-^], - M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ed25519M-bM-^@M-^], or M-bM-^@M-^\rsaM-bM-^@M-^] for protocol version 2. Multiple - values may be specified by separating them with commas. The - default is to fetch M-bM-^@M-^\rsaM-bM-^@M-^], M-bM-^@M-^\ecdsaM-bM-^@M-^], and M-bM-^@M-^\ed25519M-bM-^@M-^] keys. - - -v Verbose mode. Causes ssh-keyscan to print debugging messages - about its progress. - -SECURITY - If an ssh_known_hosts file is constructed using ssh-keyscan without - verifying the keys, users will be vulnerable to man in the middle - attacks. On the other hand, if the security model allows such a risk, - ssh-keyscan can help in the detection of tampered keyfiles or man in the - middle attacks which have begun after the ssh_known_hosts file was - created. - -FILES - Input format: - - 1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4 - - Output format for RSA1 keys: - - host-or-namelist bits exponent modulus - - Output format for RSA, DSA, ECDSA, and Ed25519 keys: - - host-or-namelist keytype base64-encoded-key - - Where keytype is either M-bM-^@M-^\ecdsa-sha2-nistp256M-bM-^@M-^], M-bM-^@M-^\ecdsa-sha2-nistp384M-bM-^@M-^], - M-bM-^@M-^\ecdsa-sha2-nistp521M-bM-^@M-^], M-bM-^@M-^\ssh-ed25519M-bM-^@M-^], M-bM-^@M-^\ssh-dssM-bM-^@M-^] or M-bM-^@M-^\ssh-rsaM-bM-^@M-^]. - - /etc/ssh/ssh_known_hosts - -EXAMPLES - Print the rsa host key for machine hostname: - - $ ssh-keyscan hostname - - Find all hosts from the file ssh_hosts which have new or different keys - from those in the sorted file ssh_known_hosts: - - $ ssh-keyscan -t rsa,dsa,ecdsa,ed25519 -f ssh_hosts | \ - sort -u - ssh_known_hosts | diff ssh_known_hosts - - -SEE ALSO - ssh(1), sshd(8) - -AUTHORS - David Mazieres wrote the initial version, and Wayne - Davison added support for protocol version - 2. - -BUGS - It generates "Connection closed by remote host" messages on the consoles - of all the machines it scans if the server is older than version 2.9. - This is because it opens a connection to the ssh port, reads the public - key, and drops the connection as soon as it gets the key. - -OpenBSD 5.8 August 30, 2014 OpenBSD 5.8 diff --git a/crypto/openssh/ssh-keysign.0 b/crypto/openssh/ssh-keysign.0 deleted file mode 100644 index 7db72c714ad..00000000000 --- a/crypto/openssh/ssh-keysign.0 +++ /dev/null @@ -1,53 +0,0 @@ -SSH-KEYSIGN(8) System Manager's Manual SSH-KEYSIGN(8) - -NAME - ssh-keysign M-bM-^@M-^S ssh helper program for host-based authentication - -SYNOPSIS - ssh-keysign - -DESCRIPTION - ssh-keysign is used by ssh(1) to access the local host keys and generate - the digital signature required during host-based authentication with SSH - protocol version 2. - - ssh-keysign is disabled by default and can only be enabled in the global - client configuration file /etc/ssh/ssh_config by setting EnableSSHKeysign - to M-bM-^@M-^\yesM-bM-^@M-^]. - - ssh-keysign is not intended to be invoked by the user, but from ssh(1). - See ssh(1) and sshd(8) for more information about host-based - authentication. - -FILES - /etc/ssh/ssh_config - Controls whether ssh-keysign is enabled. - - /etc/ssh/ssh_host_dsa_key - /etc/ssh/ssh_host_ecdsa_key - /etc/ssh/ssh_host_ed25519_key - /etc/ssh/ssh_host_rsa_key - These files contain the private parts of the host keys used to - generate the digital signature. They should be owned by root, - readable only by root, and not accessible to others. Since they - are readable only by root, ssh-keysign must be set-uid root if - host-based authentication is used. - - /etc/ssh/ssh_host_dsa_key-cert.pub - /etc/ssh/ssh_host_ecdsa_key-cert.pub - /etc/ssh/ssh_host_ed25519_key-cert.pub - /etc/ssh/ssh_host_rsa_key-cert.pub - If these files exist they are assumed to contain public - certificate information corresponding with the private keys - above. - -SEE ALSO - ssh(1), ssh-keygen(1), ssh_config(5), sshd(8) - -HISTORY - ssh-keysign first appeared in OpenBSD 3.2. - -AUTHORS - Markus Friedl - -OpenBSD 5.8 December 7, 2013 OpenBSD 5.8 diff --git a/crypto/openssh/ssh-pkcs11-helper.0 b/crypto/openssh/ssh-pkcs11-helper.0 deleted file mode 100644 index 7fac805ffb9..00000000000 --- a/crypto/openssh/ssh-pkcs11-helper.0 +++ /dev/null @@ -1,25 +0,0 @@ -SSH-PKCS11-HELPER(8) System Manager's Manual SSH-PKCS11-HELPER(8) - -NAME - ssh-pkcs11-helper M-bM-^@M-^S ssh-agent helper program for PKCS#11 support - -SYNOPSIS - ssh-pkcs11-helper - -DESCRIPTION - ssh-pkcs11-helper is used by ssh-agent(1) to access keys provided by a - PKCS#11 token. - - ssh-pkcs11-helper is not intended to be invoked by the user, but from - ssh-agent(1). - -SEE ALSO - ssh(1), ssh-add(1), ssh-agent(1) - -HISTORY - ssh-pkcs11-helper first appeared in OpenBSD 4.7. - -AUTHORS - Markus Friedl - -OpenBSD 5.8 July 16, 2013 OpenBSD 5.8 diff --git a/crypto/openssh/ssh.0 b/crypto/openssh/ssh.0 deleted file mode 100644 index ad4817aff0f..00000000000 --- a/crypto/openssh/ssh.0 +++ /dev/null @@ -1,972 +0,0 @@ -SSH(1) General Commands Manual SSH(1) - -NAME - ssh M-bM-^@M-^S OpenSSH SSH client (remote login program) - -SYNOPSIS - ssh [-1246AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec] - [-D [bind_address:]port] [-E log_file] [-e escape_char] - [-F configfile] [-I pkcs11] [-i identity_file] [-L address] - [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port] - [-Q cipher | cipher-auth | mac | kex | key | protocol-version] - [-R address] [-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]] - [user@]hostname [command] - -DESCRIPTION - ssh (SSH client) is a program for logging into a remote machine and for - executing commands on a remote machine. It is intended to replace rlogin - and rsh, and provide secure encrypted communications between two - untrusted hosts over an insecure network. X11 connections, arbitrary TCP - ports and UNIX-domain sockets can also be forwarded over the secure - channel. - - ssh connects and logs into the specified hostname (with optional user - name). The user must prove his/her identity to the remote machine using - one of several methods depending on the protocol version used (see - below). - - If command is specified, it is executed on the remote host instead of a - login shell. - - The options are as follows: - - -1 Forces ssh to try protocol version 1 only. - - -2 Forces ssh to try protocol version 2 only. - - -4 Forces ssh to use IPv4 addresses only. - - -6 Forces ssh to use IPv6 addresses only. - - -A Enables forwarding of the authentication agent connection. This - can also be specified on a per-host basis in a configuration - file. - - Agent forwarding should be enabled with caution. Users with the - ability to bypass file permissions on the remote host (for the - agent's UNIX-domain socket) can access the local agent through - the forwarded connection. An attacker cannot obtain key material - from the agent, however they can perform operations on the keys - that enable them to authenticate using the identities loaded into - the agent. - - -a Disables forwarding of the authentication agent connection. - - -b bind_address - Use bind_address on the local machine as the source address of - the connection. Only useful on systems with more than one - address. - - -C Requests compression of all data (including stdin, stdout, - stderr, and data for forwarded X11, TCP and UNIX-domain - connections). The compression algorithm is the same used by - gzip(1), and the M-bM-^@M-^\levelM-bM-^@M-^] can be controlled by the - CompressionLevel option for protocol version 1. Compression is - desirable on modem lines and other slow connections, but will - only slow down things on fast networks. The default value can be - set on a host-by-host basis in the configuration files; see the - Compression option. - - -c cipher_spec - Selects the cipher specification for encrypting the session. - - Protocol version 1 allows specification of a single cipher. The - supported values are M-bM-^@M-^\3desM-bM-^@M-^], M-bM-^@M-^\blowfishM-bM-^@M-^], and M-bM-^@M-^\desM-bM-^@M-^]. For protocol - version 2, cipher_spec is a comma-separated list of ciphers - listed in order of preference. See the Ciphers keyword in - ssh_config(5) for more information. - - -D [bind_address:]port - Specifies a local M-bM-^@M-^\dynamicM-bM-^@M-^] application-level port forwarding. - This works by allocating a socket to listen to port on the local - side, optionally bound to the specified bind_address. Whenever a - connection is made to this port, the connection is forwarded over - the secure channel, and the application protocol is then used to - determine where to connect to from the remote machine. Currently - the SOCKS4 and SOCKS5 protocols are supported, and ssh will act - as a SOCKS server. Only root can forward privileged ports. - Dynamic port forwardings can also be specified in the - configuration file. - - IPv6 addresses can be specified by enclosing the address in - square brackets. Only the superuser can forward privileged - ports. By default, the local port is bound in accordance with - the GatewayPorts setting. However, an explicit bind_address may - be used to bind the connection to a specific address. The - bind_address of M-bM-^@M-^\localhostM-bM-^@M-^] indicates that the listening port be - bound for local use only, while an empty address or M-bM-^@M-^X*M-bM-^@M-^Y indicates - that the port should be available from all interfaces. - - -E log_file - Append debug logs to log_file instead of standard error. - - -e escape_char - Sets the escape character for sessions with a pty (default: M-bM-^@M-^X~M-bM-^@M-^Y). - The escape character is only recognized at the beginning of a - line. The escape character followed by a dot (M-bM-^@M-^X.M-bM-^@M-^Y) closes the - connection; followed by control-Z suspends the connection; and - followed by itself sends the escape character once. Setting the - character to M-bM-^@M-^\noneM-bM-^@M-^] disables any escapes and makes the session - fully transparent. - - -F configfile - Specifies an alternative per-user configuration file. If a - configuration file is given on the command line, the system-wide - configuration file (/etc/ssh/ssh_config) will be ignored. The - default for the per-user configuration file is ~/.ssh/config. - - -f Requests ssh to go to background just before command execution. - This is useful if ssh is going to ask for passwords or - passphrases, but the user wants it in the background. This - implies -n. The recommended way to start X11 programs at a - remote site is with something like ssh -f host xterm. - - If the ExitOnForwardFailure configuration option is set to M-bM-^@M-^\yesM-bM-^@M-^], - then a client started with -f will wait for all remote port - forwards to be successfully established before placing itself in - the background. - - -G Causes ssh to print its configuration after evaluating Host and - Match blocks and exit. - - -g Allows remote hosts to connect to local forwarded ports. If used - on a multiplexed connection, then this option must be specified - on the master process. - - -I pkcs11 - Specify the PKCS#11 shared library ssh should use to communicate - with a PKCS#11 token providing the user's private RSA key. - - -i identity_file - Selects a file from which the identity (private key) for public - key authentication is read. The default is ~/.ssh/identity for - protocol version 1, and ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, - ~/.ssh/id_ed25519 and ~/.ssh/id_rsa for protocol version 2. - Identity files may also be specified on a per-host basis in the - configuration file. It is possible to have multiple -i options - (and multiple identities specified in configuration files). ssh - will also try to load certificate information from the filename - obtained by appending -cert.pub to identity filenames. - - -K Enables GSSAPI-based authentication and forwarding (delegation) - of GSSAPI credentials to the server. - - -k Disables forwarding (delegation) of GSSAPI credentials to the - server. - - -L [bind_address:]port:host:hostport - -L [bind_address:]port:remote_socket - -L local_socket:host:hostport - -L local_socket:remote_socket - Specifies that connections to the given TCP port or Unix socket - on the local (client) host are to be forwarded to the given host - and port, or Unix socket, on the remote side. This works by - allocating a socket to listen to either a TCP port on the local - side, optionally bound to the specified bind_address, or to a - Unix socket. Whenever a connection is made to the local port or - socket, the connection is forwarded over the secure channel, and - a connection is made to either host port hostport, or the Unix - socket remote_socket, from the remote machine. - - Port forwardings can also be specified in the configuration file. - Only the superuser can forward privileged ports. IPv6 addresses - can be specified by enclosing the address in square brackets. - - By default, the local port is bound in accordance with the - GatewayPorts setting. However, an explicit bind_address may be - used to bind the connection to a specific address. The - bind_address of M-bM-^@M-^\localhostM-bM-^@M-^] indicates that the listening port be - bound for local use only, while an empty address or M-bM-^@M-^X*M-bM-^@M-^Y indicates - that the port should be available from all interfaces. - - -l login_name - Specifies the user to log in as on the remote machine. This also - may be specified on a per-host basis in the configuration file. - - -M Places the ssh client into M-bM-^@M-^\masterM-bM-^@M-^] mode for connection sharing. - Multiple -M options places ssh into M-bM-^@M-^\masterM-bM-^@M-^] mode with - confirmation required before slave connections are accepted. - Refer to the description of ControlMaster in ssh_config(5) for - details. - - -m mac_spec - Additionally, for protocol version 2 a comma-separated list of - MAC (message authentication code) algorithms can be specified in - order of preference. See the MACs keyword for more information. - - -N Do not execute a remote command. This is useful for just - forwarding ports (protocol version 2 only). - - -n Redirects stdin from /dev/null (actually, prevents reading from - stdin). This must be used when ssh is run in the background. A - common trick is to use this to run X11 programs on a remote - machine. For example, ssh -n shadows.cs.hut.fi emacs & will - start an emacs on shadows.cs.hut.fi, and the X11 connection will - be automatically forwarded over an encrypted channel. The ssh - program will be put in the background. (This does not work if - ssh needs to ask for a password or passphrase; see also the -f - option.) - - -O ctl_cmd - Control an active connection multiplexing master process. When - the -O option is specified, the ctl_cmd argument is interpreted - and passed to the master process. Valid commands are: M-bM-^@M-^\checkM-bM-^@M-^] - (check that the master process is running), M-bM-^@M-^\forwardM-bM-^@M-^] (request - forwardings without command execution), M-bM-^@M-^\cancelM-bM-^@M-^] (cancel - forwardings), M-bM-^@M-^\exitM-bM-^@M-^] (request the master to exit), and M-bM-^@M-^\stopM-bM-^@M-^] - (request the master to stop accepting further multiplexing - requests). - - -o option - Can be used to give options in the format used in the - configuration file. This is useful for specifying options for - which there is no separate command-line flag. For full details - of the options listed below, and their possible values, see - ssh_config(5). - - AddressFamily - BatchMode - BindAddress - CanonicalDomains - CanonicalizeFallbackLocal - CanonicalizeHostname - CanonicalizeMaxDots - CanonicalizePermittedCNAMEs - ChallengeResponseAuthentication - CheckHostIP - Cipher - Ciphers - ClearAllForwardings - Compression - CompressionLevel - ConnectionAttempts - ConnectTimeout - ControlMaster - ControlPath - ControlPersist - DynamicForward - EscapeChar - ExitOnForwardFailure - FingerprintHash - ForwardAgent - ForwardX11 - ForwardX11Timeout - ForwardX11Trusted - GatewayPorts - GlobalKnownHostsFile - GSSAPIAuthentication - GSSAPIDelegateCredentials - HashKnownHosts - Host - HostbasedAuthentication - HostbasedKeyTypes - HostKeyAlgorithms - HostKeyAlias - HostName - IdentityFile - IdentitiesOnly - IPQoS - KbdInteractiveAuthentication - KbdInteractiveDevices - KexAlgorithms - LocalCommand - LocalForward - LogLevel - MACs - Match - NoHostAuthenticationForLocalhost - NumberOfPasswordPrompts - PasswordAuthentication - PermitLocalCommand - PKCS11Provider - Port - PreferredAuthentications - Protocol - ProxyCommand - ProxyUseFdpass - PubkeyAcceptedKeyTypes - PubkeyAuthentication - RekeyLimit - RemoteForward - RequestTTY - RhostsRSAAuthentication - RSAAuthentication - SendEnv - ServerAliveInterval - ServerAliveCountMax - StreamLocalBindMask - StreamLocalBindUnlink - StrictHostKeyChecking - TCPKeepAlive - Tunnel - TunnelDevice - UpdateHostKeys - UsePrivilegedPort - User - UserKnownHostsFile - VerifyHostKeyDNS - VisualHostKey - XAuthLocation - - -p port - Port to connect to on the remote host. This can be specified on - a per-host basis in the configuration file. - - -Q cipher | cipher-auth | mac | kex | key | protocol-version - Queries ssh for the algorithms supported for the specified - version 2. The available features are: cipher (supported - symmetric ciphers), cipher-auth (supported symmetric ciphers that - support authenticated encryption), mac (supported message - integrity codes), kex (key exchange algorithms), key (key types) - and protocol-version (supported SSH protocol versions). - - -q Quiet mode. Causes most warning and diagnostic messages to be - suppressed. - - -R [bind_address:]port:host:hostport - -R [bind_address:]port:local_socket - -R remote_socket:host:hostport - -R remote_socket:local_socket - Specifies that connections to the given TCP port or Unix socket - on the remote (server) host are to be forwarded to the given host - and port, or Unix socket, on the local side. This works by - allocating a socket to listen to either a TCP port or to a Unix - socket on the remote side. Whenever a connection is made to this - port or Unix socket, the connection is forwarded over the secure - channel, and a connection is made to either host port hostport, - or local_socket, from the local machine. - - Port forwardings can also be specified in the configuration file. - Privileged ports can be forwarded only when logging in as root on - the remote machine. IPv6 addresses can be specified by enclosing - the address in square brackets. - - By default, TCP listening sockets on the server will be bound to - the loopback interface only. This may be overridden by - specifying a bind_address. An empty bind_address, or the address - M-bM-^@M-^X*M-bM-^@M-^Y, indicates that the remote socket should listen on all - interfaces. Specifying a remote bind_address will only succeed - if the server's GatewayPorts option is enabled (see - sshd_config(5)). - - If the port argument is M-bM-^@M-^X0M-bM-^@M-^Y, the listen port will be dynamically - allocated on the server and reported to the client at run time. - When used together with -O forward the allocated port will be - printed to the standard output. - - -S ctl_path - Specifies the location of a control socket for connection - sharing, or the string M-bM-^@M-^\noneM-bM-^@M-^] to disable connection sharing. - Refer to the description of ControlPath and ControlMaster in - ssh_config(5) for details. - - -s May be used to request invocation of a subsystem on the remote - system. Subsystems are a feature of the SSH2 protocol which - facilitate the use of SSH as a secure transport for other - applications (eg. sftp(1)). The subsystem is specified as the - remote command. - - -T Disable pseudo-terminal allocation. - - -t Force pseudo-terminal allocation. This can be used to execute - arbitrary screen-based programs on a remote machine, which can be - very useful, e.g. when implementing menu services. Multiple -t - options force tty allocation, even if ssh has no local tty. - - -V Display the version number and exit. - - -v Verbose mode. Causes ssh to print debugging messages about its - progress. This is helpful in debugging connection, - authentication, and configuration problems. Multiple -v options - increase the verbosity. The maximum is 3. - - -W host:port - Requests that standard input and output on the client be - forwarded to host on port over the secure channel. Implies -N, - -T, ExitOnForwardFailure and ClearAllForwardings. Works with - Protocol version 2 only. - - -w local_tun[:remote_tun] - Requests tunnel device forwarding with the specified tun(4) - devices between the client (local_tun) and the server - (remote_tun). - - The devices may be specified by numerical ID or the keyword - M-bM-^@M-^\anyM-bM-^@M-^], which uses the next available tunnel device. If - remote_tun is not specified, it defaults to M-bM-^@M-^\anyM-bM-^@M-^]. See also the - Tunnel and TunnelDevice directives in ssh_config(5). If the - Tunnel directive is unset, it is set to the default tunnel mode, - which is M-bM-^@M-^\point-to-pointM-bM-^@M-^]. - - -X Enables X11 forwarding. This can also be specified on a per-host - basis in a configuration file. - - X11 forwarding should be enabled with caution. Users with the - ability to bypass file permissions on the remote host (for the - user's X authorization database) can access the local X11 display - through the forwarded connection. An attacker may then be able - to perform activities such as keystroke monitoring. - - For this reason, X11 forwarding is subjected to X11 SECURITY - extension restrictions by default. Please refer to the ssh -Y - option and the ForwardX11Trusted directive in ssh_config(5) for - more information. - - -x Disables X11 forwarding. - - -Y Enables trusted X11 forwarding. Trusted X11 forwardings are not - subjected to the X11 SECURITY extension controls. - - -y Send log information using the syslog(3) system module. By - default this information is sent to stderr. - - ssh may additionally obtain configuration data from a per-user - configuration file and a system-wide configuration file. The file format - and configuration options are described in ssh_config(5). - -AUTHENTICATION - The OpenSSH SSH client supports SSH protocols 1 and 2. The default is to - use protocol 2 only, though this can be changed via the Protocol option - in ssh_config(5) or the -1 and -2 options (see above). Both protocols - support similar authentication methods, but protocol 2 is the default - since it provides additional mechanisms for confidentiality (the traffic - is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour) and - integrity (hmac-md5, hmac-sha1, hmac-sha2-256, hmac-sha2-512, umac-64, - umac-128, hmac-ripemd160). Protocol 1 lacks a strong mechanism for - ensuring the integrity of the connection. - - The methods available for authentication are: GSSAPI-based - authentication, host-based authentication, public key authentication, - challenge-response authentication, and password authentication. - Authentication methods are tried in the order specified above, though - protocol 2 has a configuration option to change the default order: - PreferredAuthentications. - - Host-based authentication works as follows: If the machine the user logs - in from is listed in /etc/hosts.equiv or /etc/shosts.equiv on the remote - machine, and the user names are the same on both sides, or if the files - ~/.rhosts or ~/.shosts exist in the user's home directory on the remote - machine and contain a line containing the name of the client machine and - the name of the user on that machine, the user is considered for login. - Additionally, the server must be able to verify the client's host key - (see the description of /etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts, - below) for login to be permitted. This authentication method closes - security holes due to IP spoofing, DNS spoofing, and routing spoofing. - [Note to the administrator: /etc/hosts.equiv, ~/.rhosts, and the - rlogin/rsh protocol in general, are inherently insecure and should be - disabled if security is desired.] - - Public key authentication works as follows: The scheme is based on - public-key cryptography, using cryptosystems where encryption and - decryption are done using separate keys, and it is unfeasible to derive - the decryption key from the encryption key. The idea is that each user - creates a public/private key pair for authentication purposes. The - server knows the public key, and only the user knows the private key. - ssh implements public key authentication protocol automatically, using - one of the DSA, ECDSA, Ed25519 or RSA algorithms. Protocol 1 is - restricted to using only RSA keys, but protocol 2 may use any. The - HISTORY section of ssl(8) contains a brief discussion of the DSA and RSA - algorithms. - - The file ~/.ssh/authorized_keys lists the public keys that are permitted - for logging in. When the user logs in, the ssh program tells the server - which key pair it would like to use for authentication. The client - proves that it has access to the private key and the server checks that - the corresponding public key is authorized to accept the account. - - The user creates his/her key pair by running ssh-keygen(1). This stores - the private key in ~/.ssh/identity (protocol 1), ~/.ssh/id_dsa (protocol - 2 DSA), ~/.ssh/id_ecdsa (protocol 2 ECDSA), ~/.ssh/id_ed25519 (protocol 2 - Ed25519), or ~/.ssh/id_rsa (protocol 2 RSA) and stores the public key in - ~/.ssh/identity.pub (protocol 1), ~/.ssh/id_dsa.pub (protocol 2 DSA), - ~/.ssh/id_ecdsa.pub (protocol 2 ECDSA), ~/.ssh/id_ed25519.pub (protocol 2 - Ed25519), or ~/.ssh/id_rsa.pub (protocol 2 RSA) in the user's home - directory. The user should then copy the public key to - ~/.ssh/authorized_keys in his/her home directory on the remote machine. - The authorized_keys file corresponds to the conventional ~/.rhosts file, - and has one key per line, though the lines can be very long. After this, - the user can log in without giving the password. - - A variation on public key authentication is available in the form of - certificate authentication: instead of a set of public/private keys, - signed certificates are used. This has the advantage that a single - trusted certification authority can be used in place of many - public/private keys. See the CERTIFICATES section of ssh-keygen(1) for - more information. - - The most convenient way to use public key or certificate authentication - may be with an authentication agent. See ssh-agent(1) for more - information. - - Challenge-response authentication works as follows: The server sends an - arbitrary "challenge" text, and prompts for a response. Protocol 2 - allows multiple challenges and responses; protocol 1 is restricted to - just one challenge/response. Examples of challenge-response - authentication include BSD Authentication (see login.conf(5)) and PAM - (some non-OpenBSD systems). - - Finally, if other authentication methods fail, ssh prompts the user for a - password. The password is sent to the remote host for checking; however, - since all communications are encrypted, the password cannot be seen by - someone listening on the network. - - ssh automatically maintains and checks a database containing - identification for all hosts it has ever been used with. Host keys are - stored in ~/.ssh/known_hosts in the user's home directory. Additionally, - the file /etc/ssh/ssh_known_hosts is automatically checked for known - hosts. Any new hosts are automatically added to the user's file. If a - host's identification ever changes, ssh warns about this and disables - password authentication to prevent server spoofing or man-in-the-middle - attacks, which could otherwise be used to circumvent the encryption. The - StrictHostKeyChecking option can be used to control logins to machines - whose host key is not known or has changed. - - When the user's identity has been accepted by the server, the server - either executes the given command in a non-interactive session or, if no - command has been specified, logs into the machine and gives the user a - normal shell as an interactive session. All communication with the - remote command or shell will be automatically encrypted. - - If an interactive session is requested ssh by default will only request a - pseudo-terminal (pty) for interactive sessions when the client has one. - The flags -T and -t can be used to override this behaviour. - - If a pseudo-terminal has been allocated the user may use the escape - characters noted below. - - If no pseudo-terminal has been allocated, the session is transparent and - can be used to reliably transfer binary data. On most systems, setting - the escape character to M-bM-^@M-^\noneM-bM-^@M-^] will also make the session transparent - even if a tty is used. - - The session terminates when the command or shell on the remote machine - exits and all X11 and TCP connections have been closed. - -ESCAPE CHARACTERS - When a pseudo-terminal has been requested, ssh supports a number of - functions through the use of an escape character. - - A single tilde character can be sent as ~~ or by following the tilde by a - character other than those described below. The escape character must - always follow a newline to be interpreted as special. The escape - character can be changed in configuration files using the EscapeChar - configuration directive or on the command line by the -e option. - - The supported escapes (assuming the default M-bM-^@M-^X~M-bM-^@M-^Y) are: - - ~. Disconnect. - - ~^Z Background ssh. - - ~# List forwarded connections. - - ~& Background ssh at logout when waiting for forwarded connection / - X11 sessions to terminate. - - ~? Display a list of escape characters. - - ~B Send a BREAK to the remote system (only useful for SSH protocol - version 2 and if the peer supports it). - - ~C Open command line. Currently this allows the addition of port - forwardings using the -L, -R and -D options (see above). It also - allows the cancellation of existing port-forwardings with - -KL[bind_address:]port for local, -KR[bind_address:]port for - remote and -KD[bind_address:]port for dynamic port-forwardings. - !command allows the user to execute a local command if the - PermitLocalCommand option is enabled in ssh_config(5). Basic - help is available, using the -h option. - - ~R Request rekeying of the connection (only useful for SSH protocol - version 2 and if the peer supports it). - - ~V Decrease the verbosity (LogLevel) when errors are being written - to stderr. - - ~v Increase the verbosity (LogLevel) when errors are being written - to stderr. - -TCP FORWARDING - Forwarding of arbitrary TCP connections over the secure channel can be - specified either on the command line or in a configuration file. One - possible application of TCP forwarding is a secure connection to a mail - server; another is going through firewalls. - - In the example below, we look at encrypting communication between an IRC - client and server, even though the IRC server does not directly support - encrypted communications. This works as follows: the user connects to - the remote host using ssh, specifying a port to be used to forward - connections to the remote server. After that it is possible to start the - service which is to be encrypted on the client machine, connecting to the - same local port, and ssh will encrypt and forward the connection. - - The following example tunnels an IRC session from client machine - M-bM-^@M-^\127.0.0.1M-bM-^@M-^] (localhost) to remote server M-bM-^@M-^\server.example.comM-bM-^@M-^]: - - $ ssh -f -L 1234:localhost:6667 server.example.com sleep 10 - $ irc -c '#users' -p 1234 pinky 127.0.0.1 - - This tunnels a connection to IRC server M-bM-^@M-^\server.example.comM-bM-^@M-^], joining - channel M-bM-^@M-^\#usersM-bM-^@M-^], nickname M-bM-^@M-^\pinkyM-bM-^@M-^], using port 1234. It doesn't matter - which port is used, as long as it's greater than 1023 (remember, only - root can open sockets on privileged ports) and doesn't conflict with any - ports already in use. The connection is forwarded to port 6667 on the - remote server, since that's the standard port for IRC services. - - The -f option backgrounds ssh and the remote command M-bM-^@M-^\sleep 10M-bM-^@M-^] is - specified to allow an amount of time (10 seconds, in the example) to - start the service which is to be tunnelled. If no connections are made - within the time specified, ssh will exit. - -X11 FORWARDING - If the ForwardX11 variable is set to M-bM-^@M-^\yesM-bM-^@M-^] (or see the description of the - -X, -x, and -Y options above) and the user is using X11 (the DISPLAY - environment variable is set), the connection to the X11 display is - automatically forwarded to the remote side in such a way that any X11 - programs started from the shell (or command) will go through the - encrypted channel, and the connection to the real X server will be made - from the local machine. The user should not manually set DISPLAY. - Forwarding of X11 connections can be configured on the command line or in - configuration files. - - The DISPLAY value set by ssh will point to the server machine, but with a - display number greater than zero. This is normal, and happens because - ssh creates a M-bM-^@M-^\proxyM-bM-^@M-^] X server on the server machine for forwarding the - connections over the encrypted channel. - - ssh will also automatically set up Xauthority data on the server machine. - For this purpose, it will generate a random authorization cookie, store - it in Xauthority on the server, and verify that any forwarded connections - carry this cookie and replace it by the real cookie when the connection - is opened. The real authentication cookie is never sent to the server - machine (and no cookies are sent in the plain). - - If the ForwardAgent variable is set to M-bM-^@M-^\yesM-bM-^@M-^] (or see the description of - the -A and -a options above) and the user is using an authentication - agent, the connection to the agent is automatically forwarded to the - remote side. - -VERIFYING HOST KEYS - When connecting to a server for the first time, a fingerprint of the - server's public key is presented to the user (unless the option - StrictHostKeyChecking has been disabled). Fingerprints can be determined - using ssh-keygen(1): - - $ ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key - - If the fingerprint is already known, it can be matched and the key can be - accepted or rejected. If only legacy (MD5) fingerprints for the server - are available, the ssh-keygen(1) -E option may be used to downgrade the - fingerprint algorithm to match. - - Because of the difficulty of comparing host keys just by looking at - fingerprint strings, there is also support to compare host keys visually, - using random art. By setting the VisualHostKey option to M-bM-^@M-^\yesM-bM-^@M-^], a small - ASCII graphic gets displayed on every login to a server, no matter if the - session itself is interactive or not. By learning the pattern a known - server produces, a user can easily find out that the host key has changed - when a completely different pattern is displayed. Because these patterns - are not unambiguous however, a pattern that looks similar to the pattern - remembered only gives a good probability that the host key is the same, - not guaranteed proof. - - To get a listing of the fingerprints along with their random art for all - known hosts, the following command line can be used: - - $ ssh-keygen -lv -f ~/.ssh/known_hosts - - If the fingerprint is unknown, an alternative method of verification is - available: SSH fingerprints verified by DNS. An additional resource - record (RR), SSHFP, is added to a zonefile and the connecting client is - able to match the fingerprint with that of the key presented. - - In this example, we are connecting a client to a server, - M-bM-^@M-^\host.example.comM-bM-^@M-^]. The SSHFP resource records should first be added to - the zonefile for host.example.com: - - $ ssh-keygen -r host.example.com. - - The output lines will have to be added to the zonefile. To check that - the zone is answering fingerprint queries: - - $ dig -t SSHFP host.example.com - - Finally the client connects: - - $ ssh -o "VerifyHostKeyDNS ask" host.example.com - [...] - Matching host key fingerprint found in DNS. - Are you sure you want to continue connecting (yes/no)? - - See the VerifyHostKeyDNS option in ssh_config(5) for more information. - -SSH-BASED VIRTUAL PRIVATE NETWORKS - ssh contains support for Virtual Private Network (VPN) tunnelling using - the tun(4) network pseudo-device, allowing two networks to be joined - securely. The sshd_config(5) configuration option PermitTunnel controls - whether the server supports this, and at what level (layer 2 or 3 - traffic). - - The following example would connect client network 10.0.50.0/24 with - remote network 10.0.99.0/24 using a point-to-point connection from - 10.1.1.1 to 10.1.1.2, provided that the SSH server running on the gateway - to the remote network, at 192.168.1.15, allows it. - - On the client: - - # ssh -f -w 0:1 192.168.1.15 true - # ifconfig tun0 10.1.1.1 10.1.1.2 netmask 255.255.255.252 - # route add 10.0.99.0/24 10.1.1.2 - - On the server: - - # ifconfig tun1 10.1.1.2 10.1.1.1 netmask 255.255.255.252 - # route add 10.0.50.0/24 10.1.1.1 - - Client access may be more finely tuned via the /root/.ssh/authorized_keys - file (see below) and the PermitRootLogin server option. The following - entry would permit connections on tun(4) device 1 from user M-bM-^@M-^\janeM-bM-^@M-^] and on - tun device 2 from user M-bM-^@M-^\johnM-bM-^@M-^], if PermitRootLogin is set to - M-bM-^@M-^\forced-commands-onlyM-bM-^@M-^]: - - tunnel="1",command="sh /etc/netstart tun1" ssh-rsa ... jane - tunnel="2",command="sh /etc/netstart tun2" ssh-rsa ... john - - Since an SSH-based setup entails a fair amount of overhead, it may be - more suited to temporary setups, such as for wireless VPNs. More - permanent VPNs are better provided by tools such as ipsecctl(8) and - isakmpd(8). - -ENVIRONMENT - ssh will normally set the following environment variables: - - DISPLAY The DISPLAY variable indicates the location of the - X11 server. It is automatically set by ssh to - point to a value of the form M-bM-^@M-^\hostname:nM-bM-^@M-^], where - M-bM-^@M-^\hostnameM-bM-^@M-^] indicates the host where the shell runs, - and M-bM-^@M-^XnM-bM-^@M-^Y is an integer M-bM-^IM-% 1. ssh uses this special - value to forward X11 connections over the secure - channel. The user should normally not set DISPLAY - explicitly, as that will render the X11 connection - insecure (and will require the user to manually - copy any required authorization cookies). - - HOME Set to the path of the user's home directory. - - LOGNAME Synonym for USER; set for compatibility with - systems that use this variable. - - MAIL Set to the path of the user's mailbox. - - PATH Set to the default PATH, as specified when - compiling ssh. - - SSH_ASKPASS If ssh needs a passphrase, it will read the - passphrase from the current terminal if it was run - from a terminal. If ssh does not have a terminal - associated with it but DISPLAY and SSH_ASKPASS are - set, it will execute the program specified by - SSH_ASKPASS and open an X11 window to read the - passphrase. This is particularly useful when - calling ssh from a .xsession or related script. - (Note that on some machines it may be necessary to - redirect the input from /dev/null to make this - work.) - - SSH_AUTH_SOCK Identifies the path of a UNIX-domain socket used to - communicate with the agent. - - SSH_CONNECTION Identifies the client and server ends of the - connection. The variable contains four space- - separated values: client IP address, client port - number, server IP address, and server port number. - - SSH_ORIGINAL_COMMAND This variable contains the original command line if - a forced command is executed. It can be used to - extract the original arguments. - - SSH_TTY This is set to the name of the tty (path to the - device) associated with the current shell or - command. If the current session has no tty, this - variable is not set. - - TZ This variable is set to indicate the present time - zone if it was set when the daemon was started - (i.e. the daemon passes the value on to new - connections). - - USER Set to the name of the user logging in. - - Additionally, ssh reads ~/.ssh/environment, and adds lines of the format - M-bM-^@M-^\VARNAME=valueM-bM-^@M-^] to the environment if the file exists and users are - allowed to change their environment. For more information, see the - PermitUserEnvironment option in sshd_config(5). - -FILES - ~/.rhosts - This file is used for host-based authentication (see above). On - some machines this file may need to be world-readable if the - user's home directory is on an NFS partition, because sshd(8) - reads it as root. Additionally, this file must be owned by the - user, and must not have write permissions for anyone else. The - recommended permission for most machines is read/write for the - user, and not accessible by others. - - ~/.shosts - This file is used in exactly the same way as .rhosts, but allows - host-based authentication without permitting login with - rlogin/rsh. - - ~/.ssh/ - This directory is the default location for all user-specific - configuration and authentication information. There is no - general requirement to keep the entire contents of this directory - secret, but the recommended permissions are read/write/execute - for the user, and not accessible by others. - - ~/.ssh/authorized_keys - Lists the public keys (DSA, ECDSA, Ed25519, RSA) that can be used - for logging in as this user. The format of this file is - described in the sshd(8) manual page. This file is not highly - sensitive, but the recommended permissions are read/write for the - user, and not accessible by others. - - ~/.ssh/config - This is the per-user configuration file. The file format and - configuration options are described in ssh_config(5). Because of - the potential for abuse, this file must have strict permissions: - read/write for the user, and not writable by others. - - ~/.ssh/environment - Contains additional definitions for environment variables; see - ENVIRONMENT, above. - - ~/.ssh/identity - ~/.ssh/id_dsa - ~/.ssh/id_ecdsa - ~/.ssh/id_ed25519 - ~/.ssh/id_rsa - Contains the private key for authentication. These files contain - sensitive data and should be readable by the user but not - accessible by others (read/write/execute). ssh will simply - ignore a private key file if it is accessible by others. It is - possible to specify a passphrase when generating the key which - will be used to encrypt the sensitive part of this file using - 3DES. - - ~/.ssh/identity.pub - ~/.ssh/id_dsa.pub - ~/.ssh/id_ecdsa.pub - ~/.ssh/id_ed25519.pub - ~/.ssh/id_rsa.pub - Contains the public key for authentication. These files are not - sensitive and can (but need not) be readable by anyone. - - ~/.ssh/known_hosts - Contains a list of host keys for all hosts the user has logged - into that are not already in the systemwide list of known host - keys. See sshd(8) for further details of the format of this - file. - - ~/.ssh/rc - Commands in this file are executed by ssh when the user logs in, - just before the user's shell (or command) is started. See the - sshd(8) manual page for more information. - - /etc/hosts.equiv - This file is for host-based authentication (see above). It - should only be writable by root. - - /etc/shosts.equiv - This file is used in exactly the same way as hosts.equiv, but - allows host-based authentication without permitting login with - rlogin/rsh. - - /etc/ssh/ssh_config - Systemwide configuration file. The file format and configuration - options are described in ssh_config(5). - - /etc/ssh/ssh_host_key - /etc/ssh/ssh_host_dsa_key - /etc/ssh/ssh_host_ecdsa_key - /etc/ssh/ssh_host_ed25519_key - /etc/ssh/ssh_host_rsa_key - These files contain the private parts of the host keys and are - used for host-based authentication. If protocol version 1 is - used, ssh must be setuid root, since the host key is readable - only by root. For protocol version 2, ssh uses ssh-keysign(8) to - access the host keys, eliminating the requirement that ssh be - setuid root when host-based authentication is used. By default - ssh is not setuid root. - - /etc/ssh/ssh_known_hosts - Systemwide list of known host keys. This file should be prepared - by the system administrator to contain the public host keys of - all machines in the organization. It should be world-readable. - See sshd(8) for further details of the format of this file. - - /etc/ssh/sshrc - Commands in this file are executed by ssh when the user logs in, - just before the user's shell (or command) is started. See the - sshd(8) manual page for more information. - -EXIT STATUS - ssh exits with the exit status of the remote command or with 255 if an - error occurred. - -SEE ALSO - scp(1), sftp(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), ssh-keyscan(1), - tun(4), ssh_config(5), ssh-keysign(8), sshd(8) - -STANDARDS - S. Lehtinen and C. Lonvick, The Secure Shell (SSH) Protocol Assigned - Numbers, RFC 4250, January 2006. - - T. Ylonen and C. Lonvick, The Secure Shell (SSH) Protocol Architecture, - RFC 4251, January 2006. - - T. Ylonen and C. Lonvick, The Secure Shell (SSH) Authentication Protocol, - RFC 4252, January 2006. - - T. Ylonen and C. Lonvick, The Secure Shell (SSH) Transport Layer - Protocol, RFC 4253, January 2006. - - T. Ylonen and C. Lonvick, The Secure Shell (SSH) Connection Protocol, RFC - 4254, January 2006. - - J. Schlyter and W. Griffin, Using DNS to Securely Publish Secure Shell - (SSH) Key Fingerprints, RFC 4255, January 2006. - - F. Cusack and M. Forssen, Generic Message Exchange Authentication for the - Secure Shell Protocol (SSH), RFC 4256, January 2006. - - J. Galbraith and P. Remaker, The Secure Shell (SSH) Session Channel Break - Extension, RFC 4335, January 2006. - - M. Bellare, T. Kohno, and C. Namprempre, The Secure Shell (SSH) Transport - Layer Encryption Modes, RFC 4344, January 2006. - - B. Harris, Improved Arcfour Modes for the Secure Shell (SSH) Transport - Layer Protocol, RFC 4345, January 2006. - - M. Friedl, N. Provos, and W. Simpson, Diffie-Hellman Group Exchange for - the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006. - - J. Galbraith and R. Thayer, The Secure Shell (SSH) Public Key File - Format, RFC 4716, November 2006. - - D. Stebila and J. Green, Elliptic Curve Algorithm Integration in the - Secure Shell Transport Layer, RFC 5656, December 2009. - - A. Perrig and D. Song, Hash Visualization: a New Technique to improve - Real-World Security, 1999, International Workshop on Cryptographic - Techniques and E-Commerce (CrypTEC '99). - -AUTHORS - OpenSSH is a derivative of the original and free ssh 1.2.12 release by - Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo - de Raadt and Dug Song removed many bugs, re-added newer features and - created OpenSSH. Markus Friedl contributed the support for SSH protocol - versions 1.5 and 2.0. - -OpenBSD 5.8 July 20, 2015 OpenBSD 5.8 diff --git a/crypto/openssh/ssh_config.0 b/crypto/openssh/ssh_config.0 deleted file mode 100644 index 654807779d2..00000000000 --- a/crypto/openssh/ssh_config.0 +++ /dev/null @@ -1,1026 +0,0 @@ -SSH_CONFIG(5) File Formats Manual SSH_CONFIG(5) - -NAME - ssh_config M-bM-^@M-^S OpenSSH SSH client configuration files - -SYNOPSIS - ~/.ssh/config - /etc/ssh/ssh_config - -DESCRIPTION - ssh(1) obtains configuration data from the following sources in the - following order: - - 1. command-line options - 2. user's configuration file (~/.ssh/config) - 3. system-wide configuration file (/etc/ssh/ssh_config) - - For each parameter, the first obtained value will be used. The - configuration files contain sections separated by M-bM-^@M-^\HostM-bM-^@M-^] specifications, - and that section is only applied for hosts that match one of the patterns - given in the specification. The matched host name is usually the one - given on the command line (see the CanonicalizeHostname option for - exceptions.) - - Since the first obtained value for each parameter is used, more host- - specific declarations should be given near the beginning of the file, and - general defaults at the end. - - The configuration file has the following format: - - Empty lines and lines starting with M-bM-^@M-^X#M-bM-^@M-^Y are comments. Otherwise a line - is of the format M-bM-^@M-^\keyword argumentsM-bM-^@M-^]. Configuration options may be - separated by whitespace or optional whitespace and exactly one M-bM-^@M-^X=M-bM-^@M-^Y; the - latter format is useful to avoid the need to quote whitespace when - specifying configuration options using the ssh, scp, and sftp -o option. - Arguments may optionally be enclosed in double quotes (") in order to - represent arguments containing spaces. - - The possible keywords and their meanings are as follows (note that - keywords are case-insensitive and arguments are case-sensitive): - - Host Restricts the following declarations (up to the next Host or - Match keyword) to be only for those hosts that match one of the - patterns given after the keyword. If more than one pattern is - provided, they should be separated by whitespace. A single M-bM-^@M-^X*M-bM-^@M-^Y - as a pattern can be used to provide global defaults for all - hosts. The host is usually the hostname argument given on the - command line (see the CanonicalizeHostname option for - exceptions.) - - A pattern entry may be negated by prefixing it with an - exclamation mark (M-bM-^@M-^X!M-bM-^@M-^Y). If a negated entry is matched, then the - Host entry is ignored, regardless of whether any other patterns - on the line match. Negated matches are therefore useful to - provide exceptions for wildcard matches. - - See PATTERNS for more information on patterns. - - Match Restricts the following declarations (up to the next Host or - Match keyword) to be used only when the conditions following the - Match keyword are satisfied. Match conditions are specified - using one or more critera or the single token all which always - matches. The available criteria keywords are: canonical, exec, - host, originalhost, user, and localuser. The all criteria must - appear alone or immediately after canonical. Other criteria may - be combined arbitrarily. All criteria but all and canonical - require an argument. Criteria may be negated by prepending an - exclamation mark (M-bM-^@M-^X!M-bM-^@M-^Y). - - The canonical keyword matches only when the configuration file is - being re-parsed after hostname canonicalization (see the - CanonicalizeHostname option.) This may be useful to specify - conditions that work with canonical host names only. The exec - keyword executes the specified command under the user's shell. - If the command returns a zero exit status then the condition is - considered true. Commands containing whitespace characters must - be quoted. The following character sequences in the command will - be expanded prior to execution: M-bM-^@M-^X%LM-bM-^@M-^Y will be substituted by the - first component of the local host name, M-bM-^@M-^X%lM-bM-^@M-^Y will be substituted - by the local host name (including any domain name), M-bM-^@M-^X%hM-bM-^@M-^Y will be - substituted by the target host name, M-bM-^@M-^X%nM-bM-^@M-^Y will be substituted by - the original target host name specified on the command-line, M-bM-^@M-^X%pM-bM-^@M-^Y - the destination port, M-bM-^@M-^X%rM-bM-^@M-^Y by the remote login username, and M-bM-^@M-^X%uM-bM-^@M-^Y - by the username of the user running ssh(1). - - The other keywords' criteria must be single entries or comma- - separated lists and may use the wildcard and negation operators - described in the PATTERNS section. The criteria for the host - keyword are matched against the target hostname, after any - substitution by the Hostname or CanonicalizeHostname options. - The originalhost keyword matches against the hostname as it was - specified on the command-line. The user keyword matches against - the target username on the remote host. The localuser keyword - matches against the name of the local user running ssh(1) (this - keyword may be useful in system-wide ssh_config files). - - AddressFamily - Specifies which address family to use when connecting. Valid - arguments are M-bM-^@M-^\anyM-bM-^@M-^], M-bM-^@M-^\inetM-bM-^@M-^] (use IPv4 only), or M-bM-^@M-^\inet6M-bM-^@M-^] (use IPv6 - only). - - BatchMode - If set to M-bM-^@M-^\yesM-bM-^@M-^], passphrase/password querying will be disabled. - This option is useful in scripts and other batch jobs where no - user is present to supply the password. The argument must be - M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. - - BindAddress - Use the specified address on the local machine as the source - address of the connection. Only useful on systems with more than - one address. Note that this option does not work if - UsePrivilegedPort is set to M-bM-^@M-^\yesM-bM-^@M-^]. - - CanonicalDomains - When CanonicalizeHostname is enabled, this option specifies the - list of domain suffixes in which to search for the specified - destination host. - - CanonicalizeFallbackLocal - Specifies whether to fail with an error when hostname - canonicalization fails. The default, M-bM-^@M-^\yesM-bM-^@M-^], will attempt to look - up the unqualified hostname using the system resolver's search - rules. A value of M-bM-^@M-^\noM-bM-^@M-^] will cause ssh(1) to fail instantly if - CanonicalizeHostname is enabled and the target hostname cannot be - found in any of the domains specified by CanonicalDomains. - - CanonicalizeHostname - Controls whether explicit hostname canonicalization is performed. - The default, M-bM-^@M-^\noM-bM-^@M-^], is not to perform any name rewriting and let - the system resolver handle all hostname lookups. If set to M-bM-^@M-^\yesM-bM-^@M-^] - then, for connections that do not use a ProxyCommand, ssh(1) will - attempt to canonicalize the hostname specified on the command - line using the CanonicalDomains suffixes and - CanonicalizePermittedCNAMEs rules. If CanonicalizeHostname is - set to M-bM-^@M-^\alwaysM-bM-^@M-^], then canonicalization is applied to proxied - connections too. - - If this option is enabled, then the configuration files are - processed again using the new target name to pick up any new - configuration in matching Host and Match stanzas. - - CanonicalizeMaxDots - Specifies the maximum number of dot characters in a hostname - before canonicalization is disabled. The default, M-bM-^@M-^\1M-bM-^@M-^], allows a - single dot (i.e. hostname.subdomain). - - CanonicalizePermittedCNAMEs - Specifies rules to determine whether CNAMEs should be followed - when canonicalizing hostnames. The rules consist of one or more - arguments of source_domain_list:target_domain_list, where - source_domain_list is a pattern-list of domains that may follow - CNAMEs in canonicalization, and target_domain_list is a pattern- - list of domains that they may resolve to. - - For example, M-bM-^@M-^\*.a.example.com:*.b.example.com,*.c.example.comM-bM-^@M-^] - will allow hostnames matching M-bM-^@M-^\*.a.example.comM-bM-^@M-^] to be - canonicalized to names in the M-bM-^@M-^\*.b.example.comM-bM-^@M-^] or - M-bM-^@M-^\*.c.example.comM-bM-^@M-^] domains. - - ChallengeResponseAuthentication - Specifies whether to use challenge-response authentication. The - argument to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is - M-bM-^@M-^\yesM-bM-^@M-^]. - - CheckHostIP - If this flag is set to M-bM-^@M-^\yesM-bM-^@M-^], ssh(1) will additionally check the - host IP address in the known_hosts file. This allows ssh to - detect if a host key changed due to DNS spoofing and will add - addresses of destination hosts to ~/.ssh/known_hosts in the - process, regardless of the setting of StrictHostKeyChecking. If - the option is set to M-bM-^@M-^\noM-bM-^@M-^], the check will not be executed. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. - - Cipher Specifies the cipher to use for encrypting the session in - protocol version 1. Currently, M-bM-^@M-^\blowfishM-bM-^@M-^], M-bM-^@M-^\3desM-bM-^@M-^], and M-bM-^@M-^\desM-bM-^@M-^] are - supported. des is only supported in the ssh(1) client for - interoperability with legacy protocol 1 implementations that do - not support the 3des cipher. Its use is strongly discouraged due - to cryptographic weaknesses. The default is M-bM-^@M-^\3desM-bM-^@M-^]. - - Ciphers - Specifies the ciphers allowed for protocol version 2 in order of - preference. Multiple ciphers must be comma-separated. If the - specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified - ciphers will be appended to the default set instead of replacing - them. - - The supported ciphers are: - - 3des-cbc - aes128-cbc - aes192-cbc - aes256-cbc - aes128-ctr - aes192-ctr - aes256-ctr - aes128-gcm@openssh.com - aes256-gcm@openssh.com - arcfour - arcfour128 - arcfour256 - blowfish-cbc - cast128-cbc - chacha20-poly1305@openssh.com - - The default is: - - aes128-ctr,aes192-ctr,aes256-ctr, - aes128-gcm@openssh.com,aes256-gcm@openssh.com, - chacha20-poly1305@openssh.com, - arcfour256,arcfour128, - aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc, - aes192-cbc,aes256-cbc,arcfour - - The list of available ciphers may also be obtained using the -Q - option of ssh(1) with an argument of M-bM-^@M-^\cipherM-bM-^@M-^]. - - ClearAllForwardings - Specifies that all local, remote, and dynamic port forwardings - specified in the configuration files or on the command line be - cleared. This option is primarily useful when used from the - ssh(1) command line to clear port forwardings set in - configuration files, and is automatically set by scp(1) and - sftp(1). The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is - M-bM-^@M-^\noM-bM-^@M-^]. - - Compression - Specifies whether to use compression. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] - or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. - - CompressionLevel - Specifies the compression level to use if compression is enabled. - The argument must be an integer from 1 (fast) to 9 (slow, best). - The default level is 6, which is good for most applications. The - meaning of the values is the same as in gzip(1). Note that this - option applies to protocol version 1 only. - - ConnectionAttempts - Specifies the number of tries (one per second) to make before - exiting. The argument must be an integer. This may be useful in - scripts if the connection sometimes fails. The default is 1. - - ConnectTimeout - Specifies the timeout (in seconds) used when connecting to the - SSH server, instead of using the default system TCP timeout. - This value is used only when the target is down or really - unreachable, not when it refuses the connection. - - ControlMaster - Enables the sharing of multiple sessions over a single network - connection. When set to M-bM-^@M-^\yesM-bM-^@M-^], ssh(1) will listen for - connections on a control socket specified using the ControlPath - argument. Additional sessions can connect to this socket using - the same ControlPath with ControlMaster set to M-bM-^@M-^\noM-bM-^@M-^] (the - default). These sessions will try to reuse the master instance's - network connection rather than initiating new ones, but will fall - back to connecting normally if the control socket does not exist, - or is not listening. - - Setting this to M-bM-^@M-^\askM-bM-^@M-^] will cause ssh to listen for control - connections, but require confirmation using ssh-askpass(1). If - the ControlPath cannot be opened, ssh will continue without - connecting to a master instance. - - X11 and ssh-agent(1) forwarding is supported over these - multiplexed connections, however the display and agent forwarded - will be the one belonging to the master connection i.e. it is not - possible to forward multiple displays or agents. - - Two additional options allow for opportunistic multiplexing: try - to use a master connection but fall back to creating a new one if - one does not already exist. These options are: M-bM-^@M-^\autoM-bM-^@M-^] and - M-bM-^@M-^\autoaskM-bM-^@M-^]. The latter requires confirmation like the M-bM-^@M-^\askM-bM-^@M-^] - option. - - ControlPath - Specify the path to the control socket used for connection - sharing as described in the ControlMaster section above or the - string M-bM-^@M-^\noneM-bM-^@M-^] to disable connection sharing. In the path, M-bM-^@M-^X%LM-bM-^@M-^Y - will be substituted by the first component of the local host - name, M-bM-^@M-^X%lM-bM-^@M-^Y will be substituted by the local host name (including - any domain name), M-bM-^@M-^X%hM-bM-^@M-^Y will be substituted by the target host - name, M-bM-^@M-^X%nM-bM-^@M-^Y will be substituted by the original target host name - specified on the command line, M-bM-^@M-^X%pM-bM-^@M-^Y the destination port, M-bM-^@M-^X%rM-bM-^@M-^Y by - the remote login username, M-bM-^@M-^X%uM-bM-^@M-^Y by the username of the user - running ssh(1), and M-bM-^@M-^X%CM-bM-^@M-^Y by a hash of the concatenation: - %l%h%p%r. It is recommended that any ControlPath used for - opportunistic connection sharing include at least %h, %p, and %r - (or alternatively %C) and be placed in a directory that is not - writable by other users. This ensures that shared connections - are uniquely identified. - - ControlPersist - When used in conjunction with ControlMaster, specifies that the - master connection should remain open in the background (waiting - for future client connections) after the initial client - connection has been closed. If set to M-bM-^@M-^\noM-bM-^@M-^], then the master - connection will not be placed into the background, and will close - as soon as the initial client connection is closed. If set to - M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\0M-bM-^@M-^], then the master connection will remain in the - background indefinitely (until killed or closed via a mechanism - such as the ssh(1) M-bM-^@M-^\-O exitM-bM-^@M-^] option). If set to a time in - seconds, or a time in any of the formats documented in - sshd_config(5), then the backgrounded master connection will - automatically terminate after it has remained idle (with no - client connections) for the specified time. - - DynamicForward - Specifies that a TCP port on the local machine be forwarded over - the secure channel, and the application protocol is then used to - determine where to connect to from the remote machine. - - The argument must be [bind_address:]port. IPv6 addresses can be - specified by enclosing addresses in square brackets. By default, - the local port is bound in accordance with the GatewayPorts - setting. However, an explicit bind_address may be used to bind - the connection to a specific address. The bind_address of - M-bM-^@M-^\localhostM-bM-^@M-^] indicates that the listening port be bound for local - use only, while an empty address or M-bM-^@M-^X*M-bM-^@M-^Y indicates that the port - should be available from all interfaces. - - Currently the SOCKS4 and SOCKS5 protocols are supported, and - ssh(1) will act as a SOCKS server. Multiple forwardings may be - specified, and additional forwardings can be given on the command - line. Only the superuser can forward privileged ports. - - EnableSSHKeysign - Setting this option to M-bM-^@M-^\yesM-bM-^@M-^] in the global client configuration - file /etc/ssh/ssh_config enables the use of the helper program - ssh-keysign(8) during HostbasedAuthentication. The argument must - be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. This option should be - placed in the non-hostspecific section. See ssh-keysign(8) for - more information. - - EscapeChar - Sets the escape character (default: M-bM-^@M-^X~M-bM-^@M-^Y). The escape character - can also be set on the command line. The argument should be a - single character, M-bM-^@M-^X^M-bM-^@M-^Y followed by a letter, or M-bM-^@M-^\noneM-bM-^@M-^] to disable - the escape character entirely (making the connection transparent - for binary data). - - ExitOnForwardFailure - Specifies whether ssh(1) should terminate the connection if it - cannot set up all requested dynamic, tunnel, local, and remote - port forwardings. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The - default is M-bM-^@M-^\noM-bM-^@M-^]. - - FingerprintHash - Specifies the hash algorithm used when displaying key - fingerprints. Valid options are: M-bM-^@M-^\md5M-bM-^@M-^] and M-bM-^@M-^\sha256M-bM-^@M-^]. The - default is M-bM-^@M-^\sha256M-bM-^@M-^]. - - ForwardAgent - Specifies whether the connection to the authentication agent (if - any) will be forwarded to the remote machine. The argument must - be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. - - Agent forwarding should be enabled with caution. Users with the - ability to bypass file permissions on the remote host (for the - agent's Unix-domain socket) can access the local agent through - the forwarded connection. An attacker cannot obtain key material - from the agent, however they can perform operations on the keys - that enable them to authenticate using the identities loaded into - the agent. - - ForwardX11 - Specifies whether X11 connections will be automatically - redirected over the secure channel and DISPLAY set. The argument - must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. - - X11 forwarding should be enabled with caution. Users with the - ability to bypass file permissions on the remote host (for the - user's X11 authorization database) can access the local X11 - display through the forwarded connection. An attacker may then - be able to perform activities such as keystroke monitoring if the - ForwardX11Trusted option is also enabled. - - ForwardX11Timeout - Specify a timeout for untrusted X11 forwarding using the format - described in the TIME FORMATS section of sshd_config(5). X11 - connections received by ssh(1) after this time will be refused. - The default is to disable untrusted X11 forwarding after twenty - minutes has elapsed. - - ForwardX11Trusted - If this option is set to M-bM-^@M-^\yesM-bM-^@M-^], remote X11 clients will have full - access to the original X11 display. - - If this option is set to M-bM-^@M-^\noM-bM-^@M-^], remote X11 clients will be - considered untrusted and prevented from stealing or tampering - with data belonging to trusted X11 clients. Furthermore, the - xauth(1) token used for the session will be set to expire after - 20 minutes. Remote clients will be refused access after this - time. - - The default is M-bM-^@M-^\noM-bM-^@M-^]. - - See the X11 SECURITY extension specification for full details on - the restrictions imposed on untrusted clients. - - GatewayPorts - Specifies whether remote hosts are allowed to connect to local - forwarded ports. By default, ssh(1) binds local port forwardings - to the loopback address. This prevents other remote hosts from - connecting to forwarded ports. GatewayPorts can be used to - specify that ssh should bind local port forwardings to the - wildcard address, thus allowing remote hosts to connect to - forwarded ports. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The - default is M-bM-^@M-^\noM-bM-^@M-^]. - - GlobalKnownHostsFile - Specifies one or more files to use for the global host key - database, separated by whitespace. The default is - /etc/ssh/ssh_known_hosts, /etc/ssh/ssh_known_hosts2. - - GSSAPIAuthentication - Specifies whether user authentication based on GSSAPI is allowed. - The default is M-bM-^@M-^\noM-bM-^@M-^]. Note that this option applies to protocol - version 2 only. - - GSSAPIDelegateCredentials - Forward (delegate) credentials to the server. The default is - M-bM-^@M-^\noM-bM-^@M-^]. Note that this option applies to protocol version 2 only. - - HashKnownHosts - Indicates that ssh(1) should hash host names and addresses when - they are added to ~/.ssh/known_hosts. These hashed names may be - used normally by ssh(1) and sshd(8), but they do not reveal - identifying information should the file's contents be disclosed. - The default is M-bM-^@M-^\noM-bM-^@M-^]. Note that existing names and addresses in - known hosts files will not be converted automatically, but may be - manually hashed using ssh-keygen(1). - - HostbasedAuthentication - Specifies whether to try rhosts based authentication with public - key authentication. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The - default is M-bM-^@M-^\noM-bM-^@M-^]. This option applies to protocol version 2 only - and is similar to RhostsRSAAuthentication. - - HostbasedKeyTypes - Specifies the key types that will be used for hostbased - authentication as a comma-separated pattern list. Alternately if - the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the - specified key types will be appended to the default set instead - of replacing them. The default for this option is: - - ecdsa-sha2-nistp256-cert-v01@openssh.com, - ecdsa-sha2-nistp384-cert-v01@openssh.com, - ecdsa-sha2-nistp521-cert-v01@openssh.com, - ssh-ed25519-cert-v01@openssh.com, - ssh-rsa-cert-v01@openssh.com, - ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, - ssh-ed25519,ssh-rsa - - The -Q option of ssh(1) may be used to list supported key types. - - HostKeyAlgorithms - Specifies the protocol version 2 host key algorithms that the - client wants to use in order of preference. Alternately if the - specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified - key types will be appended to the default set instead of - replacing them. The default for this option is: - - ecdsa-sha2-nistp256-cert-v01@openssh.com, - ecdsa-sha2-nistp384-cert-v01@openssh.com, - ecdsa-sha2-nistp521-cert-v01@openssh.com, - ssh-ed25519-cert-v01@openssh.com, - ssh-rsa-cert-v01@openssh.com, - ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, - ssh-ed25519,ssh-rsa - - If hostkeys are known for the destination host then this default - is modified to prefer their algorithms. - - The list of available key types may also be obtained using the -Q - option of ssh(1) with an argument of M-bM-^@M-^\keyM-bM-^@M-^]. - - HostKeyAlias - Specifies an alias that should be used instead of the real host - name when looking up or saving the host key in the host key - database files. This option is useful for tunneling SSH - connections or for multiple servers running on a single host. - - HostName - Specifies the real host name to log into. This can be used to - specify nicknames or abbreviations for hosts. If the hostname - contains the character sequence M-bM-^@M-^X%hM-bM-^@M-^Y, then this will be replaced - with the host name specified on the command line (this is useful - for manipulating unqualified names). The character sequence M-bM-^@M-^X%%M-bM-^@M-^Y - will be replaced by a single M-bM-^@M-^X%M-bM-^@M-^Y character, which may be used - when specifying IPv6 link-local addresses. - - The default is the name given on the command line. Numeric IP - addresses are also permitted (both on the command line and in - HostName specifications). - - IdentitiesOnly - Specifies that ssh(1) should only use the authentication identity - files configured in the ssh_config files, even if ssh-agent(1) or - a PKCS11Provider offers more identities. The argument to this - keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. This option is intended for - situations where ssh-agent offers many different identities. The - default is M-bM-^@M-^\noM-bM-^@M-^]. - - IdentityFile - Specifies a file from which the user's DSA, ECDSA, Ed25519 or RSA - authentication identity is read. The default is ~/.ssh/identity - for protocol version 1, and ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, - ~/.ssh/id_ed25519 and ~/.ssh/id_rsa for protocol version 2. - Additionally, any identities represented by the authentication - agent will be used for authentication unless IdentitiesOnly is - set. ssh(1) will try to load certificate information from the - filename obtained by appending -cert.pub to the path of a - specified IdentityFile. - - The file name may use the tilde syntax to refer to a user's home - directory or one of the following escape characters: M-bM-^@M-^X%dM-bM-^@M-^Y (local - user's home directory), M-bM-^@M-^X%uM-bM-^@M-^Y (local user name), M-bM-^@M-^X%lM-bM-^@M-^Y (local host - name), M-bM-^@M-^X%hM-bM-^@M-^Y (remote host name) or M-bM-^@M-^X%rM-bM-^@M-^Y (remote user name). - - It is possible to have multiple identity files specified in - configuration files; all these identities will be tried in - sequence. Multiple IdentityFile directives will add to the list - of identities tried (this behaviour differs from that of other - configuration directives). - - IdentityFile may be used in conjunction with IdentitiesOnly to - select which identities in an agent are offered during - authentication. - - IgnoreUnknown - Specifies a pattern-list of unknown options to be ignored if they - are encountered in configuration parsing. This may be used to - suppress errors if ssh_config contains options that are - unrecognised by ssh(1). It is recommended that IgnoreUnknown be - listed early in the configuration file as it will not be applied - to unknown options that appear before it. - - IPQoS Specifies the IPv4 type-of-service or DSCP class for connections. - Accepted values are M-bM-^@M-^\af11M-bM-^@M-^], M-bM-^@M-^\af12M-bM-^@M-^], M-bM-^@M-^\af13M-bM-^@M-^], M-bM-^@M-^\af21M-bM-^@M-^], M-bM-^@M-^\af22M-bM-^@M-^], - M-bM-^@M-^\af23M-bM-^@M-^], M-bM-^@M-^\af31M-bM-^@M-^], M-bM-^@M-^\af32M-bM-^@M-^], M-bM-^@M-^\af33M-bM-^@M-^], M-bM-^@M-^\af41M-bM-^@M-^], M-bM-^@M-^\af42M-bM-^@M-^], M-bM-^@M-^\af43M-bM-^@M-^], M-bM-^@M-^\cs0M-bM-^@M-^], - M-bM-^@M-^\cs1M-bM-^@M-^], M-bM-^@M-^\cs2M-bM-^@M-^], M-bM-^@M-^\cs3M-bM-^@M-^], M-bM-^@M-^\cs4M-bM-^@M-^], M-bM-^@M-^\cs5M-bM-^@M-^], M-bM-^@M-^\cs6M-bM-^@M-^], M-bM-^@M-^\cs7M-bM-^@M-^], M-bM-^@M-^\efM-bM-^@M-^], - M-bM-^@M-^\lowdelayM-bM-^@M-^], M-bM-^@M-^\throughputM-bM-^@M-^], M-bM-^@M-^\reliabilityM-bM-^@M-^], or a numeric value. - This option may take one or two arguments, separated by - whitespace. If one argument is specified, it is used as the - packet class unconditionally. If two values are specified, the - first is automatically selected for interactive sessions and the - second for non-interactive sessions. The default is M-bM-^@M-^\lowdelayM-bM-^@M-^] - for interactive sessions and M-bM-^@M-^\throughputM-bM-^@M-^] for non-interactive - sessions. - - KbdInteractiveAuthentication - Specifies whether to use keyboard-interactive authentication. - The argument to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default - is M-bM-^@M-^\yesM-bM-^@M-^]. - - KbdInteractiveDevices - Specifies the list of methods to use in keyboard-interactive - authentication. Multiple method names must be comma-separated. - The default is to use the server specified list. The methods - available vary depending on what the server supports. For an - OpenSSH server, it may be zero or more of: M-bM-^@M-^\bsdauthM-bM-^@M-^], M-bM-^@M-^\pamM-bM-^@M-^], and - M-bM-^@M-^\skeyM-bM-^@M-^]. - - KexAlgorithms - Specifies the available KEX (Key Exchange) algorithms. Multiple - algorithms must be comma-separated. Alternately if the specified - value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified methods - will be appended to the default set instead of replacing them. - The default is: - - curve25519-sha256@libssh.org, - ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, - diffie-hellman-group-exchange-sha256, - diffie-hellman-group-exchange-sha1, - diffie-hellman-group14-sha1 - - The list of available key exchange algorithms may also be - obtained using the -Q option of ssh(1) with an argument of M-bM-^@M-^\kexM-bM-^@M-^]. - - LocalCommand - Specifies a command to execute on the local machine after - successfully connecting to the server. The command string - extends to the end of the line, and is executed with the user's - shell. The following escape character substitutions will be - performed: M-bM-^@M-^X%dM-bM-^@M-^Y (local user's home directory), M-bM-^@M-^X%hM-bM-^@M-^Y (remote host - name), M-bM-^@M-^X%lM-bM-^@M-^Y (local host name), M-bM-^@M-^X%nM-bM-^@M-^Y (host name as provided on the - command line), M-bM-^@M-^X%pM-bM-^@M-^Y (remote port), M-bM-^@M-^X%rM-bM-^@M-^Y (remote user name) or - M-bM-^@M-^X%uM-bM-^@M-^Y (local user name) or M-bM-^@M-^X%CM-bM-^@M-^Y by a hash of the concatenation: - %l%h%p%r. - - The command is run synchronously and does not have access to the - session of the ssh(1) that spawned it. It should not be used for - interactive commands. - - This directive is ignored unless PermitLocalCommand has been - enabled. - - LocalForward - Specifies that a TCP port on the local machine be forwarded over - the secure channel to the specified host and port from the remote - machine. The first argument must be [bind_address:]port and the - second argument must be host:hostport. IPv6 addresses can be - specified by enclosing addresses in square brackets. Multiple - forwardings may be specified, and additional forwardings can be - given on the command line. Only the superuser can forward - privileged ports. By default, the local port is bound in - accordance with the GatewayPorts setting. However, an explicit - bind_address may be used to bind the connection to a specific - address. The bind_address of M-bM-^@M-^\localhostM-bM-^@M-^] indicates that the - listening port be bound for local use only, while an empty - address or M-bM-^@M-^X*M-bM-^@M-^Y indicates that the port should be available from - all interfaces. - - LogLevel - Gives the verbosity level that is used when logging messages from - ssh(1). The possible values are: QUIET, FATAL, ERROR, INFO, - VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. The default is INFO. - DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify - higher levels of verbose output. - - MACs Specifies the MAC (message authentication code) algorithms in - order of preference. The MAC algorithm is used in protocol - version 2 for data integrity protection. Multiple algorithms - must be comma-separated. If the specified value begins with a - M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified algorithms will be appended to - the default set instead of replacing them. - - The algorithms that contain M-bM-^@M-^\-etmM-bM-^@M-^] calculate the MAC after - encryption (encrypt-then-mac). These are considered safer and - their use recommended. - - The default is: - - umac-64-etm@openssh.com,umac-128-etm@openssh.com, - hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com, - umac-64@openssh.com,umac-128@openssh.com, - hmac-sha2-256,hmac-sha2-512, - hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com, - hmac-ripemd160-etm@openssh.com, - hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com, - hmac-md5,hmac-sha1,hmac-ripemd160, - hmac-sha1-96,hmac-md5-96 - - The list of available MAC algorithms may also be obtained using - the -Q option of ssh(1) with an argument of M-bM-^@M-^\macM-bM-^@M-^]. - - NoHostAuthenticationForLocalhost - This option can be used if the home directory is shared across - machines. In this case localhost will refer to a different - machine on each of the machines and the user will get many - warnings about changed host keys. However, this option disables - host authentication for localhost. The argument to this keyword - must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is to check the host key for - localhost. - - NumberOfPasswordPrompts - Specifies the number of password prompts before giving up. The - argument to this keyword must be an integer. The default is 3. - - PasswordAuthentication - Specifies whether to use password authentication. The argument - to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\yesM-bM-^@M-^]. - - PermitLocalCommand - Allow local command execution via the LocalCommand option or - using the !command escape sequence in ssh(1). The argument must - be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. - - PKCS11Provider - Specifies which PKCS#11 provider to use. The argument to this - keyword is the PKCS#11 shared library ssh(1) should use to - communicate with a PKCS#11 token providing the user's private RSA - key. - - Port Specifies the port number to connect on the remote host. The - default is 22. - - PreferredAuthentications - Specifies the order in which the client should try protocol 2 - authentication methods. This allows a client to prefer one - method (e.g. keyboard-interactive) over another method (e.g. - password). The default is: - - gssapi-with-mic,hostbased,publickey, - keyboard-interactive,password - - Protocol - Specifies the protocol versions ssh(1) should support in order of - preference. The possible values are M-bM-^@M-^X1M-bM-^@M-^Y and M-bM-^@M-^X2M-bM-^@M-^Y. Multiple - versions must be comma-separated. When this option is set to - M-bM-^@M-^\2,1M-bM-^@M-^] ssh will try version 2 and fall back to version 1 if - version 2 is not available. The default is M-bM-^@M-^X2M-bM-^@M-^Y. - - ProxyCommand - Specifies the command to use to connect to the server. The - command string extends to the end of the line, and is executed - using the user's shell M-bM-^@M-^XexecM-bM-^@M-^Y directive to avoid a lingering - shell process. - - In the command string, any occurrence of M-bM-^@M-^X%hM-bM-^@M-^Y will be substituted - by the host name to connect, M-bM-^@M-^X%pM-bM-^@M-^Y by the port, and M-bM-^@M-^X%rM-bM-^@M-^Y by the - remote user name. The command can be basically anything, and - should read from its standard input and write to its standard - output. It should eventually connect an sshd(8) server running - on some machine, or execute sshd -i somewhere. Host key - management will be done using the HostName of the host being - connected (defaulting to the name typed by the user). Setting - the command to M-bM-^@M-^\noneM-bM-^@M-^] disables this option entirely. Note that - CheckHostIP is not available for connects with a proxy command. - - This directive is useful in conjunction with nc(1) and its proxy - support. For example, the following directive would connect via - an HTTP proxy at 192.0.2.0: - - ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p - - ProxyUseFdpass - Specifies that ProxyCommand will pass a connected file descriptor - back to ssh(1) instead of continuing to execute and pass data. - The default is M-bM-^@M-^\noM-bM-^@M-^]. - - PubkeyAcceptedKeyTypes - Specifies the key types that will be used for public key - authentication as a comma-separated pattern list. Alternately if - the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the key - types after it will be appended to the default instead of - replacing it. The default for this option is: - - ecdsa-sha2-nistp256-cert-v01@openssh.com, - ecdsa-sha2-nistp384-cert-v01@openssh.com, - ecdsa-sha2-nistp521-cert-v01@openssh.com, - ssh-ed25519-cert-v01@openssh.com, - ssh-rsa-cert-v01@openssh.com, - ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, - ssh-ed25519,ssh-rsa - - The -Q option of ssh(1) may be used to list supported key types. - - PubkeyAuthentication - Specifies whether to try public key authentication. The argument - to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\yesM-bM-^@M-^]. - This option applies to protocol version 2 only. - - RekeyLimit - Specifies the maximum amount of data that may be transmitted - before the session key is renegotiated, optionally followed a - maximum amount of time that may pass before the session key is - renegotiated. The first argument is specified in bytes and may - have a suffix of M-bM-^@M-^XKM-bM-^@M-^Y, M-bM-^@M-^XMM-bM-^@M-^Y, or M-bM-^@M-^XGM-bM-^@M-^Y to indicate Kilobytes, - Megabytes, or Gigabytes, respectively. The default is between - M-bM-^@M-^X1GM-bM-^@M-^Y and M-bM-^@M-^X4GM-bM-^@M-^Y, depending on the cipher. The optional second - value is specified in seconds and may use any of the units - documented in the TIME FORMATS section of sshd_config(5). The - default value for RekeyLimit is M-bM-^@M-^\default noneM-bM-^@M-^], which means that - rekeying is performed after the cipher's default amount of data - has been sent or received and no time based rekeying is done. - This option applies to protocol version 2 only. - - RemoteForward - Specifies that a TCP port on the remote machine be forwarded over - the secure channel to the specified host and port from the local - machine. The first argument must be [bind_address:]port and the - second argument must be host:hostport. IPv6 addresses can be - specified by enclosing addresses in square brackets. Multiple - forwardings may be specified, and additional forwardings can be - given on the command line. Privileged ports can be forwarded - only when logging in as root on the remote machine. - - If the port argument is M-bM-^@M-^X0M-bM-^@M-^Y, the listen port will be dynamically - allocated on the server and reported to the client at run time. - - If the bind_address is not specified, the default is to only bind - to loopback addresses. If the bind_address is M-bM-^@M-^X*M-bM-^@M-^Y or an empty - string, then the forwarding is requested to listen on all - interfaces. Specifying a remote bind_address will only succeed - if the server's GatewayPorts option is enabled (see - sshd_config(5)). - - RequestTTY - Specifies whether to request a pseudo-tty for the session. The - argument may be one of: M-bM-^@M-^\noM-bM-^@M-^] (never request a TTY), M-bM-^@M-^\yesM-bM-^@M-^] (always - request a TTY when standard input is a TTY), M-bM-^@M-^\forceM-bM-^@M-^] (always - request a TTY) or M-bM-^@M-^\autoM-bM-^@M-^] (request a TTY when opening a login - session). This option mirrors the -t and -T flags for ssh(1). - - RevokedHostKeys - Specifies revoked host public keys. Keys listed in this file - will be refused for host authentication. Note that if this file - does not exist or is not readable, then host authentication will - be refused for all hosts. Keys may be specified as a text file, - listing one public key per line, or as an OpenSSH Key Revocation - List (KRL) as generated by ssh-keygen(1). For more information - on KRLs, see the KEY REVOCATION LISTS section in ssh-keygen(1). - - RhostsRSAAuthentication - Specifies whether to try rhosts based authentication with RSA - host authentication. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The - default is M-bM-^@M-^\noM-bM-^@M-^]. This option applies to protocol version 1 only - and requires ssh(1) to be setuid root. - - RSAAuthentication - Specifies whether to try RSA authentication. The argument to - this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. RSA authentication will only - be attempted if the identity file exists, or an authentication - agent is running. The default is M-bM-^@M-^\yesM-bM-^@M-^]. Note that this option - applies to protocol version 1 only. - - SendEnv - Specifies what variables from the local environ(7) should be sent - to the server. Note that environment passing is only supported - for protocol 2. The server must also support it, and the server - must be configured to accept these environment variables. Note - that the TERM environment variable is always sent whenever a - pseudo-terminal is requested as it is required by the protocol. - Refer to AcceptEnv in sshd_config(5) for how to configure the - server. Variables are specified by name, which may contain - wildcard characters. Multiple environment variables may be - separated by whitespace or spread across multiple SendEnv - directives. The default is not to send any environment - variables. - - See PATTERNS for more information on patterns. - - ServerAliveCountMax - Sets the number of server alive messages (see below) which may be - sent without ssh(1) receiving any messages back from the server. - If this threshold is reached while server alive messages are - being sent, ssh will disconnect from the server, terminating the - session. It is important to note that the use of server alive - messages is very different from TCPKeepAlive (below). The server - alive messages are sent through the encrypted channel and - therefore will not be spoofable. The TCP keepalive option - enabled by TCPKeepAlive is spoofable. The server alive mechanism - is valuable when the client or server depend on knowing when a - connection has become inactive. - - The default value is 3. If, for example, ServerAliveInterval - (see below) is set to 15 and ServerAliveCountMax is left at the - default, if the server becomes unresponsive, ssh will disconnect - after approximately 45 seconds. This option applies to protocol - version 2 only. - - ServerAliveInterval - Sets a timeout interval in seconds after which if no data has - been received from the server, ssh(1) will send a message through - the encrypted channel to request a response from the server. The - default is 0, indicating that these messages will not be sent to - the server. This option applies to protocol version 2 only. - - StreamLocalBindMask - Sets the octal file creation mode mask (umask) used when creating - a Unix-domain socket file for local or remote port forwarding. - This option is only used for port forwarding to a Unix-domain - socket file. - - The default value is 0177, which creates a Unix-domain socket - file that is readable and writable only by the owner. Note that - not all operating systems honor the file mode on Unix-domain - socket files. - - StreamLocalBindUnlink - Specifies whether to remove an existing Unix-domain socket file - for local or remote port forwarding before creating a new one. - If the socket file already exists and StreamLocalBindUnlink is - not enabled, ssh will be unable to forward the port to the Unix- - domain socket file. This option is only used for port forwarding - to a Unix-domain socket file. - - The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. - - StrictHostKeyChecking - If this flag is set to M-bM-^@M-^\yesM-bM-^@M-^], ssh(1) will never automatically add - host keys to the ~/.ssh/known_hosts file, and refuses to connect - to hosts whose host key has changed. This provides maximum - protection against trojan horse attacks, though it can be - annoying when the /etc/ssh/ssh_known_hosts file is poorly - maintained or when connections to new hosts are frequently made. - This option forces the user to manually add all new hosts. If - this flag is set to M-bM-^@M-^\noM-bM-^@M-^], ssh will automatically add new host - keys to the user known hosts files. If this flag is set to - M-bM-^@M-^\askM-bM-^@M-^], new host keys will be added to the user known host files - only after the user has confirmed that is what they really want - to do, and ssh will refuse to connect to hosts whose host key has - changed. The host keys of known hosts will be verified - automatically in all cases. The argument must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\noM-bM-^@M-^], or - M-bM-^@M-^\askM-bM-^@M-^]. The default is M-bM-^@M-^\askM-bM-^@M-^]. - - TCPKeepAlive - Specifies whether the system should send TCP keepalive messages - to the other side. If they are sent, death of the connection or - crash of one of the machines will be properly noticed. However, - this means that connections will die if the route is down - temporarily, and some people find it annoying. - - The default is M-bM-^@M-^\yesM-bM-^@M-^] (to send TCP keepalive messages), and the - client will notice if the network goes down or the remote host - dies. This is important in scripts, and many users want it too. - - To disable TCP keepalive messages, the value should be set to - M-bM-^@M-^\noM-bM-^@M-^]. - - Tunnel Request tun(4) device forwarding between the client and the - server. The argument must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\point-to-pointM-bM-^@M-^] (layer 3), - M-bM-^@M-^\ethernetM-bM-^@M-^] (layer 2), or M-bM-^@M-^\noM-bM-^@M-^]. Specifying M-bM-^@M-^\yesM-bM-^@M-^] requests the - default tunnel mode, which is M-bM-^@M-^\point-to-pointM-bM-^@M-^]. The default is - M-bM-^@M-^\noM-bM-^@M-^]. - - TunnelDevice - Specifies the tun(4) devices to open on the client (local_tun) - and the server (remote_tun). - - The argument must be local_tun[:remote_tun]. The devices may be - specified by numerical ID or the keyword M-bM-^@M-^\anyM-bM-^@M-^], which uses the - next available tunnel device. If remote_tun is not specified, it - defaults to M-bM-^@M-^\anyM-bM-^@M-^]. The default is M-bM-^@M-^\any:anyM-bM-^@M-^]. - - UpdateHostKeys - Specifies whether ssh(1) should accept notifications of - additional hostkeys from the server sent after authentication has - completed and add them to UserKnownHostsFile. The argument must - be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\noM-bM-^@M-^] (the default) or M-bM-^@M-^\askM-bM-^@M-^]. Enabling this option - allows learning alternate hostkeys for a server and supports - graceful key rotation by allowing a server to send replacement - public keys before old ones are removed. Additional hostkeys are - only accepted if the key used to authenticate the host was - already trusted or explicity accepted by the user. If - UpdateHostKeys is set to M-bM-^@M-^\askM-bM-^@M-^], then the user is asked to confirm - the modifications to the known_hosts file. Confirmation is - currently incompatible with ControlPersist, and will be disabled - if it is enabled. - - Presently, only sshd(8) from OpenSSH 6.8 and greater support the - M-bM-^@M-^\hostkeys@openssh.comM-bM-^@M-^] protocol extension used to inform the - client of all the server's hostkeys. - - UsePrivilegedPort - Specifies whether to use a privileged port for outgoing - connections. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is - M-bM-^@M-^\noM-bM-^@M-^]. If set to M-bM-^@M-^\yesM-bM-^@M-^], ssh(1) must be setuid root. Note that - this option must be set to M-bM-^@M-^\yesM-bM-^@M-^] for RhostsRSAAuthentication with - older servers. - - User Specifies the user to log in as. This can be useful when a - different user name is used on different machines. This saves - the trouble of having to remember to give the user name on the - command line. - - UserKnownHostsFile - Specifies one or more files to use for the user host key - database, separated by whitespace. The default is - ~/.ssh/known_hosts, ~/.ssh/known_hosts2. - - VerifyHostKeyDNS - Specifies whether to verify the remote key using DNS and SSHFP - resource records. If this option is set to M-bM-^@M-^\yesM-bM-^@M-^], the client - will implicitly trust keys that match a secure fingerprint from - DNS. Insecure fingerprints will be handled as if this option was - set to M-bM-^@M-^\askM-bM-^@M-^]. If this option is set to M-bM-^@M-^\askM-bM-^@M-^], information on - fingerprint match will be displayed, but the user will still need - to confirm new host keys according to the StrictHostKeyChecking - option. The argument must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\noM-bM-^@M-^], or M-bM-^@M-^\askM-bM-^@M-^]. The default - is M-bM-^@M-^\noM-bM-^@M-^]. Note that this option applies to protocol version 2 - only. - - See also VERIFYING HOST KEYS in ssh(1). - - VisualHostKey - If this flag is set to M-bM-^@M-^\yesM-bM-^@M-^], an ASCII art representation of the - remote host key fingerprint is printed in addition to the - fingerprint string at login and for unknown host keys. If this - flag is set to M-bM-^@M-^\noM-bM-^@M-^], no fingerprint strings are printed at login - and only the fingerprint string will be printed for unknown host - keys. The default is M-bM-^@M-^\noM-bM-^@M-^]. - - XAuthLocation - Specifies the full pathname of the xauth(1) program. The default - is /usr/X11R6/bin/xauth. - -PATTERNS - A pattern consists of zero or more non-whitespace characters, M-bM-^@M-^X*M-bM-^@M-^Y (a - wildcard that matches zero or more characters), or M-bM-^@M-^X?M-bM-^@M-^Y (a wildcard that - matches exactly one character). For example, to specify a set of - declarations for any host in the M-bM-^@M-^\.co.ukM-bM-^@M-^] set of domains, the following - pattern could be used: - - Host *.co.uk - - The following pattern would match any host in the 192.168.0.[0-9] network - range: - - Host 192.168.0.? - - A pattern-list is a comma-separated list of patterns. Patterns within - pattern-lists may be negated by preceding them with an exclamation mark - (M-bM-^@M-^X!M-bM-^@M-^Y). For example, to allow a key to be used from anywhere within an - organization except from the M-bM-^@M-^\dialupM-bM-^@M-^] pool, the following entry (in - authorized_keys) could be used: - - from="!*.dialup.example.com,*.example.com" - -FILES - ~/.ssh/config - This is the per-user configuration file. The format of this file - is described above. This file is used by the SSH client. - Because of the potential for abuse, this file must have strict - permissions: read/write for the user, and not accessible by - others. - - /etc/ssh/ssh_config - Systemwide configuration file. This file provides defaults for - those values that are not specified in the user's configuration - file, and for those users who do not have a configuration file. - This file must be world-readable. - -SEE ALSO - ssh(1) - -AUTHORS - OpenSSH is a derivative of the original and free ssh 1.2.12 release by - Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo - de Raadt and Dug Song removed many bugs, re-added newer features and - created OpenSSH. Markus Friedl contributed the support for SSH protocol - versions 1.5 and 2.0. - -OpenBSD 5.8 July 30, 2015 OpenBSD 5.8 diff --git a/crypto/openssh/sshd.0 b/crypto/openssh/sshd.0 deleted file mode 100644 index e771c9516a0..00000000000 --- a/crypto/openssh/sshd.0 +++ /dev/null @@ -1,640 +0,0 @@ -SSHD(8) System Manager's Manual SSHD(8) - -NAME - sshd M-bM-^@M-^S OpenSSH SSH daemon - -SYNOPSIS - sshd [-46DdeiqTt] [-b bits] [-C connection_spec] - [-c host_certificate_file] [-E log_file] [-f config_file] - [-g login_grace_time] [-h host_key_file] [-k key_gen_time] - [-o option] [-p port] [-u len] - -DESCRIPTION - sshd (OpenSSH Daemon) is the daemon program for ssh(1). Together these - programs replace rlogin and rsh, and provide secure encrypted - communications between two untrusted hosts over an insecure network. - - sshd listens for connections from clients. It is normally started at - boot from /etc/rc. It forks a new daemon for each incoming connection. - The forked daemons handle key exchange, encryption, authentication, - command execution, and data exchange. - - sshd can be configured using command-line options or a configuration file - (by default sshd_config(5)); command-line options override values - specified in the configuration file. sshd rereads its configuration file - when it receives a hangup signal, SIGHUP, by executing itself with the - name and options it was started with, e.g. /usr/sbin/sshd. - - The options are as follows: - - -4 Forces sshd to use IPv4 addresses only. - - -6 Forces sshd to use IPv6 addresses only. - - -b bits - Specifies the number of bits in the ephemeral protocol version 1 - server key (default 1024). - - -C connection_spec - Specify the connection parameters to use for the -T extended test - mode. If provided, any Match directives in the configuration - file that would apply to the specified user, host, and address - will be set before the configuration is written to standard - output. The connection parameters are supplied as keyword=value - pairs. The keywords are M-bM-^@M-^\userM-bM-^@M-^], M-bM-^@M-^\hostM-bM-^@M-^], M-bM-^@M-^\laddrM-bM-^@M-^], M-bM-^@M-^\lportM-bM-^@M-^], and - M-bM-^@M-^\addrM-bM-^@M-^]. All are required and may be supplied in any order, - either with multiple -C options or as a comma-separated list. - - -c host_certificate_file - Specifies a path to a certificate file to identify sshd during - key exchange. The certificate file must match a host key file - specified using the -h option or the HostKey configuration - directive. - - -D When this option is specified, sshd will not detach and does not - become a daemon. This allows easy monitoring of sshd. - - -d Debug mode. The server sends verbose debug output to standard - error, and does not put itself in the background. The server - also will not fork and will only process one connection. This - option is only intended for debugging for the server. Multiple - -d options increase the debugging level. Maximum is 3. - - -E log_file - Append debug logs to log_file instead of the system log. - - -e Write debug logs to standard error instead of the system log. - - -f config_file - Specifies the name of the configuration file. The default is - /etc/ssh/sshd_config. sshd refuses to start if there is no - configuration file. - - -g login_grace_time - Gives the grace time for clients to authenticate themselves - (default 120 seconds). If the client fails to authenticate the - user within this many seconds, the server disconnects and exits. - A value of zero indicates no limit. - - -h host_key_file - Specifies a file from which a host key is read. This option must - be given if sshd is not run as root (as the normal host key files - are normally not readable by anyone but root). The default is - /etc/ssh/ssh_host_key for protocol version 1, and - /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_ecdsa_key. - /etc/ssh/ssh_host_ed25519_key and /etc/ssh/ssh_host_rsa_key for - protocol version 2. It is possible to have multiple host key - files for the different protocol versions and host key - algorithms. - - -i Specifies that sshd is being run from inetd(8). If SSH protocol - 1 is enabled, sshd should not normally be run from inetd because - it needs to generate the server key before it can respond to the - client, and this may take some time. Clients may have to wait - too long if the key was regenerated every time. - - -k key_gen_time - Specifies how often the ephemeral protocol version 1 server key - is regenerated (default 3600 seconds, or one hour). The - motivation for regenerating the key fairly often is that the key - is not stored anywhere, and after about an hour it becomes - impossible to recover the key for decrypting intercepted - communications even if the machine is cracked into or physically - seized. A value of zero indicates that the key will never be - regenerated. - - -o option - Can be used to give options in the format used in the - configuration file. This is useful for specifying options for - which there is no separate command-line flag. For full details - of the options, and their values, see sshd_config(5). - - -p port - Specifies the port on which the server listens for connections - (default 22). Multiple port options are permitted. Ports - specified in the configuration file with the Port option are - ignored when a command-line port is specified. Ports specified - using the ListenAddress option override command-line ports. - - -q Quiet mode. Nothing is sent to the system log. Normally the - beginning, authentication, and termination of each connection is - logged. - - -T Extended test mode. Check the validity of the configuration - file, output the effective configuration to stdout and then exit. - Optionally, Match rules may be applied by specifying the - connection parameters using one or more -C options. - - -t Test mode. Only check the validity of the configuration file and - sanity of the keys. This is useful for updating sshd reliably as - configuration options may change. - - -u len This option is used to specify the size of the field in the utmp - structure that holds the remote host name. If the resolved host - name is longer than len, the dotted decimal value will be used - instead. This allows hosts with very long host names that - overflow this field to still be uniquely identified. Specifying - -u0 indicates that only dotted decimal addresses should be put - into the utmp file. -u0 may also be used to prevent sshd from - making DNS requests unless the authentication mechanism or - configuration requires it. Authentication mechanisms that may - require DNS include RhostsRSAAuthentication, - HostbasedAuthentication, and using a from="pattern-list" option - in a key file. Configuration options that require DNS include - using a USER@HOST pattern in AllowUsers or DenyUsers. - -AUTHENTICATION - The OpenSSH SSH daemon supports SSH protocols 1 and 2. The default is to - use protocol 2 only, though this can be changed via the Protocol option - in sshd_config(5). Protocol 2 supports DSA, ECDSA, Ed25519 and RSA keys; - protocol 1 only supports RSA keys. For both protocols, each host has a - host-specific key, normally 2048 bits, used to identify the host. - - Forward security for protocol 1 is provided through an additional server - key, normally 1024 bits, generated when the server starts. This key is - normally regenerated every hour if it has been used, and is never stored - on disk. Whenever a client connects, the daemon responds with its public - host and server keys. The client compares the RSA host key against its - own database to verify that it has not changed. The client then - generates a 256-bit random number. It encrypts this random number using - both the host key and the server key, and sends the encrypted number to - the server. Both sides then use this random number as a session key - which is used to encrypt all further communications in the session. The - rest of the session is encrypted using a conventional cipher, currently - Blowfish or 3DES, with 3DES being used by default. The client selects - the encryption algorithm to use from those offered by the server. - - For protocol 2, forward security is provided through a Diffie-Hellman key - agreement. This key agreement results in a shared session key. The rest - of the session is encrypted using a symmetric cipher, currently 128-bit - AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES. The - client selects the encryption algorithm to use from those offered by the - server. Additionally, session integrity is provided through a - cryptographic message authentication code (hmac-md5, hmac-sha1, umac-64, - umac-128, hmac-ripemd160, hmac-sha2-256 or hmac-sha2-512). - - Finally, the server and the client enter an authentication dialog. The - client tries to authenticate itself using host-based authentication, - public key authentication, challenge-response authentication, or password - authentication. - - Regardless of the authentication type, the account is checked to ensure - that it is accessible. An account is not accessible if it is locked, - listed in DenyUsers or its group is listed in DenyGroups . The - definition of a locked account is system dependant. Some platforms have - their own account database (eg AIX) and some modify the passwd field ( - M-bM-^@M-^X*LK*M-bM-^@M-^Y on Solaris and UnixWare, M-bM-^@M-^X*M-bM-^@M-^Y on HP-UX, containing M-bM-^@M-^XNologinM-bM-^@M-^Y on - Tru64, a leading M-bM-^@M-^X*LOCKED*M-bM-^@M-^Y on FreeBSD and a leading M-bM-^@M-^X!M-bM-^@M-^Y on most - Linuxes). If there is a requirement to disable password authentication - for the account while allowing still public-key, then the passwd field - should be set to something other than these values (eg M-bM-^@M-^XNPM-bM-^@M-^Y or M-bM-^@M-^X*NP*M-bM-^@M-^Y ). - - If the client successfully authenticates itself, a dialog for preparing - the session is entered. At this time the client may request things like - allocating a pseudo-tty, forwarding X11 connections, forwarding TCP - connections, or forwarding the authentication agent connection over the - secure channel. - - After this, the client either requests a shell or execution of a command. - The sides then enter session mode. In this mode, either side may send - data at any time, and such data is forwarded to/from the shell or command - on the server side, and the user terminal in the client side. - - When the user program terminates and all forwarded X11 and other - connections have been closed, the server sends command exit status to the - client, and both sides exit. - -LOGIN PROCESS - When a user successfully logs in, sshd does the following: - - 1. If the login is on a tty, and no command has been specified, - prints last login time and /etc/motd (unless prevented in the - configuration file or by ~/.hushlogin; see the FILES section). - - 2. If the login is on a tty, records login time. - - 3. Checks /etc/nologin; if it exists, prints contents and quits - (unless root). - - 4. Changes to run with normal user privileges. - - 5. Sets up basic environment. - - 6. Reads the file ~/.ssh/environment, if it exists, and users are - allowed to change their environment. See the - PermitUserEnvironment option in sshd_config(5). - - 7. Changes to user's home directory. - - 8. If ~/.ssh/rc exists and the sshd_config(5) PermitUserRC option - is set, runs it; else if /etc/ssh/sshrc exists, runs it; - otherwise runs xauth. The M-bM-^@M-^\rcM-bM-^@M-^] files are given the X11 - authentication protocol and cookie in standard input. See - SSHRC, below. - - 9. Runs user's shell or command. All commands are run under the - user's login shell as specified in the system password - database. - -SSHRC - If the file ~/.ssh/rc exists, sh(1) runs it after reading the environment - files but before starting the user's shell or command. It must not - produce any output on stdout; stderr must be used instead. If X11 - forwarding is in use, it will receive the "proto cookie" pair in its - standard input (and DISPLAY in its environment). The script must call - xauth(1) because sshd will not run xauth automatically to add X11 - cookies. - - The primary purpose of this file is to run any initialization routines - which may be needed before the user's home directory becomes accessible; - AFS is a particular example of such an environment. - - This file will probably contain some initialization code followed by - something similar to: - - if read proto cookie && [ -n "$DISPLAY" ]; then - if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then - # X11UseLocalhost=yes - echo add unix:`echo $DISPLAY | - cut -c11-` $proto $cookie - else - # X11UseLocalhost=no - echo add $DISPLAY $proto $cookie - fi | xauth -q - - fi - - If this file does not exist, /etc/ssh/sshrc is run, and if that does not - exist either, xauth is used to add the cookie. - -AUTHORIZED_KEYS FILE FORMAT - AuthorizedKeysFile specifies the files containing public keys for public - key authentication; if none is specified, the default is - ~/.ssh/authorized_keys and ~/.ssh/authorized_keys2. Each line of the - file contains one key (empty lines and lines starting with a M-bM-^@M-^X#M-bM-^@M-^Y are - ignored as comments). Protocol 1 public keys consist of the following - space-separated fields: options, bits, exponent, modulus, comment. - Protocol 2 public key consist of: options, keytype, base64-encoded key, - comment. The options field is optional; its presence is determined by - whether the line starts with a number or not (the options field never - starts with a number). The bits, exponent, modulus, and comment fields - give the RSA key for protocol version 1; the comment field is not used - for anything (but may be convenient for the user to identify the key). - For protocol version 2 the keytype is M-bM-^@M-^\ecdsa-sha2-nistp256M-bM-^@M-^], - M-bM-^@M-^\ecdsa-sha2-nistp384M-bM-^@M-^], M-bM-^@M-^\ecdsa-sha2-nistp521M-bM-^@M-^], M-bM-^@M-^\ssh-ed25519M-bM-^@M-^], M-bM-^@M-^\ssh-dssM-bM-^@M-^] or - M-bM-^@M-^\ssh-rsaM-bM-^@M-^]. - - Note that lines in this file are usually several hundred bytes long - (because of the size of the public key encoding) up to a limit of 8 - kilobytes, which permits DSA keys up to 8 kilobits and RSA keys up to 16 - kilobits. You don't want to type them in; instead, copy the - identity.pub, id_dsa.pub, id_ecdsa.pub, id_ed25519.pub, or the id_rsa.pub - file and edit it. - - sshd enforces a minimum RSA key modulus size for protocol 1 and protocol - 2 keys of 768 bits. - - The options (if present) consist of comma-separated option - specifications. No spaces are permitted, except within double quotes. - The following option specifications are supported (note that option - keywords are case-insensitive): - - cert-authority - Specifies that the listed key is a certification authority (CA) - that is trusted to validate signed certificates for user - authentication. - - Certificates may encode access restrictions similar to these key - options. If both certificate restrictions and key options are - present, the most restrictive union of the two is applied. - - command="command" - Specifies that the command is executed whenever this key is used - for authentication. The command supplied by the user (if any) is - ignored. The command is run on a pty if the client requests a - pty; otherwise it is run without a tty. If an 8-bit clean - channel is required, one must not request a pty or should specify - no-pty. A quote may be included in the command by quoting it - with a backslash. This option might be useful to restrict - certain public keys to perform just a specific operation. An - example might be a key that permits remote backups but nothing - else. Note that the client may specify TCP and/or X11 forwarding - unless they are explicitly prohibited. The command originally - supplied by the client is available in the SSH_ORIGINAL_COMMAND - environment variable. Note that this option applies to shell, - command or subsystem execution. Also note that this command may - be superseded by either a sshd_config(5) ForceCommand directive - or a command embedded in a certificate. - - environment="NAME=value" - Specifies that the string is to be added to the environment when - logging in using this key. Environment variables set this way - override other default environment values. Multiple options of - this type are permitted. Environment processing is disabled by - default and is controlled via the PermitUserEnvironment option. - This option is automatically disabled if UseLogin is enabled. - - from="pattern-list" - Specifies that in addition to public key authentication, either - the canonical name of the remote host or its IP address must be - present in the comma-separated list of patterns. See PATTERNS in - ssh_config(5) for more information on patterns. - - In addition to the wildcard matching that may be applied to - hostnames or addresses, a from stanza may match IP addresses - using CIDR address/masklen notation. - - The purpose of this option is to optionally increase security: - public key authentication by itself does not trust the network or - name servers or anything (but the key); however, if somebody - somehow steals the key, the key permits an intruder to log in - from anywhere in the world. This additional option makes using a - stolen key more difficult (name servers and/or routers would have - to be compromised in addition to just the key). - - no-agent-forwarding - Forbids authentication agent forwarding when this key is used for - authentication. - - no-port-forwarding - Forbids TCP forwarding when this key is used for authentication. - Any port forward requests by the client will return an error. - This might be used, e.g. in connection with the command option. - - no-pty Prevents tty allocation (a request to allocate a pty will fail). - - no-user-rc - Disables execution of ~/.ssh/rc. - - no-X11-forwarding - Forbids X11 forwarding when this key is used for authentication. - Any X11 forward requests by the client will return an error. - - permitopen="host:port" - Limit local port forwarding with ssh(1) -L such that it may only - connect to the specified host and port. IPv6 addresses can be - specified by enclosing the address in square brackets. Multiple - permitopen options may be applied separated by commas. No - pattern matching is performed on the specified hostnames, they - must be literal domains or addresses. A port specification of * - matches any port. - - principals="principals" - On a cert-authority line, specifies allowed principals for - certificate authentication as a comma-separated list. At least - one name from the list must appear in the certificate's list of - principals for the certificate to be accepted. This option is - ignored for keys that are not marked as trusted certificate - signers using the cert-authority option. - - tunnel="n" - Force a tun(4) device on the server. Without this option, the - next available device will be used if the client requests a - tunnel. - - An example authorized_keys file: - - # Comments allowed at start of line - ssh-rsa AAAAB3Nza...LiPk== user@example.net - from="*.sales.example.net,!pc.sales.example.net" ssh-rsa - AAAAB2...19Q== john@example.net - command="dump /home",no-pty,no-port-forwarding ssh-dss - AAAAC3...51R== example.net - permitopen="192.0.2.1:80",permitopen="192.0.2.2:25" ssh-dss - AAAAB5...21S== - tunnel="0",command="sh /etc/netstart tun0" ssh-rsa AAAA...== - jane@example.net - -SSH_KNOWN_HOSTS FILE FORMAT - The /etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts files contain host - public keys for all known hosts. The global file should be prepared by - the administrator (optional), and the per-user file is maintained - automatically: whenever the user connects from an unknown host, its key - is added to the per-user file. - - Each line in these files contains the following fields: markers - (optional), hostnames, bits, exponent, modulus, comment. The fields are - separated by spaces. - - The marker is optional, but if it is present then it must be one of - M-bM-^@M-^\@cert-authorityM-bM-^@M-^], to indicate that the line contains a certification - authority (CA) key, or M-bM-^@M-^\@revokedM-bM-^@M-^], to indicate that the key contained on - the line is revoked and must not ever be accepted. Only one marker - should be used on a key line. - - Hostnames is a comma-separated list of patterns (M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y act as - wildcards); each pattern in turn is matched against the canonical host - name (when authenticating a client) or against the user-supplied name - (when authenticating a server). A pattern may also be preceded by M-bM-^@M-^X!M-bM-^@M-^Y to - indicate negation: if the host name matches a negated pattern, it is not - accepted (by that line) even if it matched another pattern on the line. - A hostname or address may optionally be enclosed within M-bM-^@M-^X[M-bM-^@M-^Y and M-bM-^@M-^X]M-bM-^@M-^Y - brackets then followed by M-bM-^@M-^X:M-bM-^@M-^Y and a non-standard port number. - - Alternately, hostnames may be stored in a hashed form which hides host - names and addresses should the file's contents be disclosed. Hashed - hostnames start with a M-bM-^@M-^X|M-bM-^@M-^Y character. Only one hashed hostname may - appear on a single line and none of the above negation or wildcard - operators may be applied. - - Bits, exponent, and modulus are taken directly from the RSA host key; - they can be obtained, for example, from /etc/ssh/ssh_host_key.pub. The - optional comment field continues to the end of the line, and is not used. - - Lines starting with M-bM-^@M-^X#M-bM-^@M-^Y and empty lines are ignored as comments. - - When performing host authentication, authentication is accepted if any - matching line has the proper key; either one that matches exactly or, if - the server has presented a certificate for authentication, the key of the - certification authority that signed the certificate. For a key to be - trusted as a certification authority, it must use the M-bM-^@M-^\@cert-authorityM-bM-^@M-^] - marker described above. - - The known hosts file also provides a facility to mark keys as revoked, - for example when it is known that the associated private key has been - stolen. Revoked keys are specified by including the M-bM-^@M-^\@revokedM-bM-^@M-^] marker at - the beginning of the key line, and are never accepted for authentication - or as certification authorities, but instead will produce a warning from - ssh(1) when they are encountered. - - It is permissible (but not recommended) to have several lines or - different host keys for the same names. This will inevitably happen when - short forms of host names from different domains are put in the file. It - is possible that the files contain conflicting information; - authentication is accepted if valid information can be found from either - file. - - Note that the lines in these files are typically hundreds of characters - long, and you definitely don't want to type in the host keys by hand. - Rather, generate them by a script, ssh-keyscan(1) or by taking - /etc/ssh/ssh_host_key.pub and adding the host names at the front. - ssh-keygen(1) also offers some basic automated editing for - ~/.ssh/known_hosts including removing hosts matching a host name and - converting all host names to their hashed representations. - - An example ssh_known_hosts file: - - # Comments allowed at start of line - closenet,...,192.0.2.53 1024 37 159...93 closenet.example.net - cvs.example.net,192.0.2.10 ssh-rsa AAAA1234.....= - # A hashed hostname - |1|JfKTdBh7rNbXkVAQCRp4OQoPfmI=|USECr3SWf1JUPsms5AqfD5QfxkM= ssh-rsa - AAAA1234.....= - # A revoked key - @revoked * ssh-rsa AAAAB5W... - # A CA key, accepted for any host in *.mydomain.com or *.mydomain.org - @cert-authority *.mydomain.org,*.mydomain.com ssh-rsa AAAAB5W... - -FILES - ~/.hushlogin - This file is used to suppress printing the last login time and - /etc/motd, if PrintLastLog and PrintMotd, respectively, are - enabled. It does not suppress printing of the banner specified - by Banner. - - ~/.rhosts - This file is used for host-based authentication (see ssh(1) for - more information). On some machines this file may need to be - world-readable if the user's home directory is on an NFS - partition, because sshd reads it as root. Additionally, this - file must be owned by the user, and must not have write - permissions for anyone else. The recommended permission for most - machines is read/write for the user, and not accessible by - others. - - ~/.shosts - This file is used in exactly the same way as .rhosts, but allows - host-based authentication without permitting login with - rlogin/rsh. - - ~/.ssh/ - This directory is the default location for all user-specific - configuration and authentication information. There is no - general requirement to keep the entire contents of this directory - secret, but the recommended permissions are read/write/execute - for the user, and not accessible by others. - - ~/.ssh/authorized_keys - Lists the public keys (DSA, ECDSA, Ed25519, RSA) that can be used - for logging in as this user. The format of this file is - described above. The content of the file is not highly - sensitive, but the recommended permissions are read/write for the - user, and not accessible by others. - - If this file, the ~/.ssh directory, or the user's home directory - are writable by other users, then the file could be modified or - replaced by unauthorized users. In this case, sshd will not - allow it to be used unless the StrictModes option has been set to - M-bM-^@M-^\noM-bM-^@M-^]. - - ~/.ssh/environment - This file is read into the environment at login (if it exists). - It can only contain empty lines, comment lines (that start with - M-bM-^@M-^X#M-bM-^@M-^Y), and assignment lines of the form name=value. The file - should be writable only by the user; it need not be readable by - anyone else. Environment processing is disabled by default and - is controlled via the PermitUserEnvironment option. - - ~/.ssh/known_hosts - Contains a list of host keys for all hosts the user has logged - into that are not already in the systemwide list of known host - keys. The format of this file is described above. This file - should be writable only by root/the owner and can, but need not - be, world-readable. - - ~/.ssh/rc - Contains initialization routines to be run before the user's home - directory becomes accessible. This file should be writable only - by the user, and need not be readable by anyone else. - - /etc/hosts.allow - /etc/hosts.deny - Access controls that should be enforced by tcp-wrappers are - defined here. Further details are described in hosts_access(5). - - /etc/hosts.equiv - This file is for host-based authentication (see ssh(1)). It - should only be writable by root. - - /etc/moduli - Contains Diffie-Hellman groups used for the "Diffie-Hellman Group - Exchange". The file format is described in moduli(5). - - /etc/motd - See motd(5). - - /etc/nologin - If this file exists, sshd refuses to let anyone except root log - in. The contents of the file are displayed to anyone trying to - log in, and non-root connections are refused. The file should be - world-readable. - - /etc/shosts.equiv - This file is used in exactly the same way as hosts.equiv, but - allows host-based authentication without permitting login with - rlogin/rsh. - - /etc/ssh/ssh_host_key - /etc/ssh/ssh_host_dsa_key - /etc/ssh/ssh_host_ecdsa_key - /etc/ssh/ssh_host_ed25519_key - /etc/ssh/ssh_host_rsa_key - These files contain the private parts of the host keys. These - files should only be owned by root, readable only by root, and - not accessible to others. Note that sshd does not start if these - files are group/world-accessible. - - /etc/ssh/ssh_host_key.pub - /etc/ssh/ssh_host_dsa_key.pub - /etc/ssh/ssh_host_ecdsa_key.pub - /etc/ssh/ssh_host_ed25519_key.pub - /etc/ssh/ssh_host_rsa_key.pub - These files contain the public parts of the host keys. These - files should be world-readable but writable only by root. Their - contents should match the respective private parts. These files - are not really used for anything; they are provided for the - convenience of the user so their contents can be copied to known - hosts files. These files are created using ssh-keygen(1). - - /etc/ssh/ssh_known_hosts - Systemwide list of known host keys. This file should be prepared - by the system administrator to contain the public host keys of - all machines in the organization. The format of this file is - described above. This file should be writable only by root/the - owner and should be world-readable. - - /etc/ssh/sshd_config - Contains configuration data for sshd. The file format and - configuration options are described in sshd_config(5). - - /etc/ssh/sshrc - Similar to ~/.ssh/rc, it can be used to specify machine-specific - login-time initializations globally. This file should be - writable only by root, and should be world-readable. - - /var/empty - chroot(2) directory used by sshd during privilege separation in - the pre-authentication phase. The directory should not contain - any files and must be owned by root and not group or world- - writable. - - /var/run/sshd.pid - Contains the process ID of the sshd listening for connections (if - there are several daemons running concurrently for different - ports, this contains the process ID of the one started last). - The content of this file is not sensitive; it can be world- - readable. - -SEE ALSO - scp(1), sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), - ssh-keyscan(1), chroot(2), hosts_access(5), login.conf(5), moduli(5), - sshd_config(5), inetd(8), sftp-server(8) - -AUTHORS - OpenSSH is a derivative of the original and free ssh 1.2.12 release by - Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo - de Raadt and Dug Song removed many bugs, re-added newer features and - created OpenSSH. Markus Friedl contributed the support for SSH protocol - versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support - for privilege separation. - -OpenBSD 5.8 July 3, 2015 OpenBSD 5.8 diff --git a/crypto/openssh/sshd_config.0 b/crypto/openssh/sshd_config.0 deleted file mode 100644 index 1cc7459f87b..00000000000 --- a/crypto/openssh/sshd_config.0 +++ /dev/null @@ -1,1052 +0,0 @@ -SSHD_CONFIG(5) File Formats Manual SSHD_CONFIG(5) - -NAME - sshd_config M-bM-^@M-^S OpenSSH SSH daemon configuration file - -SYNOPSIS - /etc/ssh/sshd_config - -DESCRIPTION - sshd(8) reads configuration data from /etc/ssh/sshd_config (or the file - specified with -f on the command line). The file contains keyword- - argument pairs, one per line. Lines starting with M-bM-^@M-^X#M-bM-^@M-^Y and empty lines - are interpreted as comments. Arguments may optionally be enclosed in - double quotes (") in order to represent arguments containing spaces. - - The possible keywords and their meanings are as follows (note that - keywords are case-insensitive and arguments are case-sensitive): - - AcceptEnv - Specifies what environment variables sent by the client will be - copied into the session's environ(7). See SendEnv in - ssh_config(5) for how to configure the client. Note that - environment passing is only supported for protocol 2, and that - the TERM environment variable is always sent whenever the client - requests a pseudo-terminal as it is required by the protocol. - Variables are specified by name, which may contain the wildcard - characters M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y. Multiple environment variables may be - separated by whitespace or spread across multiple AcceptEnv - directives. Be warned that some environment variables could be - used to bypass restricted user environments. For this reason, - care should be taken in the use of this directive. The default - is not to accept any environment variables. - - AddressFamily - Specifies which address family should be used by sshd(8). Valid - arguments are M-bM-^@M-^\anyM-bM-^@M-^], M-bM-^@M-^\inetM-bM-^@M-^] (use IPv4 only), or M-bM-^@M-^\inet6M-bM-^@M-^] (use IPv6 - only). The default is M-bM-^@M-^\anyM-bM-^@M-^]. - - AllowAgentForwarding - Specifies whether ssh-agent(1) forwarding is permitted. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. Note that disabling agent forwarding does not - improve security unless users are also denied shell access, as - they can always install their own forwarders. - - AllowGroups - This keyword can be followed by a list of group name patterns, - separated by spaces. If specified, login is allowed only for - users whose primary group or supplementary group list matches one - of the patterns. Only group names are valid; a numerical group - ID is not recognized. By default, login is allowed for all - groups. The allow/deny directives are processed in the following - order: DenyUsers, AllowUsers, DenyGroups, and finally - AllowGroups. - - See PATTERNS in ssh_config(5) for more information on patterns. - - AllowTcpForwarding - Specifies whether TCP forwarding is permitted. The available - options are M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\allM-bM-^@M-^] to allow TCP forwarding, M-bM-^@M-^\noM-bM-^@M-^] to - prevent all TCP forwarding, M-bM-^@M-^\localM-bM-^@M-^] to allow local (from the - perspective of ssh(1)) forwarding only or M-bM-^@M-^\remoteM-bM-^@M-^] to allow - remote forwarding only. The default is M-bM-^@M-^\yesM-bM-^@M-^]. Note that - disabling TCP forwarding does not improve security unless users - are also denied shell access, as they can always install their - own forwarders. - - AllowStreamLocalForwarding - Specifies whether StreamLocal (Unix-domain socket) forwarding is - permitted. The available options are M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\allM-bM-^@M-^] to allow - StreamLocal forwarding, M-bM-^@M-^\noM-bM-^@M-^] to prevent all StreamLocal - forwarding, M-bM-^@M-^\localM-bM-^@M-^] to allow local (from the perspective of - ssh(1)) forwarding only or M-bM-^@M-^\remoteM-bM-^@M-^] to allow remote forwarding - only. The default is M-bM-^@M-^\yesM-bM-^@M-^]. Note that disabling StreamLocal - forwarding does not improve security unless users are also denied - shell access, as they can always install their own forwarders. - - AllowUsers - This keyword can be followed by a list of user name patterns, - separated by spaces. If specified, login is allowed only for - user names that match one of the patterns. Only user names are - valid; a numerical user ID is not recognized. By default, login - is allowed for all users. If the pattern takes the form - USER@HOST then USER and HOST are separately checked, restricting - logins to particular users from particular hosts. The allow/deny - directives are processed in the following order: DenyUsers, - AllowUsers, DenyGroups, and finally AllowGroups. - - See PATTERNS in ssh_config(5) for more information on patterns. - - AuthenticationMethods - Specifies the authentication methods that must be successfully - completed for a user to be granted access. This option must be - followed by one or more comma-separated lists of authentication - method names. Successful authentication requires completion of - every method in at least one of these lists. - - For example, an argument of M-bM-^@M-^\publickey,password - publickey,keyboard-interactiveM-bM-^@M-^] would require the user to - complete public key authentication, followed by either password - or keyboard interactive authentication. Only methods that are - next in one or more lists are offered at each stage, so for this - example, it would not be possible to attempt password or - keyboard-interactive authentication before public key. - - For keyboard interactive authentication it is also possible to - restrict authentication to a specific device by appending a colon - followed by the device identifier M-bM-^@M-^\bsdauthM-bM-^@M-^], M-bM-^@M-^\pamM-bM-^@M-^], or M-bM-^@M-^\skeyM-bM-^@M-^], - depending on the server configuration. For example, - M-bM-^@M-^\keyboard-interactive:bsdauthM-bM-^@M-^] would restrict keyboard - interactive authentication to the M-bM-^@M-^\bsdauthM-bM-^@M-^] device. - - If the M-bM-^@M-^\publickeyM-bM-^@M-^] method is listed more than once, sshd(8) - verifies that keys that have been used successfully are not - reused for subsequent authentications. For example, an - AuthenticationMethods of M-bM-^@M-^\publickey,publickeyM-bM-^@M-^] will require - successful authentication using two different public keys. - - This option is only available for SSH protocol 2 and will yield a - fatal error if enabled if protocol 1 is also enabled. Note that - each authentication method listed should also be explicitly - enabled in the configuration. The default is not to require - multiple authentication; successful completion of a single - authentication method is sufficient. - - AuthorizedKeysCommand - Specifies a program to be used to look up the user's public keys. - The program must be owned by root, not writable by group or - others and specified by an absolute path. - - Arguments to AuthorizedKeysCommand may be provided using the - following tokens, which will be expanded at runtime: %% is - replaced by a literal '%', %u is replaced by the username being - authenticated, %h is replaced by the home directory of the user - being authenticated, %t is replaced with the key type offered for - authentication, %f is replaced with the fingerprint of the key, - and %k is replaced with the key being offered for authentication. - If no arguments are specified then the username of the target - user will be supplied. - - The program should produce on standard output zero or more lines - of authorized_keys output (see AUTHORIZED_KEYS in sshd(8)). If a - key supplied by AuthorizedKeysCommand does not successfully - authenticate and authorize the user then public key - authentication continues using the usual AuthorizedKeysFile - files. By default, no AuthorizedKeysCommand is run. - - AuthorizedKeysCommandUser - Specifies the user under whose account the AuthorizedKeysCommand - is run. It is recommended to use a dedicated user that has no - other role on the host than running authorized keys commands. If - AuthorizedKeysCommand is specified but AuthorizedKeysCommandUser - is not, then sshd(8) will refuse to start. - - AuthorizedKeysFile - Specifies the file that contains the public keys that can be used - for user authentication. The format is described in the - AUTHORIZED_KEYS FILE FORMAT section of sshd(8). - AuthorizedKeysFile may contain tokens of the form %T which are - substituted during connection setup. The following tokens are - defined: %% is replaced by a literal '%', %h is replaced by the - home directory of the user being authenticated, and %u is - replaced by the username of that user. After expansion, - AuthorizedKeysFile is taken to be an absolute path or one - relative to the user's home directory. Multiple files may be - listed, separated by whitespace. The default is - M-bM-^@M-^\.ssh/authorized_keys .ssh/authorized_keys2M-bM-^@M-^]. - - AuthorizedPrincipalsCommand - Specifies a program to be used to generate the list of allowed - certificate principals as per AuthorizedPrincipalsFile. The - program must be owned by root, not writable by group or others - and specified by an absolute path. - - Arguments to AuthorizedPrincipalsCommand may be provided using - the following tokens, which will be expanded at runtime: %% is - replaced by a literal '%', %u is replaced by the username being - authenticated and %h is replaced by the home directory of the - user being authenticated. - - The program should produce on standard output zero or more lines - of AuthorizedPrincipalsFile output. If either - AuthorizedPrincipalsCommand or AuthorizedPrincipalsFile is - specified, then certificates offered by the client for - authentication must contain a principal that is listed. By - default, no AuthorizedPrincipalsCommand is run. - - AuthorizedPrincipalsCommandUser - Specifies the user under whose account the - AuthorizedPrincipalsCommand is run. It is recommended to use a - dedicated user that has no other role on the host than running - authorized principals commands. If AuthorizedPrincipalsCommand - is specified but AuthorizedPrincipalsCommandUser is not, then - sshd(8) will refuse to start. - - AuthorizedPrincipalsFile - Specifies a file that lists principal names that are accepted for - certificate authentication. When using certificates signed by a - key listed in TrustedUserCAKeys, this file lists names, one of - which must appear in the certificate for it to be accepted for - authentication. Names are listed one per line preceded by key - options (as described in AUTHORIZED_KEYS FILE FORMAT in sshd(8)). - Empty lines and comments starting with M-bM-^@M-^X#M-bM-^@M-^Y are ignored. - - AuthorizedPrincipalsFile may contain tokens of the form %T which - are substituted during connection setup. The following tokens - are defined: %% is replaced by a literal '%', %h is replaced by - the home directory of the user being authenticated, and %u is - replaced by the username of that user. After expansion, - AuthorizedPrincipalsFile is taken to be an absolute path or one - relative to the user's home directory. - - The default is M-bM-^@M-^\noneM-bM-^@M-^], i.e. not to use a principals file M-bM-^@M-^S in - this case, the username of the user must appear in a - certificate's principals list for it to be accepted. Note that - AuthorizedPrincipalsFile is only used when authentication - proceeds using a CA listed in TrustedUserCAKeys and is not - consulted for certification authorities trusted via - ~/.ssh/authorized_keys, though the principals= key option offers - a similar facility (see sshd(8) for details). - - Banner The contents of the specified file are sent to the remote user - before authentication is allowed. If the argument is M-bM-^@M-^\noneM-bM-^@M-^] then - no banner is displayed. This option is only available for - protocol version 2. By default, no banner is displayed. - - ChallengeResponseAuthentication - Specifies whether challenge-response authentication is allowed - (e.g. via PAM or through authentication styles supported in - login.conf(5)) The default is M-bM-^@M-^\yesM-bM-^@M-^]. - - ChrootDirectory - Specifies the pathname of a directory to chroot(2) to after - authentication. At session startup sshd(8) checks that all - components of the pathname are root-owned directories which are - not writable by any other user or group. After the chroot, - sshd(8) changes the working directory to the user's home - directory. - - The pathname may contain the following tokens that are expanded - at runtime once the connecting user has been authenticated: %% is - replaced by a literal '%', %h is replaced by the home directory - of the user being authenticated, and %u is replaced by the - username of that user. - - The ChrootDirectory must contain the necessary files and - directories to support the user's session. For an interactive - session this requires at least a shell, typically sh(1), and - basic /dev nodes such as null(4), zero(4), stdin(4), stdout(4), - stderr(4), and tty(4) devices. For file transfer sessions using - M-bM-^@M-^\sftpM-bM-^@M-^], no additional configuration of the environment is - necessary if the in-process sftp server is used, though sessions - which use logging may require /dev/log inside the chroot - directory on some operating systems (see sftp-server(8) for - details). - - For safety, it is very important that the directory hierarchy be - prevented from modification by other processes on the system - (especially those outside the jail). Misconfiguration can lead - to unsafe environments which sshd(8) cannot detect. - - The default is not to chroot(2). - - Ciphers - Specifies the ciphers allowed for protocol version 2. Multiple - ciphers must be comma-separated. If the specified value begins - with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified ciphers will be appended - to the default set instead of replacing them. - - The supported ciphers are: - - 3des-cbc - aes128-cbc - aes192-cbc - aes256-cbc - aes128-ctr - aes192-ctr - aes256-ctr - aes128-gcm@openssh.com - aes256-gcm@openssh.com - arcfour - arcfour128 - arcfour256 - blowfish-cbc - cast128-cbc - chacha20-poly1305@openssh.com - - The default is: - - aes128-ctr,aes192-ctr,aes256-ctr, - aes128-gcm@openssh.com,aes256-gcm@openssh.com, - chacha20-poly1305@openssh.com - - The list of available ciphers may also be obtained using the -Q - option of ssh(1) with an argument of M-bM-^@M-^\cipherM-bM-^@M-^]. - - ClientAliveCountMax - Sets the number of client alive messages (see below) which may be - sent without sshd(8) receiving any messages back from the client. - If this threshold is reached while client alive messages are - being sent, sshd will disconnect the client, terminating the - session. It is important to note that the use of client alive - messages is very different from TCPKeepAlive (below). The client - alive messages are sent through the encrypted channel and - therefore will not be spoofable. The TCP keepalive option - enabled by TCPKeepAlive is spoofable. The client alive mechanism - is valuable when the client or server depend on knowing when a - connection has become inactive. - - The default value is 3. If ClientAliveInterval (see below) is - set to 15, and ClientAliveCountMax is left at the default, - unresponsive SSH clients will be disconnected after approximately - 45 seconds. This option applies to protocol version 2 only. - - ClientAliveInterval - Sets a timeout interval in seconds after which if no data has - been received from the client, sshd(8) will send a message - through the encrypted channel to request a response from the - client. The default is 0, indicating that these messages will - not be sent to the client. This option applies to protocol - version 2 only. - - Compression - Specifies whether compression is allowed, or delayed until the - user has authenticated successfully. The argument must be M-bM-^@M-^\yesM-bM-^@M-^], - M-bM-^@M-^\delayedM-bM-^@M-^], or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\delayedM-bM-^@M-^]. - - DenyGroups - This keyword can be followed by a list of group name patterns, - separated by spaces. Login is disallowed for users whose primary - group or supplementary group list matches one of the patterns. - Only group names are valid; a numerical group ID is not - recognized. By default, login is allowed for all groups. The - allow/deny directives are processed in the following order: - DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. - - See PATTERNS in ssh_config(5) for more information on patterns. - - DenyUsers - This keyword can be followed by a list of user name patterns, - separated by spaces. Login is disallowed for user names that - match one of the patterns. Only user names are valid; a - numerical user ID is not recognized. By default, login is - allowed for all users. If the pattern takes the form USER@HOST - then USER and HOST are separately checked, restricting logins to - particular users from particular hosts. The allow/deny - directives are processed in the following order: DenyUsers, - AllowUsers, DenyGroups, and finally AllowGroups. - - See PATTERNS in ssh_config(5) for more information on patterns. - - FingerprintHash - Specifies the hash algorithm used when logging key fingerprints. - Valid options are: M-bM-^@M-^\md5M-bM-^@M-^] and M-bM-^@M-^\sha256M-bM-^@M-^]. The default is M-bM-^@M-^\sha256M-bM-^@M-^]. - - ForceCommand - Forces the execution of the command specified by ForceCommand, - ignoring any command supplied by the client and ~/.ssh/rc if - present. The command is invoked by using the user's login shell - with the -c option. This applies to shell, command, or subsystem - execution. It is most useful inside a Match block. The command - originally supplied by the client is available in the - SSH_ORIGINAL_COMMAND environment variable. Specifying a command - of M-bM-^@M-^\internal-sftpM-bM-^@M-^] will force the use of an in-process sftp - server that requires no support files when used with - ChrootDirectory. - - GatewayPorts - Specifies whether remote hosts are allowed to connect to ports - forwarded for the client. By default, sshd(8) binds remote port - forwardings to the loopback address. This prevents other remote - hosts from connecting to forwarded ports. GatewayPorts can be - used to specify that sshd should allow remote port forwardings to - bind to non-loopback addresses, thus allowing other hosts to - connect. The argument may be M-bM-^@M-^\noM-bM-^@M-^] to force remote port - forwardings to be available to the local host only, M-bM-^@M-^\yesM-bM-^@M-^] to - force remote port forwardings to bind to the wildcard address, or - M-bM-^@M-^\clientspecifiedM-bM-^@M-^] to allow the client to select the address to - which the forwarding is bound. The default is M-bM-^@M-^\noM-bM-^@M-^]. - - GSSAPIAuthentication - Specifies whether user authentication based on GSSAPI is allowed. - The default is M-bM-^@M-^\noM-bM-^@M-^]. Note that this option applies to protocol - version 2 only. - - GSSAPICleanupCredentials - Specifies whether to automatically destroy the user's credentials - cache on logout. The default is M-bM-^@M-^\yesM-bM-^@M-^]. Note that this option - applies to protocol version 2 only. - - GSSAPIStrictAcceptorCheck - Determines whether to be strict about the identity of the GSSAPI - acceptor a client authenticates against. If set to M-bM-^@M-^\yesM-bM-^@M-^] then - the client must authenticate against the host service on the - current hostname. If set to M-bM-^@M-^\noM-bM-^@M-^] then the client may - authenticate against any service key stored in the machine's - default store. This facility is provided to assist with - operation on multi homed machines. The default is M-bM-^@M-^\yesM-bM-^@M-^]. - - HostbasedAcceptedKeyTypes - Specifies the key types that will be accepted for hostbased - authentication as a comma-separated pattern list. Alternately if - the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the - specified key types will be appended to the default set instead - of replacing them. The default for this option is: - - ecdsa-sha2-nistp256-cert-v01@openssh.com, - ecdsa-sha2-nistp384-cert-v01@openssh.com, - ecdsa-sha2-nistp521-cert-v01@openssh.com, - ssh-ed25519-cert-v01@openssh.com, - ssh-rsa-cert-v01@openssh.com, - ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, - ssh-ed25519,ssh-rsa - - The -Q option of ssh(1) may be used to list supported key types. - - HostbasedAuthentication - Specifies whether rhosts or /etc/hosts.equiv authentication - together with successful public key client host authentication is - allowed (host-based authentication). This option is similar to - RhostsRSAAuthentication and applies to protocol version 2 only. - The default is M-bM-^@M-^\noM-bM-^@M-^]. - - HostbasedUsesNameFromPacketOnly - Specifies whether or not the server will attempt to perform a - reverse name lookup when matching the name in the ~/.shosts, - ~/.rhosts, and /etc/hosts.equiv files during - HostbasedAuthentication. A setting of M-bM-^@M-^\yesM-bM-^@M-^] means that sshd(8) - uses the name supplied by the client rather than attempting to - resolve the name from the TCP connection itself. The default is - M-bM-^@M-^\noM-bM-^@M-^]. - - HostCertificate - Specifies a file containing a public host certificate. The - certificate's public key must match a private host key already - specified by HostKey. The default behaviour of sshd(8) is not to - load any certificates. - - HostKey - Specifies a file containing a private host key used by SSH. The - default is /etc/ssh/ssh_host_key for protocol version 1, and - /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_ecdsa_key, - /etc/ssh/ssh_host_ed25519_key and /etc/ssh/ssh_host_rsa_key for - protocol version 2. - - Note that sshd(8) will refuse to use a file if it is group/world- - accessible and that the HostKeyAlgorithms option restricts which - of the keys are actually used by sshd(8). - - It is possible to have multiple host key files. M-bM-^@M-^\rsa1M-bM-^@M-^] keys are - used for version 1 and M-bM-^@M-^\dsaM-bM-^@M-^], M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ed25519M-bM-^@M-^] or M-bM-^@M-^\rsaM-bM-^@M-^] are - used for version 2 of the SSH protocol. It is also possible to - specify public host key files instead. In this case operations - on the private key will be delegated to an ssh-agent(1). - - HostKeyAgent - Identifies the UNIX-domain socket used to communicate with an - agent that has access to the private host keys. If - M-bM-^@M-^\SSH_AUTH_SOCKM-bM-^@M-^] is specified, the location of the socket will be - read from the SSH_AUTH_SOCK environment variable. - - HostKeyAlgorithms - Specifies the protocol version 2 host key algorithms that the - server offers. The default for this option is: - - ecdsa-sha2-nistp256-cert-v01@openssh.com, - ecdsa-sha2-nistp384-cert-v01@openssh.com, - ecdsa-sha2-nistp521-cert-v01@openssh.com, - ssh-ed25519-cert-v01@openssh.com, - ssh-rsa-cert-v01@openssh.com, - ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, - ssh-ed25519,ssh-rsa - - The list of available key types may also be obtained using the -Q - option of ssh(1) with an argument of M-bM-^@M-^\keyM-bM-^@M-^]. - - IgnoreRhosts - Specifies that .rhosts and .shosts files will not be used in - RhostsRSAAuthentication or HostbasedAuthentication. - - /etc/hosts.equiv and /etc/shosts.equiv are still used. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. - - IgnoreUserKnownHosts - Specifies whether sshd(8) should ignore the user's - ~/.ssh/known_hosts during RhostsRSAAuthentication or - HostbasedAuthentication. The default is M-bM-^@M-^\noM-bM-^@M-^]. - - IPQoS Specifies the IPv4 type-of-service or DSCP class for the - connection. Accepted values are M-bM-^@M-^\af11M-bM-^@M-^], M-bM-^@M-^\af12M-bM-^@M-^], M-bM-^@M-^\af13M-bM-^@M-^], M-bM-^@M-^\af21M-bM-^@M-^], - M-bM-^@M-^\af22M-bM-^@M-^], M-bM-^@M-^\af23M-bM-^@M-^], M-bM-^@M-^\af31M-bM-^@M-^], M-bM-^@M-^\af32M-bM-^@M-^], M-bM-^@M-^\af33M-bM-^@M-^], M-bM-^@M-^\af41M-bM-^@M-^], M-bM-^@M-^\af42M-bM-^@M-^], M-bM-^@M-^\af43M-bM-^@M-^], - M-bM-^@M-^\cs0M-bM-^@M-^], M-bM-^@M-^\cs1M-bM-^@M-^], M-bM-^@M-^\cs2M-bM-^@M-^], M-bM-^@M-^\cs3M-bM-^@M-^], M-bM-^@M-^\cs4M-bM-^@M-^], M-bM-^@M-^\cs5M-bM-^@M-^], M-bM-^@M-^\cs6M-bM-^@M-^], M-bM-^@M-^\cs7M-bM-^@M-^], M-bM-^@M-^\efM-bM-^@M-^], - M-bM-^@M-^\lowdelayM-bM-^@M-^], M-bM-^@M-^\throughputM-bM-^@M-^], M-bM-^@M-^\reliabilityM-bM-^@M-^], or a numeric value. - This option may take one or two arguments, separated by - whitespace. If one argument is specified, it is used as the - packet class unconditionally. If two values are specified, the - first is automatically selected for interactive sessions and the - second for non-interactive sessions. The default is M-bM-^@M-^\lowdelayM-bM-^@M-^] - for interactive sessions and M-bM-^@M-^\throughputM-bM-^@M-^] for non-interactive - sessions. - - KbdInteractiveAuthentication - Specifies whether to allow keyboard-interactive authentication. - The argument to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default - is to use whatever value ChallengeResponseAuthentication is set - to (by default M-bM-^@M-^\yesM-bM-^@M-^]). - - KerberosAuthentication - Specifies whether the password provided by the user for - PasswordAuthentication will be validated through the Kerberos - KDC. To use this option, the server needs a Kerberos servtab - which allows the verification of the KDC's identity. The default - is M-bM-^@M-^\noM-bM-^@M-^]. - - KerberosGetAFSToken - If AFS is active and the user has a Kerberos 5 TGT, attempt to - acquire an AFS token before accessing the user's home directory. - The default is M-bM-^@M-^\noM-bM-^@M-^]. - - KerberosOrLocalPasswd - If password authentication through Kerberos fails then the - password will be validated via any additional local mechanism - such as /etc/passwd. The default is M-bM-^@M-^\yesM-bM-^@M-^]. - - KerberosTicketCleanup - Specifies whether to automatically destroy the user's ticket - cache file on logout. The default is M-bM-^@M-^\yesM-bM-^@M-^]. - - KexAlgorithms - Specifies the available KEX (Key Exchange) algorithms. Multiple - algorithms must be comma-separated. Alternately if the specified - value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified methods - will be appended to the default set instead of replacing them. - The supported algorithms are: - - curve25519-sha256@libssh.org - diffie-hellman-group1-sha1 - diffie-hellman-group14-sha1 - diffie-hellman-group-exchange-sha1 - diffie-hellman-group-exchange-sha256 - ecdh-sha2-nistp256 - ecdh-sha2-nistp384 - ecdh-sha2-nistp521 - - The default is: - - curve25519-sha256@libssh.org, - ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, - diffie-hellman-group-exchange-sha256, - diffie-hellman-group14-sha1 - - The list of available key exchange algorithms may also be - obtained using the -Q option of ssh(1) with an argument of M-bM-^@M-^\kexM-bM-^@M-^]. - - KeyRegenerationInterval - In protocol version 1, the ephemeral server key is automatically - regenerated after this many seconds (if it has been used). The - purpose of regeneration is to prevent decrypting captured - sessions by later breaking into the machine and stealing the - keys. The key is never stored anywhere. If the value is 0, the - key is never regenerated. The default is 3600 (seconds). - - ListenAddress - Specifies the local addresses sshd(8) should listen on. The - following forms may be used: - - ListenAddress host|IPv4_addr|IPv6_addr - ListenAddress host|IPv4_addr:port - ListenAddress [host|IPv6_addr]:port - - If port is not specified, sshd will listen on the address and all - Port options specified. The default is to listen on all local - addresses. Multiple ListenAddress options are permitted. - - LoginGraceTime - The server disconnects after this time if the user has not - successfully logged in. If the value is 0, there is no time - limit. The default is 120 seconds. - - LogLevel - Gives the verbosity level that is used when logging messages from - sshd(8). The possible values are: QUIET, FATAL, ERROR, INFO, - VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. The default is INFO. - DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify - higher levels of debugging output. Logging with a DEBUG level - violates the privacy of users and is not recommended. - - MACs Specifies the available MAC (message authentication code) - algorithms. The MAC algorithm is used in protocol version 2 for - data integrity protection. Multiple algorithms must be comma- - separated. If the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, - then the specified algorithms will be appended to the default set - instead of replacing them. - - The algorithms that contain M-bM-^@M-^\-etmM-bM-^@M-^] calculate the MAC after - encryption (encrypt-then-mac). These are considered safer and - their use recommended. The supported MACs are: - - hmac-md5 - hmac-md5-96 - hmac-ripemd160 - hmac-sha1 - hmac-sha1-96 - hmac-sha2-256 - hmac-sha2-512 - umac-64@openssh.com - umac-128@openssh.com - hmac-md5-etm@openssh.com - hmac-md5-96-etm@openssh.com - hmac-ripemd160-etm@openssh.com - hmac-sha1-etm@openssh.com - hmac-sha1-96-etm@openssh.com - hmac-sha2-256-etm@openssh.com - hmac-sha2-512-etm@openssh.com - umac-64-etm@openssh.com - umac-128-etm@openssh.com - - The default is: - - umac-64-etm@openssh.com,umac-128-etm@openssh.com, - hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com, - umac-64@openssh.com,umac-128@openssh.com, - hmac-sha2-256,hmac-sha2-512 - - The list of available MAC algorithms may also be obtained using - the -Q option of ssh(1) with an argument of M-bM-^@M-^\macM-bM-^@M-^]. - - Match Introduces a conditional block. If all of the criteria on the - Match line are satisfied, the keywords on the following lines - override those set in the global section of the config file, - until either another Match line or the end of the file. If a - keyword appears in multiple Match blocks that are satisfied, only - the first instance of the keyword is applied. - - The arguments to Match are one or more criteria-pattern pairs or - the single token All which matches all criteria. The available - criteria are User, Group, Host, LocalAddress, LocalPort, and - Address. The match patterns may consist of single entries or - comma-separated lists and may use the wildcard and negation - operators described in the PATTERNS section of ssh_config(5). - - The patterns in an Address criteria may additionally contain - addresses to match in CIDR address/masklen format, e.g. - M-bM-^@M-^\192.0.2.0/24M-bM-^@M-^] or M-bM-^@M-^\3ffe:ffff::/32M-bM-^@M-^]. Note that the mask length - provided must be consistent with the address - it is an error to - specify a mask length that is too long for the address or one - with bits set in this host portion of the address. For example, - M-bM-^@M-^\192.0.2.0/33M-bM-^@M-^] and M-bM-^@M-^\192.0.2.0/8M-bM-^@M-^] respectively. - - Only a subset of keywords may be used on the lines following a - Match keyword. Available keywords are AcceptEnv, - AllowAgentForwarding, AllowGroups, AllowStreamLocalForwarding, - AllowTcpForwarding, AllowUsers, AuthenticationMethods, - AuthorizedKeysCommand, AuthorizedKeysCommandUser, - AuthorizedKeysFile, AuthorizedPrincipalsFile, Banner, - ChrootDirectory, DenyGroups, DenyUsers, ForceCommand, - GatewayPorts, GSSAPIAuthentication, HostbasedAcceptedKeyTypes, - HostbasedAuthentication, HostbasedUsesNameFromPacketOnly, IPQoS, - KbdInteractiveAuthentication, KerberosAuthentication, - MaxAuthTries, MaxSessions, PasswordAuthentication, - PermitEmptyPasswords, PermitOpen, PermitRootLogin, PermitTTY, - PermitTunnel, PermitUserRC, PubkeyAcceptedKeyTypes, - PubkeyAuthentication, RekeyLimit, RevokedKeys, - RhostsRSAAuthentication, RSAAuthentication, StreamLocalBindMask, - StreamLocalBindUnlink, TrustedUserCAKeys, X11DisplayOffset, - X11Forwarding and X11UseLocalHost. - - MaxAuthTries - Specifies the maximum number of authentication attempts permitted - per connection. Once the number of failures reaches half this - value, additional failures are logged. The default is 6. - - MaxSessions - Specifies the maximum number of open sessions permitted per - network connection. The default is 10. - - MaxStartups - Specifies the maximum number of concurrent unauthenticated - connections to the SSH daemon. Additional connections will be - dropped until authentication succeeds or the LoginGraceTime - expires for a connection. The default is 10:30:100. - - Alternatively, random early drop can be enabled by specifying the - three colon separated values M-bM-^@M-^\start:rate:fullM-bM-^@M-^] (e.g. "10:30:60"). - sshd(8) will refuse connection attempts with a probability of - M-bM-^@M-^\rate/100M-bM-^@M-^] (30%) if there are currently M-bM-^@M-^\startM-bM-^@M-^] (10) - unauthenticated connections. The probability increases linearly - and all connection attempts are refused if the number of - unauthenticated connections reaches M-bM-^@M-^\fullM-bM-^@M-^] (60). - - PasswordAuthentication - Specifies whether password authentication is allowed. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. - - PermitEmptyPasswords - When password authentication is allowed, it specifies whether the - server allows login to accounts with empty password strings. The - default is M-bM-^@M-^\noM-bM-^@M-^]. - - PermitOpen - Specifies the destinations to which TCP port forwarding is - permitted. The forwarding specification must be one of the - following forms: - - PermitOpen host:port - PermitOpen IPv4_addr:port - PermitOpen [IPv6_addr]:port - - Multiple forwards may be specified by separating them with - whitespace. An argument of M-bM-^@M-^\anyM-bM-^@M-^] can be used to remove all - restrictions and permit any forwarding requests. An argument of - M-bM-^@M-^\noneM-bM-^@M-^] can be used to prohibit all forwarding requests. By - default all port forwarding requests are permitted. - - PermitRootLogin - Specifies whether root can log in using ssh(1). The argument - must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\prohibit-passwordM-bM-^@M-^], M-bM-^@M-^\without-passwordM-bM-^@M-^], - M-bM-^@M-^\forced-commands-onlyM-bM-^@M-^], or M-bM-^@M-^\noM-bM-^@M-^]. The default is - M-bM-^@M-^\prohibit-passwordM-bM-^@M-^]. - - If this option is set to M-bM-^@M-^\prohibit-passwordM-bM-^@M-^] or - M-bM-^@M-^\without-passwordM-bM-^@M-^], password and keyboard-interactive - authentication are disabled for root. - - If this option is set to M-bM-^@M-^\forced-commands-onlyM-bM-^@M-^], root login with - public key authentication will be allowed, but only if the - command option has been specified (which may be useful for taking - remote backups even if root login is normally not allowed). All - other authentication methods are disabled for root. - - If this option is set to M-bM-^@M-^\noM-bM-^@M-^], root is not allowed to log in. - - PermitTunnel - Specifies whether tun(4) device forwarding is allowed. The - argument must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\point-to-pointM-bM-^@M-^] (layer 3), M-bM-^@M-^\ethernetM-bM-^@M-^] - (layer 2), or M-bM-^@M-^\noM-bM-^@M-^]. Specifying M-bM-^@M-^\yesM-bM-^@M-^] permits both - M-bM-^@M-^\point-to-pointM-bM-^@M-^] and M-bM-^@M-^\ethernetM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. - - Independent of this setting, the permissions of the selected - tun(4) device must allow access to the user. - - PermitTTY - Specifies whether pty(4) allocation is permitted. The default is - M-bM-^@M-^\yesM-bM-^@M-^]. - - PermitUserEnvironment - Specifies whether ~/.ssh/environment and environment= options in - ~/.ssh/authorized_keys are processed by sshd(8). The default is - M-bM-^@M-^\noM-bM-^@M-^]. Enabling environment processing may enable users to bypass - access restrictions in some configurations using mechanisms such - as LD_PRELOAD. - - PermitUserRC - Specifies whether any ~/.ssh/rc file is executed. The default is - M-bM-^@M-^\yesM-bM-^@M-^]. - - PidFile - Specifies the file that contains the process ID of the SSH - daemon, or M-bM-^@M-^\noneM-bM-^@M-^] to not write one. The default is - /var/run/sshd.pid. - - Port Specifies the port number that sshd(8) listens on. The default - is 22. Multiple options of this type are permitted. See also - ListenAddress. - - PrintLastLog - Specifies whether sshd(8) should print the date and time of the - last user login when a user logs in interactively. The default - is M-bM-^@M-^\yesM-bM-^@M-^]. - - PrintMotd - Specifies whether sshd(8) should print /etc/motd when a user logs - in interactively. (On some systems it is also printed by the - shell, /etc/profile, or equivalent.) The default is M-bM-^@M-^\yesM-bM-^@M-^]. - - Protocol - Specifies the protocol versions sshd(8) supports. The possible - values are M-bM-^@M-^X1M-bM-^@M-^Y and M-bM-^@M-^X2M-bM-^@M-^Y. Multiple versions must be comma- - separated. The default is M-bM-^@M-^X2M-bM-^@M-^Y. Note that the order of the - protocol list does not indicate preference, because the client - selects among multiple protocol versions offered by the server. - Specifying M-bM-^@M-^\2,1M-bM-^@M-^] is identical to M-bM-^@M-^\1,2M-bM-^@M-^]. - - PubkeyAcceptedKeyTypes - Specifies the key types that will be accepted for public key - authentication as a comma-separated pattern list. Alternately if - the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the - specified key types will be appended to the default set instead - of replacing them. The default for this option is: - - ecdsa-sha2-nistp256-cert-v01@openssh.com, - ecdsa-sha2-nistp384-cert-v01@openssh.com, - ecdsa-sha2-nistp521-cert-v01@openssh.com, - ssh-ed25519-cert-v01@openssh.com, - ssh-rsa-cert-v01@openssh.com, - ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, - ssh-ed25519,ssh-rsa - - The -Q option of ssh(1) may be used to list supported key types. - - PubkeyAuthentication - Specifies whether public key authentication is allowed. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. Note that this option applies to protocol - version 2 only. - - RekeyLimit - Specifies the maximum amount of data that may be transmitted - before the session key is renegotiated, optionally followed a - maximum amount of time that may pass before the session key is - renegotiated. The first argument is specified in bytes and may - have a suffix of M-bM-^@M-^XKM-bM-^@M-^Y, M-bM-^@M-^XMM-bM-^@M-^Y, or M-bM-^@M-^XGM-bM-^@M-^Y to indicate Kilobytes, - Megabytes, or Gigabytes, respectively. The default is between - M-bM-^@M-^X1GM-bM-^@M-^Y and M-bM-^@M-^X4GM-bM-^@M-^Y, depending on the cipher. The optional second - value is specified in seconds and may use any of the units - documented in the TIME FORMATS section. The default value for - RekeyLimit is M-bM-^@M-^\default noneM-bM-^@M-^], which means that rekeying is - performed after the cipher's default amount of data has been sent - or received and no time based rekeying is done. This option - applies to protocol version 2 only. - - RevokedKeys - Specifies revoked public keys file, or M-bM-^@M-^\noneM-bM-^@M-^] to not use one. - Keys listed in this file will be refused for public key - authentication. Note that if this file is not readable, then - public key authentication will be refused for all users. Keys - may be specified as a text file, listing one public key per line, - or as an OpenSSH Key Revocation List (KRL) as generated by - ssh-keygen(1). For more information on KRLs, see the KEY - REVOCATION LISTS section in ssh-keygen(1). - - RhostsRSAAuthentication - Specifies whether rhosts or /etc/hosts.equiv authentication - together with successful RSA host authentication is allowed. The - default is M-bM-^@M-^\noM-bM-^@M-^]. This option applies to protocol version 1 only. - - RSAAuthentication - Specifies whether pure RSA authentication is allowed. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. This option applies to protocol version 1 - only. - - ServerKeyBits - Defines the number of bits in the ephemeral protocol version 1 - server key. The default and minimum value is 1024. - - StreamLocalBindMask - Sets the octal file creation mode mask (umask) used when creating - a Unix-domain socket file for local or remote port forwarding. - This option is only used for port forwarding to a Unix-domain - socket file. - - The default value is 0177, which creates a Unix-domain socket - file that is readable and writable only by the owner. Note that - not all operating systems honor the file mode on Unix-domain - socket files. - - StreamLocalBindUnlink - Specifies whether to remove an existing Unix-domain socket file - for local or remote port forwarding before creating a new one. - If the socket file already exists and StreamLocalBindUnlink is - not enabled, sshd will be unable to forward the port to the Unix- - domain socket file. This option is only used for port forwarding - to a Unix-domain socket file. - - The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. - - StrictModes - Specifies whether sshd(8) should check file modes and ownership - of the user's files and home directory before accepting login. - This is normally desirable because novices sometimes accidentally - leave their directory or files world-writable. The default is - M-bM-^@M-^\yesM-bM-^@M-^]. Note that this does not apply to ChrootDirectory, whose - permissions and ownership are checked unconditionally. - - Subsystem - Configures an external subsystem (e.g. file transfer daemon). - Arguments should be a subsystem name and a command (with optional - arguments) to execute upon subsystem request. - - The command sftp-server(8) implements the M-bM-^@M-^\sftpM-bM-^@M-^] file transfer - subsystem. - - Alternately the name M-bM-^@M-^\internal-sftpM-bM-^@M-^] implements an in-process - M-bM-^@M-^\sftpM-bM-^@M-^] server. This may simplify configurations using - ChrootDirectory to force a different filesystem root on clients. - - By default no subsystems are defined. Note that this option - applies to protocol version 2 only. - - SyslogFacility - Gives the facility code that is used when logging messages from - sshd(8). The possible values are: DAEMON, USER, AUTH, LOCAL0, - LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The - default is AUTH. - - TCPKeepAlive - Specifies whether the system should send TCP keepalive messages - to the other side. If they are sent, death of the connection or - crash of one of the machines will be properly noticed. However, - this means that connections will die if the route is down - temporarily, and some people find it annoying. On the other - hand, if TCP keepalives are not sent, sessions may hang - indefinitely on the server, leaving M-bM-^@M-^\ghostM-bM-^@M-^] users and consuming - server resources. - - The default is M-bM-^@M-^\yesM-bM-^@M-^] (to send TCP keepalive messages), and the - server will notice if the network goes down or the client host - crashes. This avoids infinitely hanging sessions. - - To disable TCP keepalive messages, the value should be set to - M-bM-^@M-^\noM-bM-^@M-^]. - - TrustedUserCAKeys - Specifies a file containing public keys of certificate - authorities that are trusted to sign user certificates for - authentication, or M-bM-^@M-^\noneM-bM-^@M-^] to not use one. Keys are listed one - per line; empty lines and comments starting with M-bM-^@M-^X#M-bM-^@M-^Y are allowed. - If a certificate is presented for authentication and has its - signing CA key listed in this file, then it may be used for - authentication for any user listed in the certificate's - principals list. Note that certificates that lack a list of - principals will not be permitted for authentication using - TrustedUserCAKeys. For more details on certificates, see the - CERTIFICATES section in ssh-keygen(1). - - UseDNS Specifies whether sshd(8) should look up the remote host name, - and to check that the resolved host name for the remote IP - address maps back to the very same IP address. - - If this option is set to M-bM-^@M-^\noM-bM-^@M-^] (the default) then only addresses - and not host names may be used in ~/.ssh/known_hosts from and - sshd_config(5) Match Host directives. - - UseLogin - Specifies whether login(1) is used for interactive login - sessions. The default is M-bM-^@M-^\noM-bM-^@M-^]. Note that login(1) is never used - for remote command execution. Note also, that if this is - enabled, X11Forwarding will be disabled because login(1) does not - know how to handle xauth(1) cookies. If UsePrivilegeSeparation - is specified, it will be disabled after authentication. - - UsePAM Enables the Pluggable Authentication Module interface. If set to - M-bM-^@M-^\yesM-bM-^@M-^] this will enable PAM authentication using - ChallengeResponseAuthentication and PasswordAuthentication in - addition to PAM account and session module processing for all - authentication types. - - Because PAM challenge-response authentication usually serves an - equivalent role to password authentication, you should disable - either PasswordAuthentication or ChallengeResponseAuthentication. - - If UsePAM is enabled, you will not be able to run sshd(8) as a - non-root user. The default is M-bM-^@M-^\noM-bM-^@M-^]. - - UsePrivilegeSeparation - Specifies whether sshd(8) separates privileges by creating an - unprivileged child process to deal with incoming network traffic. - After successful authentication, another process will be created - that has the privilege of the authenticated user. The goal of - privilege separation is to prevent privilege escalation by - containing any corruption within the unprivileged processes. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. If UsePrivilegeSeparation is set to M-bM-^@M-^\sandboxM-bM-^@M-^] - then the pre-authentication unprivileged process is subject to - additional restrictions. - - VersionAddendum - Optionally specifies additional text to append to the SSH - protocol banner sent by the server upon connection. The default - is M-bM-^@M-^\noneM-bM-^@M-^]. - - X11DisplayOffset - Specifies the first display number available for sshd(8)'s X11 - forwarding. This prevents sshd from interfering with real X11 - servers. The default is 10. - - X11Forwarding - Specifies whether X11 forwarding is permitted. The argument must - be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^]. - - When X11 forwarding is enabled, there may be additional exposure - to the server and to client displays if the sshd(8) proxy display - is configured to listen on the wildcard address (see - X11UseLocalhost below), though this is not the default. - Additionally, the authentication spoofing and authentication data - verification and substitution occur on the client side. The - security risk of using X11 forwarding is that the client's X11 - display server may be exposed to attack when the SSH client - requests forwarding (see the warnings for ForwardX11 in - ssh_config(5)). A system administrator may have a stance in - which they want to protect clients that may expose themselves to - attack by unwittingly requesting X11 forwarding, which can - warrant a M-bM-^@M-^\noM-bM-^@M-^] setting. - - Note that disabling X11 forwarding does not prevent users from - forwarding X11 traffic, as users can always install their own - forwarders. X11 forwarding is automatically disabled if UseLogin - is enabled. - - X11UseLocalhost - Specifies whether sshd(8) should bind the X11 forwarding server - to the loopback address or to the wildcard address. By default, - sshd binds the forwarding server to the loopback address and sets - the hostname part of the DISPLAY environment variable to - M-bM-^@M-^\localhostM-bM-^@M-^]. This prevents remote hosts from connecting to the - proxy display. However, some older X11 clients may not function - with this configuration. X11UseLocalhost may be set to M-bM-^@M-^\noM-bM-^@M-^] to - specify that the forwarding server should be bound to the - wildcard address. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The - default is M-bM-^@M-^\yesM-bM-^@M-^]. - - XAuthLocation - Specifies the full pathname of the xauth(1) program, or M-bM-^@M-^\noneM-bM-^@M-^] to - not use one. The default is /usr/X11R6/bin/xauth. - -TIME FORMATS - sshd(8) command-line arguments and configuration file options that - specify time may be expressed using a sequence of the form: - time[qualifier], where time is a positive integer value and qualifier is - one of the following: - - M-bM-^_M-(noneM-bM-^_M-) seconds - s | S seconds - m | M minutes - h | H hours - d | D days - w | W weeks - - Each member of the sequence is added together to calculate the total time - value. - - Time format examples: - - 600 600 seconds (10 minutes) - 10m 10 minutes - 1h30m 1 hour 30 minutes (90 minutes) - -FILES - /etc/ssh/sshd_config - Contains configuration data for sshd(8). This file should be - writable by root only, but it is recommended (though not - necessary) that it be world-readable. - -SEE ALSO - sshd(8) - -AUTHORS - OpenSSH is a derivative of the original and free ssh 1.2.12 release by - Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo - de Raadt and Dug Song removed many bugs, re-added newer features and - created OpenSSH. Markus Friedl contributed the support for SSH protocol - versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support - for privilege separation. - -OpenBSD 5.8 August 6, 2015 OpenBSD 5.8 From 6760182c5d6af6cd370ab702bb371bdbd4da8a3f Mon Sep 17 00:00:00 2001 From: Mateusz Guzik Date: Wed, 20 Jan 2016 23:22:36 +0000 Subject: [PATCH 011/154] session: tidy up fixjobc This stops abusing the 'p' pointer for iteration over children processes and gets rid of useless locking around PRS_ZOMBIE check. Suggested by: kib --- sys/kern/kern_proc.c | 20 +++++++------------- 1 file changed, 7 insertions(+), 13 deletions(-) diff --git a/sys/kern/kern_proc.c b/sys/kern/kern_proc.c index bbedd9b3da0..6937fb4f207 100644 --- a/sys/kern/kern_proc.c +++ b/sys/kern/kern_proc.c @@ -650,13 +650,11 @@ pgadjustjobc(pgrp, entering) * entering == 1 => p is entering specified group. */ void -fixjobc(p, pgrp, entering) - register struct proc *p; - register struct pgrp *pgrp; - int entering; +fixjobc(struct proc *p, struct pgrp *pgrp, int entering) { - register struct pgrp *hispgrp; - register struct session *mysession; + struct pgrp *hispgrp; + struct session *mysession; + struct proc *q; sx_assert(&proctree_lock, SX_LOCKED); PROC_LOCK_ASSERT(p, MA_NOTOWNED); @@ -677,17 +675,13 @@ fixjobc(p, pgrp, entering) * their process groups; if so, adjust counts for children's * process groups. */ - LIST_FOREACH(p, &p->p_children, p_sibling) { - hispgrp = p->p_pgrp; + LIST_FOREACH(q, &p->p_children, p_sibling) { + hispgrp = q->p_pgrp; if (hispgrp == pgrp || hispgrp->pg_session != mysession) continue; - PROC_LOCK(p); - if (p->p_state == PRS_ZOMBIE) { - PROC_UNLOCK(p); + if (q->p_state == PRS_ZOMBIE) continue; - } - PROC_UNLOCK(p); pgadjustjobc(hispgrp, entering); } } From 0b0dd5086b303617f0f17d3d6f83659a7a74e074 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= Date: Wed, 20 Jan 2016 23:23:08 +0000 Subject: [PATCH 012/154] Remove RCS tags from files in which we no longer have any local modifications, and add them to two files in which we do. --- crypto/openssh/buffer.c | 1 - crypto/openssh/buffer.h | 1 - crypto/openssh/channels.c | 1 - crypto/openssh/channels.h | 1 - crypto/openssh/clientloop.c | 1 - crypto/openssh/compat.c | 1 - crypto/openssh/compat.h | 1 - crypto/openssh/configure.ac | 1 + crypto/openssh/misc.c | 1 - crypto/openssh/misc.h | 1 - crypto/openssh/openbsd-compat/blowfish.c | 1 - crypto/openssh/readconf.h | 1 + crypto/openssh/serverloop.c | 1 - crypto/openssh/sftp.c | 1 - 14 files changed, 2 insertions(+), 12 deletions(-) diff --git a/crypto/openssh/buffer.c b/crypto/openssh/buffer.c index fcf2901dd72..c5f708ab2e1 100644 --- a/crypto/openssh/buffer.c +++ b/crypto/openssh/buffer.c @@ -19,7 +19,6 @@ /* Emulation wrappers for legacy OpenSSH buffer API atop sshbuf */ #include "includes.h" -__RCSID("$FreeBSD$"); #include diff --git a/crypto/openssh/buffer.h b/crypto/openssh/buffer.h index 28a9c98beaf..df1aebc02cc 100644 --- a/crypto/openssh/buffer.h +++ b/crypto/openssh/buffer.h @@ -1,5 +1,4 @@ /* $OpenBSD: buffer.h,v 1.25 2014/04/30 05:29:56 djm Exp $ */ -/* $FreeBSD$ */ /* * Copyright (c) 2012 Damien Miller diff --git a/crypto/openssh/channels.c b/crypto/openssh/channels.c index 39bb7758059..a84b487e57b 100644 --- a/crypto/openssh/channels.c +++ b/crypto/openssh/channels.c @@ -40,7 +40,6 @@ */ #include "includes.h" -__RCSID("$FreeBSD$"); #include #include /* MIN MAX */ diff --git a/crypto/openssh/channels.h b/crypto/openssh/channels.h index 5301342bb82..9d76c9d2a62 100644 --- a/crypto/openssh/channels.h +++ b/crypto/openssh/channels.h @@ -1,5 +1,4 @@ /* $OpenBSD: channels.h,v 1.118 2015/07/01 02:26:31 djm Exp $ */ -/* $FreeBSD$ */ /* * Author: Tatu Ylonen diff --git a/crypto/openssh/clientloop.c b/crypto/openssh/clientloop.c index 21cc822e798..87ceb3dab9e 100644 --- a/crypto/openssh/clientloop.c +++ b/crypto/openssh/clientloop.c @@ -60,7 +60,6 @@ */ #include "includes.h" -__RCSID("$FreeBSD$"); #include /* MIN MAX */ #include diff --git a/crypto/openssh/compat.c b/crypto/openssh/compat.c index ea9a4740f3a..eef5fbba5b6 100644 --- a/crypto/openssh/compat.c +++ b/crypto/openssh/compat.c @@ -24,7 +24,6 @@ */ #include "includes.h" -__RCSID("$FreeBSD$"); #include diff --git a/crypto/openssh/compat.h b/crypto/openssh/compat.h index 724538bb680..2be290a8a8f 100644 --- a/crypto/openssh/compat.h +++ b/crypto/openssh/compat.h @@ -1,5 +1,4 @@ /* $OpenBSD: compat.h,v 1.48 2015/05/26 23:23:40 dtucker Exp $ */ -/* $FreeBSD$ */ /* * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. diff --git a/crypto/openssh/configure.ac b/crypto/openssh/configure.ac index 77197fdf9ca..ddc9a8a6676 100644 --- a/crypto/openssh/configure.ac +++ b/crypto/openssh/configure.ac @@ -1,4 +1,5 @@ # $Id: configure.ac,v 1.583 2014/08/26 20:32:01 djm Exp $ +# $FreeBSD$ # # Copyright (c) 1999-2004 Damien Miller # diff --git a/crypto/openssh/misc.c b/crypto/openssh/misc.c index c873a7dd918..ddd2b2db452 100644 --- a/crypto/openssh/misc.c +++ b/crypto/openssh/misc.c @@ -25,7 +25,6 @@ */ #include "includes.h" -__RCSID("$FreeBSD$"); #include #include diff --git a/crypto/openssh/misc.h b/crypto/openssh/misc.h index 6f81976746e..374c33ce14b 100644 --- a/crypto/openssh/misc.h +++ b/crypto/openssh/misc.h @@ -1,5 +1,4 @@ /* $OpenBSD: misc.h,v 1.54 2014/07/15 15:54:14 millert Exp $ */ -/* $FreeBSD$ */ /* * Author: Tatu Ylonen diff --git a/crypto/openssh/openbsd-compat/blowfish.c b/crypto/openssh/openbsd-compat/blowfish.c index 3f1413123bb..e10f7e7d927 100644 --- a/crypto/openssh/openbsd-compat/blowfish.c +++ b/crypto/openssh/openbsd-compat/blowfish.c @@ -40,7 +40,6 @@ */ #include "includes.h" -__RCSID("$FreeBSD$"); #if !defined(HAVE_BCRYPT_PBKDF) && (!defined(HAVE_BLOWFISH_INITSTATE) || \ !defined(HAVE_BLOWFISH_EXPAND0STATE) || !defined(HAVE_BLF_ENC)) diff --git a/crypto/openssh/readconf.h b/crypto/openssh/readconf.h index cb706806dd0..33606671bb1 100644 --- a/crypto/openssh/readconf.h +++ b/crypto/openssh/readconf.h @@ -1,4 +1,5 @@ /* $OpenBSD: readconf.h,v 1.110 2015/07/10 06:21:53 markus Exp $ */ +/* $FreeBSD$ */ /* * Author: Tatu Ylonen diff --git a/crypto/openssh/serverloop.c b/crypto/openssh/serverloop.c index f45baa576fa..306ac36be67 100644 --- a/crypto/openssh/serverloop.c +++ b/crypto/openssh/serverloop.c @@ -36,7 +36,6 @@ */ #include "includes.h" -__RCSID("$FreeBSD$"); #include /* MIN MAX */ #include diff --git a/crypto/openssh/sftp.c b/crypto/openssh/sftp.c index 7d8e22cb616..cb9b967edc9 100644 --- a/crypto/openssh/sftp.c +++ b/crypto/openssh/sftp.c @@ -16,7 +16,6 @@ */ #include "includes.h" -__RCSID("$FreeBSD$"); #include /* MIN MAX */ #include From 832b9473057a675a90b4b1e7929ef3c5b82904f6 Mon Sep 17 00:00:00 2001 From: Alexander Kabaev Date: Wed, 20 Jan 2016 23:26:35 +0000 Subject: [PATCH 013/154] Fix initlist_add_object invocation parameters. The tail parameter should point to the last object for which dependencies should be processed. In most cases, this is the object itself. --- libexec/rtld-elf/rtld.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c index 06690ff22b1..863fe25f619 100644 --- a/libexec/rtld-elf/rtld.c +++ b/libexec/rtld-elf/rtld.c @@ -2016,7 +2016,7 @@ initlist_add_neededs(Needed_Entry *needed, Objlist *list) /* Process the current needed object. */ if (needed->obj != NULL) - initlist_add_objects(needed->obj, globallist_next(needed->obj), list); + initlist_add_objects(needed->obj, needed->obj, list); } /* @@ -2039,7 +2039,7 @@ initlist_add_objects(Obj_Entry *obj, Obj_Entry *tail, Objlist *list) /* Recursively process the successor objects. */ nobj = globallist_next(obj); - if (nobj != NULL && nobj != tail) + if (nobj != NULL && obj != tail) initlist_add_objects(nobj, tail, list); /* Recursively process the needed objects. */ @@ -3140,7 +3140,7 @@ dlopen_object(const char *name, int fd, Obj_Entry *refobj, int lo_flags, */ } else { /* Make list of init functions to call. */ - initlist_add_objects(obj, globallist_next(obj), &initlist); + initlist_add_objects(obj, obj, &initlist); } /* * Process all no_delete or global objects here, given From 01ff64089c4be0ce595d39a1e8ea85009faea600 Mon Sep 17 00:00:00 2001 From: Andriy Voskoboinyk Date: Wed, 20 Jan 2016 23:27:02 +0000 Subject: [PATCH 014/154] urtwn: rework debug handling - Use bitmap for debug output selection. - Add few new messages (one for URTWN_DEBUG_BEACON and another one for URTWN_DEBUG_INTR). - Replace an undocumented URTWN_DEBUG definition with USB_DEBUG. Tested with RTL8188EU / RTL8188CUS in IBSS / HOSTAP modes. Reviewed by: kevlo Approved by: adrian (mentor) Differential Revision: https://reviews.freebsd.org/D4959 --- sys/dev/usb/wlan/if_urtwn.c | 159 ++++++++++++++++++++++++--------- sys/dev/usb/wlan/if_urtwnreg.h | 1 + sys/dev/usb/wlan/if_urtwnvar.h | 3 +- 3 files changed, 120 insertions(+), 43 deletions(-) diff --git a/sys/dev/usb/wlan/if_urtwn.c b/sys/dev/usb/wlan/if_urtwn.c index 682238a5d7f..c38a9fd71f1 100644 --- a/sys/dev/usb/wlan/if_urtwn.c +++ b/sys/dev/usb/wlan/if_urtwn.c @@ -75,18 +75,35 @@ __FBSDID("$FreeBSD$"); #include #include "usbdevs.h" -#define USB_DEBUG_VAR urtwn_debug #include #include #include #ifdef USB_DEBUG -static int urtwn_debug = 0; +enum { + URTWN_DEBUG_XMIT = 0x00000001, /* basic xmit operation */ + URTWN_DEBUG_RECV = 0x00000002, /* basic recv operation */ + URTWN_DEBUG_STATE = 0x00000004, /* 802.11 state transitions */ + URTWN_DEBUG_RA = 0x00000008, /* f/w rate adaptation setup */ + URTWN_DEBUG_USB = 0x00000010, /* usb requests */ + URTWN_DEBUG_FIRMWARE = 0x00000020, /* firmware(9) loading debug */ + URTWN_DEBUG_BEACON = 0x00000040, /* beacon handling */ + URTWN_DEBUG_INTR = 0x00000080, /* ISR */ + URTWN_DEBUG_TEMP = 0x00000100, /* temperature calibration */ + URTWN_DEBUG_ROM = 0x00000200, /* various ROM info */ + URTWN_DEBUG_KEY = 0x00000400, /* crypto keys management */ + URTWN_DEBUG_TXPWR = 0x00000800, /* dump Tx power values */ + URTWN_DEBUG_ANY = 0xffffffff +}; -SYSCTL_NODE(_hw_usb, OID_AUTO, urtwn, CTLFLAG_RW, 0, "USB urtwn"); -SYSCTL_INT(_hw_usb_urtwn, OID_AUTO, debug, CTLFLAG_RWTUN, &urtwn_debug, 0, - "Debug level"); +#define URTWN_DPRINTF(_sc, _m, ...) do { \ + if ((_sc)->sc_debug & (_m)) \ + device_printf((_sc)->sc_dev, __VA_ARGS__); \ +} while(0) + +#else +#define URTWN_DPRINTF(_sc, _m, ...) do { (void) sc; } while (0) #endif #define IEEE80211_HAS_ADDR4(wh) IEEE80211_IS_DSTODS(wh) @@ -174,7 +191,8 @@ static device_detach_t urtwn_detach; static usb_callback_t urtwn_bulk_tx_callback; static usb_callback_t urtwn_bulk_rx_callback; -static void urtwn_drain_mbufq(struct urtwn_softc *sc); +static void urtwn_sysctlattach(struct urtwn_softc *); +static void urtwn_drain_mbufq(struct urtwn_softc *); static usb_error_t urtwn_do_request(struct urtwn_softc *, struct usb_device_request *, void *); static struct ieee80211vap *urtwn_vap_create(struct ieee80211com *, @@ -228,7 +246,7 @@ static int urtwn_llt_write(struct urtwn_softc *, uint32_t, static int urtwn_efuse_read_next(struct urtwn_softc *, uint8_t *); static int urtwn_efuse_read_data(struct urtwn_softc *, uint8_t *, uint8_t, uint8_t); -#ifdef URTWN_DEBUG +#ifdef USB_DEBUG static void urtwn_dump_rom_contents(struct urtwn_softc *, uint8_t *, uint16_t); #endif @@ -452,6 +470,13 @@ urtwn_attach(device_t self) if (USB_GET_DRIVER_INFO(uaa) == URTWN_RTL8188E) sc->chip |= URTWN_CHIP_88E; +#ifdef USB_DEBUG + int debug; + if (resource_int_value(device_get_name(sc->sc_dev), + device_get_unit(sc->sc_dev), "debug", &debug) == 0) + sc->sc_debug = debug; +#endif + mtx_init(&sc->sc_mtx, device_get_nameunit(self), MTX_NETWORK_LOCK, MTX_DEF); URTWN_CMDQ_LOCK_INIT(sc); @@ -561,6 +586,8 @@ urtwn_attach(device_t self) TASK_INIT(&sc->cmdq_task, 0, urtwn_cmdq_cb, sc); + urtwn_sysctlattach(sc); + if (bootverbose) ieee80211_announce(ic); @@ -571,6 +598,19 @@ urtwn_attach(device_t self) return (ENXIO); /* failure */ } +static void +urtwn_sysctlattach(struct urtwn_softc *sc) +{ +#ifdef USB_DEBUG + struct sysctl_ctx_list *ctx = device_get_sysctl_ctx(sc->sc_dev); + struct sysctl_oid *tree = device_get_sysctl_tree(sc->sc_dev); + + SYSCTL_ADD_U32(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, + "debug", CTLFLAG_RW, &sc->sc_debug, sc->sc_debug, + "control debugging printfs"); +#endif +} + static int urtwn_detach(device_t self) { @@ -651,8 +691,9 @@ urtwn_do_request(struct urtwn_softc *sc, struct usb_device_request *req, if (err == 0) break; - DPRINTFN(1, "Control request failed, %s (retrying)\n", - usbd_errstr(err)); + URTWN_DPRINTF(sc, URTWN_DEBUG_USB, + "%s: control request failed, %s (retries left: %d)\n", + __func__, usbd_errstr(err), ntries); usb_pause_mtx(&sc->sc_mtx, hz / 100); } return (err); @@ -746,14 +787,16 @@ urtwn_rx_copy_to_mbuf(struct urtwn_softc *sc, struct r92c_rx_stat *stat, * This should not happen since we setup our Rx filter * to not receive these frames. */ - DPRINTFN(6, "RX flags error (%s)\n", + URTWN_DPRINTF(sc, URTWN_DEBUG_RECV, + "%s: RX flags error (%s)\n", __func__, rxdw0 & R92C_RXDW0_CRCERR ? "CRC" : "ICV"); goto fail; } pktlen = MS(rxdw0, R92C_RXDW0_PKTLEN); if (pktlen < sizeof(struct ieee80211_frame_ack)) { - DPRINTFN(6, "frame too short: %d\n", pktlen); + URTWN_DPRINTF(sc, URTWN_DEBUG_RECV, + "%s: frame is too short: %d\n", __func__, pktlen); goto fail; } @@ -810,7 +853,9 @@ urtwn_report_intr(struct usb_xfer *xfer, struct urtwn_data *data) urtwn_r88e_ratectl_tx_complete(sc, &stat[1]); break; default: - DPRINTFN(7, "case %d was not handled\n", report_sel); + URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, + "%s: case %d was not handled\n", __func__, + report_sel); break; } } else @@ -830,7 +875,8 @@ urtwn_rxeof(struct urtwn_softc *sc, uint8_t *buf, int len) /* Get the number of encapsulated frames. */ stat = (struct r92c_rx_stat *)buf; npkts = MS(le32toh(stat->rxdw2), R92C_RXDW2_PKTCNT); - DPRINTFN(6, "Rx %d frames in one chunk\n", npkts); + URTWN_DPRINTF(sc, URTWN_DEBUG_RECV, + "%s: Rx %d frames in one chunk\n", __func__, npkts); /* Process all of them. */ while (npkts-- > 0) { @@ -885,6 +931,10 @@ urtwn_r88e_ratectl_tx_complete(struct urtwn_softc *sc, void *arg) ni = sc->node_list[macid]; if (ni != NULL) { vap = ni->ni_vap; + URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, "%s: frame for macid %d was" + "%s sent (%d retries)\n", __func__, macid, + (rpt->rptb1 & R88E_RPTB1_PKT_OK) ? "" : " not", + ntries); if (rpt->rptb1 & R88E_RPTB1_PKT_OK) { ieee80211_ratectl_tx_complete(vap, ni, @@ -893,8 +943,10 @@ urtwn_r88e_ratectl_tx_complete(struct urtwn_softc *sc, void *arg) ieee80211_ratectl_tx_complete(vap, ni, IEEE80211_RATECTL_TX_FAILURE, &ntries, NULL); } - } else - DPRINTFN(8, "macid %d, ni is NULL\n", macid); + } else { + URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, "%s: macid %d, ni is NULL\n", + __func__, macid); + } URTWN_NT_UNLOCK(sc); } @@ -1177,7 +1229,8 @@ urtwn_bulk_tx_callback(struct usb_xfer *xfer, usb_error_t error) tr_setup: data = STAILQ_FIRST(&sc->sc_tx_pending); if (data == NULL) { - DPRINTF("%s: empty pending queue\n", __func__); + URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, + "%s: empty pending queue\n", __func__); goto finish; } STAILQ_REMOVE_HEAD(&sc->sc_tx_pending, next); @@ -1210,8 +1263,10 @@ _urtwn_getbuf(struct urtwn_softc *sc) bf = STAILQ_FIRST(&sc->sc_tx_inactive); if (bf != NULL) STAILQ_REMOVE_HEAD(&sc->sc_tx_inactive, next); - else - DPRINTF("%s: %s\n", __func__, "out of xmit buffers"); + else { + URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, + "%s: out of xmit buffers\n", __func__); + } return (bf); } @@ -1223,8 +1278,10 @@ urtwn_getbuf(struct urtwn_softc *sc) URTWN_ASSERT_LOCKED(sc); bf = _urtwn_getbuf(sc); - if (bf == NULL) - DPRINTF("%s: stop queue\n", __func__); + if (bf == NULL) { + URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, "%s: stop queue\n", + __func__); + } return (bf); } @@ -1529,20 +1586,22 @@ urtwn_efuse_read_data(struct urtwn_softc *sc, uint8_t *rom, uint8_t off, error = urtwn_efuse_read_next(sc, ®); if (error != 0) return (error); - DPRINTF("rom[0x%03X] == 0x%02X\n", off * 8 + i * 2, reg); + URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "rom[0x%03X] == 0x%02X\n", + off * 8 + i * 2, reg); rom[off * 8 + i * 2 + 0] = reg; error = urtwn_efuse_read_next(sc, ®); if (error != 0) return (error); - DPRINTF("rom[0x%03X] == 0x%02X\n", off * 8 + i * 2 + 1, reg); + URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "rom[0x%03X] == 0x%02X\n", + off * 8 + i * 2 + 1, reg); rom[off * 8 + i * 2 + 1] = reg; } return (0); } -#ifdef URTWN_DEBUG +#ifdef USB_DEBUG static void urtwn_dump_rom_contents(struct urtwn_softc *sc, uint8_t *rom, uint16_t size) { @@ -1599,8 +1658,8 @@ urtwn_efuse_read(struct urtwn_softc *sc, uint8_t *rom, uint16_t size) end: -#ifdef URTWN_DEBUG - if (urtwn_debug >= 2) +#ifdef USB_DEBUG + if (sc->sc_debug & URTWN_DEBUG_ROM) urtwn_dump_rom_contents(sc, rom, size); #endif @@ -1695,12 +1754,14 @@ urtwn_read_rom(struct urtwn_softc *sc) error = urtwn_efuse_read_next(sc, &sc->pa_setting); if (error != 0) return (error); - DPRINTF("PA setting=0x%x\n", sc->pa_setting); + URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: PA setting=0x%x\n", __func__, + sc->pa_setting); sc->board_type = MS(rom->rf_opt1, R92C_ROM_RF1_BOARD_TYPE); sc->regulatory = MS(rom->rf_opt1, R92C_ROM_RF1_REGULATORY); - DPRINTF("regulatory type=%d\n", sc->regulatory); + URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: regulatory type=%d\n", + __func__, sc->regulatory); IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, rom->macaddr); sc->sc_rf_write = urtwn_r92c_rf_write; @@ -1726,7 +1787,8 @@ urtwn_r88e_read_rom(struct urtwn_softc *sc) if (sc->ofdm_tx_pwr_diff & 0x08) sc->ofdm_tx_pwr_diff |= 0xf0; sc->regulatory = MS(rom->rf_board_opt, R92C_ROM_RF1_REGULATORY); - DPRINTF("regulatory type=%d\n", sc->regulatory); + URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: regulatory type %d\n", + __func__,sc->regulatory); IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, rom->macaddr); sc->sc_rf_write = urtwn_r88e_rf_write; @@ -1777,7 +1839,8 @@ urtwn_ra_init(struct urtwn_softc *sc) mode = R92C_RAID_11B; else mode = R92C_RAID_11BG; - DPRINTF("mode=0x%x rates=0x%08x, basicrates=0x%08x\n", + URTWN_DPRINTF(sc, URTWN_DEBUG_RA, + "%s: mode 0x%x, rates 0x%08x, basicrates 0x%08x\n", __func__, mode, rates, basicrates); /* Set rates mask for group addressed frames. */ @@ -1791,7 +1854,8 @@ urtwn_ra_init(struct urtwn_softc *sc) return (error); } /* Set initial MRR rate. */ - DPRINTF("maxbasicrate=%d\n", maxbasicrate); + URTWN_DPRINTF(sc, URTWN_DEBUG_RA, "%s: maxbasicrate %d\n", __func__, + maxbasicrate); urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BC), maxbasicrate); @@ -1805,7 +1869,8 @@ urtwn_ra_init(struct urtwn_softc *sc) return (error); } /* Set initial MRR rate. */ - DPRINTF("maxrate=%d\n", maxrate); + URTWN_DPRINTF(sc, URTWN_DEBUG_RA, "%s: maxrate %d\n", __func__, + maxrate); urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BSS), maxrate); @@ -1872,6 +1937,10 @@ urtwn_setup_beacon(struct urtwn_softc *sc, struct ieee80211_node *ni) if ((error = urtwn_tx_beacon(sc, uvp)) != 0) return (error); + URTWN_DPRINTF(sc, URTWN_DEBUG_BEACON, "%s: beacon was %srecognized\n", + __func__, urtwn_read_1(sc, R92C_TDECTRL + 2) & + (R92C_TDECTRL_BCN_VALID >> 16) ? "" : "not "); + return (0); } @@ -2004,9 +2073,11 @@ urtwn_key_set_cb(struct urtwn_softc *sc, union sec_param *data) return; } - DPRINTFN(9, "keyix %d, keyid %d, algo %d/%d, flags %04X, len %d, " - "macaddr %s\n", k->wk_keyix, keyid, k->wk_cipher->ic_cipher, algo, - k->wk_flags, k->wk_keylen, ether_sprintf(k->wk_macaddr)); + URTWN_DPRINTF(sc, URTWN_DEBUG_KEY, + "%s: keyix %d, keyid %d, algo %d/%d, flags %04X, len %d, " + "macaddr %s\n", __func__, k->wk_keyix, keyid, + k->wk_cipher->ic_cipher, algo, k->wk_flags, k->wk_keylen, + ether_sprintf(k->wk_macaddr)); /* Write key. */ for (i = 0; i < 4; i++) { @@ -2041,7 +2112,8 @@ urtwn_key_del_cb(struct urtwn_softc *sc, union sec_param *data) struct ieee80211_key *k = &data->key; int i; - DPRINTFN(9, "keyix %d, flags %04X, macaddr %s\n", + URTWN_DPRINTF(sc, URTWN_DEBUG_KEY, + "%s: keyix %d, flags %04X, macaddr %s\n", __func__, k->wk_keyix, k->wk_flags, ether_sprintf(k->wk_macaddr)); urtwn_cam_write(sc, R92C_CAM_CTL0(k->wk_keyix), 0); @@ -2233,8 +2305,8 @@ urtwn_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) int error = 0; ostate = vap->iv_state; - DPRINTF("%s -> %s\n", ieee80211_state_name[ostate], - ieee80211_state_name[nstate]); + URTWN_DPRINTF(sc, URTWN_DEBUG_STATE, "%s -> %s\n", + ieee80211_state_name[ostate], ieee80211_state_name[nstate]); IEEE80211_UNLOCK(ic); URTWN_LOCK(sc); @@ -2442,7 +2514,8 @@ urtwn_update_avgrssi(struct urtwn_softc *sc, int rate, int8_t rssi) sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20) + 1; else sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20); - DPRINTFN(4, "PWDB=%d EMA=%d\n", pwdb, sc->avg_pwdb); + URTWN_DPRINTF(sc, URTWN_DEBUG_RA, "%s: PWDB %d, EMA %d\n", __func__, + pwdb, sc->avg_pwdb); } static int8_t @@ -3275,7 +3348,8 @@ urtwn_load_firmware(struct urtwn_softc *sc) if ((le16toh(hdr->signature) >> 4) == 0x88c || (le16toh(hdr->signature) >> 4) == 0x88e || (le16toh(hdr->signature) >> 4) == 0x92c) { - DPRINTF("FW V%d.%d %02d-%02d %02d:%02d\n", + URTWN_DPRINTF(sc, URTWN_DEBUG_FIRMWARE, + "FW V%d.%d %02d-%02d %02d:%02d\n", le16toh(hdr->version), le16toh(hdr->subversion), hdr->month, hdr->date, hdr->hour, hdr->minute); ptr += sizeof(*hdr); @@ -3986,8 +4060,8 @@ urtwn_get_txpower(struct urtwn_softc *sc, int chain, if (power[ridx] > R92C_MAX_TX_PWR) power[ridx] = R92C_MAX_TX_PWR; } -#ifdef URTWN_DEBUG - if (urtwn_debug >= 4) { +#ifdef USB_DEBUG + if (sc->sc_debug & URTWN_DEBUG_TXPWR) { /* Dump per-rate Tx power values. */ printf("Tx power for chain %d:\n", chain); for (ridx = URTWN_RIDX_CCK1; ridx < URTWN_RIDX_COUNT; ridx++) @@ -4213,7 +4287,8 @@ urtwn_update_slot_cb(struct urtwn_softc *sc, union sec_param *data) slottime = IEEE80211_GET_SLOTTIME(ic); - DPRINTFN(10, "setting slot time to %uus\n", slottime); + URTWN_DPRINTF(sc, URTWN_DEBUG_ANY, "%s: setting slot time to %uus\n", + __func__, slottime); urtwn_write_1(sc, R92C_SLOT, slottime); urtwn_update_aifs(sc, slottime); diff --git a/sys/dev/usb/wlan/if_urtwnreg.h b/sys/dev/usb/wlan/if_urtwnreg.h index f4d1d73aef8..02f631fbf40 100644 --- a/sys/dev/usb/wlan/if_urtwnreg.h +++ b/sys/dev/usb/wlan/if_urtwnreg.h @@ -458,6 +458,7 @@ /* Bits for R92C_TDECTRL. */ #define R92C_TDECTRL_BLK_DESC_NUM_M 0x000000f0 #define R92C_TDECTRL_BLK_DESC_NUM_S 4 +#define R92C_TDECTRL_BCN_VALID 0x00010000 /* Bits for R92C_FWHW_TXQ_CTRL. */ #define R92C_FWHW_TXQ_CTRL_AMPDU_RTY_NEW 0x80 diff --git a/sys/dev/usb/wlan/if_urtwnvar.h b/sys/dev/usb/wlan/if_urtwnvar.h index 40ad1caabe9..71fcabf32b0 100644 --- a/sys/dev/usb/wlan/if_urtwnvar.h +++ b/sys/dev/usb/wlan/if_urtwnvar.h @@ -150,8 +150,9 @@ struct urtwn_softc { device_t sc_dev; struct usb_device *sc_udev; + uint32_t sc_debug; uint8_t sc_iface_index; - u_int sc_flags; + uint8_t sc_flags; #define URTWN_FLAG_CCK_HIPWR 0x01 #define URTWN_DETACHED 0x02 #define URTWN_RUNNING 0x04 From 17182b1351c71381d2b6276adf0164a8a7ee51c3 Mon Sep 17 00:00:00 2001 From: Mateusz Guzik Date: Wed, 20 Jan 2016 23:33:58 +0000 Subject: [PATCH 015/154] session: avoid proctree lock on proc exit when possible We can get away with the common case with only proc lock held. Reviewed by: kib --- sys/kern/kern_exit.c | 54 +------------------------------- sys/kern/kern_proc.c | 73 ++++++++++++++++++++++++++++++++++++++++++++ sys/sys/proc.h | 1 + 3 files changed, 75 insertions(+), 53 deletions(-) diff --git a/sys/kern/kern_exit.c b/sys/kern/kern_exit.c index ee87e582051..1cd9b62fbf7 100644 --- a/sys/kern/kern_exit.c +++ b/sys/kern/kern_exit.c @@ -189,7 +189,6 @@ exit1(struct thread *td, int rval, int signo) { struct proc *p, *nq, *q, *t; struct thread *tdt; - struct vnode *ttyvp = NULL; mtx_assert(&Giant, MA_NOTOWNED); KASSERT(rval == 0 || signo == 0, ("exit1 rv %d sig %d", rval, signo)); @@ -394,60 +393,9 @@ exit1(struct thread *td, int rval, int signo) } vmspace_exit(td); - - sx_xlock(&proctree_lock); - if (SESS_LEADER(p)) { - struct session *sp = p->p_session; - struct tty *tp; - - /* - * s_ttyp is not zero'd; we use this to indicate that - * the session once had a controlling terminal. (for - * logging and informational purposes) - */ - SESS_LOCK(sp); - ttyvp = sp->s_ttyvp; - tp = sp->s_ttyp; - sp->s_ttyvp = NULL; - sp->s_ttydp = NULL; - sp->s_leader = NULL; - SESS_UNLOCK(sp); - - /* - * Signal foreground pgrp and revoke access to - * controlling terminal if it has not been revoked - * already. - * - * Because the TTY may have been revoked in the mean - * time and could already have a new session associated - * with it, make sure we don't send a SIGHUP to a - * foreground process group that does not belong to this - * session. - */ - - if (tp != NULL) { - tty_lock(tp); - if (tp->t_session == sp) - tty_signal_pgrp(tp, SIGHUP); - tty_unlock(tp); - } - - if (ttyvp != NULL) { - sx_xunlock(&proctree_lock); - if (vn_lock(ttyvp, LK_EXCLUSIVE) == 0) { - VOP_REVOKE(ttyvp, REVOKEALL); - VOP_UNLOCK(ttyvp, 0); - } - sx_xlock(&proctree_lock); - } - } - fixjobc(p, p->p_pgrp, 0); - sx_xunlock(&proctree_lock); + killjobc(); (void)acct_process(td); - /* Release the TTY now we've unlocked everything. */ - if (ttyvp != NULL) - vrele(ttyvp); #ifdef KTRACE ktrprocexit(td); #endif diff --git a/sys/kern/kern_proc.c b/sys/kern/kern_proc.c index 6937fb4f207..a4f8576dfb7 100644 --- a/sys/kern/kern_proc.c +++ b/sys/kern/kern_proc.c @@ -686,6 +686,79 @@ fixjobc(struct proc *p, struct pgrp *pgrp, int entering) } } +void +killjobc(void) +{ + struct session *sp; + struct tty *tp; + struct proc *p; + struct vnode *ttyvp; + + p = curproc; + MPASS(p->p_flag & P_WEXIT); + /* + * Do a quick check to see if there is anything to do with the + * proctree_lock held. pgrp and LIST_EMPTY checks are for fixjobc(). + */ + PROC_LOCK(p); + if (!SESS_LEADER(p) && + (p->p_pgrp == p->p_pptr->p_pgrp) && + LIST_EMPTY(&p->p_children)) { + PROC_UNLOCK(p); + return; + } + PROC_UNLOCK(p); + + sx_xlock(&proctree_lock); + if (SESS_LEADER(p)) { + sp = p->p_session; + + /* + * s_ttyp is not zero'd; we use this to indicate that + * the session once had a controlling terminal. (for + * logging and informational purposes) + */ + SESS_LOCK(sp); + ttyvp = sp->s_ttyvp; + tp = sp->s_ttyp; + sp->s_ttyvp = NULL; + sp->s_ttydp = NULL; + sp->s_leader = NULL; + SESS_UNLOCK(sp); + + /* + * Signal foreground pgrp and revoke access to + * controlling terminal if it has not been revoked + * already. + * + * Because the TTY may have been revoked in the mean + * time and could already have a new session associated + * with it, make sure we don't send a SIGHUP to a + * foreground process group that does not belong to this + * session. + */ + + if (tp != NULL) { + tty_lock(tp); + if (tp->t_session == sp) + tty_signal_pgrp(tp, SIGHUP); + tty_unlock(tp); + } + + if (ttyvp != NULL) { + sx_xunlock(&proctree_lock); + if (vn_lock(ttyvp, LK_EXCLUSIVE) == 0) { + VOP_REVOKE(ttyvp, REVOKEALL); + VOP_UNLOCK(ttyvp, 0); + } + vrele(ttyvp); + sx_xlock(&proctree_lock); + } + } + fixjobc(p, p->p_pgrp, 0); + sx_xunlock(&proctree_lock); +} + /* * A process group has become orphaned; * if there are any stopped processes in the group, diff --git a/sys/sys/proc.h b/sys/sys/proc.h index fc5c90db2b4..f2f4a9d1720 100644 --- a/sys/sys/proc.h +++ b/sys/sys/proc.h @@ -938,6 +938,7 @@ void fork_return(struct thread *, struct trapframe *); int inferior(struct proc *p); void kern_yield(int); void kick_proc0(void); +void killjobc(void); int leavepgrp(struct proc *p); int maybe_preempt(struct thread *td); void maybe_yield(void); From 218592ceede18e289b9c2bc994ee827a74f8b7c3 Mon Sep 17 00:00:00 2001 From: Andriy Voskoboinyk Date: Wed, 20 Jan 2016 23:55:39 +0000 Subject: [PATCH 016/154] urtwn: add temperature calibration Redo LC calibration if temperature changed significantly since last calibration. Tested with RTL8188EU/RTL8188CUS in STA mode. Reviewed by: kevlo Approved by: adrian (mentor) Obtained from: NetBSD (mostly) Differential Revision: https://reviews.freebsd.org/D4966 --- sys/dev/usb/wlan/if_urtwn.c | 93 +++++++++++++++++++++++++++++++++- sys/dev/usb/wlan/if_urtwnreg.h | 11 ++++ sys/dev/usb/wlan/if_urtwnvar.h | 7 +-- 3 files changed, 106 insertions(+), 5 deletions(-) diff --git a/sys/dev/usb/wlan/if_urtwn.c b/sys/dev/usb/wlan/if_urtwn.c index c38a9fd71f1..a6a8f5057f9 100644 --- a/sys/dev/usb/wlan/if_urtwn.c +++ b/sys/dev/usb/wlan/if_urtwn.c @@ -286,6 +286,9 @@ static void urtwn_ibss_recv_mgmt(struct ieee80211_node *, const struct ieee80211_rx_stats *, int, int); static int urtwn_newstate(struct ieee80211vap *, enum ieee80211_state, int); +static void urtwn_calib_to(void *); +static void urtwn_calib_cb(struct urtwn_softc *, + union sec_param *); static void urtwn_watchdog(void *); static void urtwn_update_avgrssi(struct urtwn_softc *, int, int8_t); static int8_t urtwn_get_rssi(struct urtwn_softc *, int, void *); @@ -353,6 +356,7 @@ static void urtwn_set_chan(struct urtwn_softc *, struct ieee80211_channel *); static void urtwn_iq_calib(struct urtwn_softc *); static void urtwn_lc_calib(struct urtwn_softc *); +static void urtwn_temp_calib(struct urtwn_softc *); static int urtwn_init(struct urtwn_softc *); static void urtwn_stop(struct urtwn_softc *); static void urtwn_abort_xfers(struct urtwn_softc *); @@ -481,6 +485,7 @@ urtwn_attach(device_t self) MTX_NETWORK_LOCK, MTX_DEF); URTWN_CMDQ_LOCK_INIT(sc); URTWN_NT_LOCK_INIT(sc); + callout_init(&sc->sc_calib_to, 0); callout_init(&sc->sc_watchdog_ch, 0); mbufq_init(&sc->sc_snd, ifqmaxlen); @@ -626,6 +631,7 @@ urtwn_detach(device_t self) urtwn_stop(sc); callout_drain(&sc->sc_watchdog_ch); + callout_drain(&sc->sc_calib_to); /* stop all USB transfers */ usbd_transfer_unsetup(sc->sc_xfer, URTWN_N_TRANSFER); @@ -2313,6 +2319,9 @@ urtwn_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) callout_stop(&sc->sc_watchdog_ch); if (ostate == IEEE80211_S_RUN) { + /* Stop calibration. */ + callout_stop(&sc->sc_calib_to); + /* Turn link LED off. */ urtwn_set_led(sc, URTWN_LED_LINK, 0); @@ -2450,8 +2459,10 @@ urtwn_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) sc->avg_pwdb = -1; /* Reset average RSSI. */ /* Reset temperature calibration state machine. */ - sc->thcal_state = 0; + sc->sc_flags &= ~URTWN_TEMP_MEASURED; sc->thcal_lctemp = 0; + /* Start periodic calibration. */ + callout_reset(&sc->sc_calib_to, 2*hz, urtwn_calib_to, sc); end_run: ieee80211_free_node(ni); @@ -2465,6 +2476,25 @@ urtwn_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) return (error != 0 ? error : uvp->newstate(vap, nstate, arg)); } +static void +urtwn_calib_to(void *arg) +{ + struct urtwn_softc *sc = arg; + + /* Do it in a process context. */ + urtwn_cmd_sleepable(sc, NULL, 0, urtwn_calib_cb); +} + +static void +urtwn_calib_cb(struct urtwn_softc *sc, union sec_param *data) +{ + /* Do temperature compensation. */ + urtwn_temp_calib(sc); + + if ((urtwn_read_1(sc, R92C_MSR) & R92C_MSR_MASK) != R92C_MSR_NOLINK) + callout_reset(&sc->sc_calib_to, 2*hz, urtwn_calib_to, sc); +} + static void urtwn_watchdog(void *arg) { @@ -4557,6 +4587,64 @@ urtwn_lc_calib(struct urtwn_softc *sc) } } +static void +urtwn_temp_calib(struct urtwn_softc *sc) +{ + uint8_t temp; + + URTWN_ASSERT_LOCKED(sc); + + if (!(sc->sc_flags & URTWN_TEMP_MEASURED)) { + /* Start measuring temperature. */ + URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP, + "%s: start measuring temperature\n", __func__); + if (sc->chip & URTWN_CHIP_88E) { + urtwn_rf_write(sc, 0, R88E_RF_T_METER, + R88E_RF_T_METER_START); + } else { + urtwn_rf_write(sc, 0, R92C_RF_T_METER, + R92C_RF_T_METER_START); + } + sc->sc_flags |= URTWN_TEMP_MEASURED; + return; + } + sc->sc_flags &= ~URTWN_TEMP_MEASURED; + + /* Read measured temperature. */ + if (sc->chip & URTWN_CHIP_88E) { + temp = MS(urtwn_rf_read(sc, 0, R88E_RF_T_METER), + R88E_RF_T_METER_VAL); + } else { + temp = MS(urtwn_rf_read(sc, 0, R92C_RF_T_METER), + R92C_RF_T_METER_VAL); + } + if (temp == 0) { /* Read failed, skip. */ + URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP, + "%s: temperature read failed, skipping\n", __func__); + return; + } + + URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP, + "%s: temperature: previous %u, current %u\n", + __func__, sc->thcal_lctemp, temp); + + /* + * Redo LC calibration if temperature changed significantly since + * last calibration. + */ + if (sc->thcal_lctemp == 0) { + /* First LC calibration is performed in urtwn_init(). */ + sc->thcal_lctemp = temp; + } else if (abs(temp - sc->thcal_lctemp) > 1) { + URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP, + "%s: LC calib triggered by temp: %u -> %u\n", + __func__, sc->thcal_lctemp, temp); + urtwn_lc_calib(sc); + /* Record temperature of last LC calibration. */ + sc->thcal_lctemp = temp; + } +} + static int urtwn_init(struct urtwn_softc *sc) { @@ -4804,7 +4892,8 @@ urtwn_stop(struct urtwn_softc *sc) return; } - sc->sc_flags &= ~URTWN_RUNNING; + sc->sc_flags &= ~(URTWN_RUNNING | URTWN_TEMP_MEASURED); + sc->thcal_lctemp = 0; callout_stop(&sc->sc_watchdog_ch); urtwn_abort_xfers(sc); diff --git a/sys/dev/usb/wlan/if_urtwnreg.h b/sys/dev/usb/wlan/if_urtwnreg.h index 02f631fbf40..5b8b4f5de20 100644 --- a/sys/dev/usb/wlan/if_urtwnreg.h +++ b/sys/dev/usb/wlan/if_urtwnreg.h @@ -813,6 +813,7 @@ #define R92C_RF_SYN_G(i) (0x25 + (i)) #define R92C_RF_RCK_OS 0x30 #define R92C_RF_TXPA_G(i) (0x31 + (i)) +#define R88E_RF_T_METER 0x42 /* Bits for R92C_RF_AC. */ #define R92C_RF_AC_MODE_M 0x70000 @@ -826,6 +827,16 @@ #define R88E_RF_CHNLBW_BW20 0x00c00 #define R92C_RF_CHNLBW_LCSTART 0x08000 +/* Bits for R92C_RF_T_METER. */ +#define R92C_RF_T_METER_START 0x60 +#define R92C_RF_T_METER_VAL_M 0x1f +#define R92C_RF_T_METER_VAL_S 0 + +/* Bits for R88E_RF_T_METER. */ +#define R88E_RF_T_METER_VAL_M 0x0fc00 +#define R88E_RF_T_METER_VAL_S 10 +#define R88E_RF_T_METER_START 0x30000 + /* * CAM entries. diff --git a/sys/dev/usb/wlan/if_urtwnvar.h b/sys/dev/usb/wlan/if_urtwnvar.h index 71fcabf32b0..ac94f96003e 100644 --- a/sys/dev/usb/wlan/if_urtwnvar.h +++ b/sys/dev/usb/wlan/if_urtwnvar.h @@ -156,6 +156,7 @@ struct urtwn_softc { #define URTWN_FLAG_CCK_HIPWR 0x01 #define URTWN_DETACHED 0x02 #define URTWN_RUNNING 0x04 +#define URTWN_TEMP_MEASURED 0x10 u_int chip; #define URTWN_CHIP_92C 0x01 @@ -180,8 +181,7 @@ struct urtwn_softc { int8_t ofdm_tx_pwr_diff; int8_t bw20_tx_pwr_diff; int avg_pwdb; - int thcal_state; - int thcal_lctemp; + uint8_t thcal_lctemp; int ntxchains; int nrxchains; int ledlink; @@ -203,7 +203,8 @@ struct urtwn_softc { union urtwn_rom rom; uint16_t last_rom_addr; - + + struct callout sc_calib_to; struct callout sc_watchdog_ch; struct mtx sc_mtx; uint32_t keys_bmap; From a34ec16adb2b29d7fff909d1e8e5e5ccb19539d0 Mon Sep 17 00:00:00 2001 From: Navdeep Parhar Date: Thu, 21 Jan 2016 00:42:48 +0000 Subject: [PATCH 017/154] iw_cxgbe: fix a couple of problems int the RDMA_TERMINATE handler. a) Look for the CPL in the payload buffer instead of the descriptor. b) Retrieve the socket associated with the tid with the inpcb lock held. Submitted by: Krishnamraju Eraparaju @ Chelsio --- sys/dev/cxgbe/iw_cxgbe/cm.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/sys/dev/cxgbe/iw_cxgbe/cm.c b/sys/dev/cxgbe/iw_cxgbe/cm.c index 8af7df5f4eb..c3c7f4b3d88 100644 --- a/sys/dev/cxgbe/iw_cxgbe/cm.c +++ b/sys/dev/cxgbe/iw_cxgbe/cm.c @@ -2365,15 +2365,18 @@ static int fw6_cqe_handler(struct adapter *sc, const __be64 *rpl) static int terminate(struct sge_iq *iq, const struct rss_header *rss, struct mbuf *m) { - struct adapter *sc = iq->adapter; - - const struct cpl_rdma_terminate *rpl = (const void *)(rss + 1); - unsigned int tid = GET_TID(rpl); + const struct cpl_rdma_terminate *cpl = mtod(m, const void *); + unsigned int tid = GET_TID(cpl); struct c4iw_qp_attributes attrs; struct toepcb *toep = lookup_tid(sc, tid); - struct socket *so = inp_inpcbtosocket(toep->inp); - struct c4iw_ep *ep = so->so_rcv.sb_upcallarg; + struct socket *so; + struct c4iw_ep *ep; + + INP_WLOCK(toep->inp); + so = inp_inpcbtosocket(toep->inp); + ep = so->so_rcv.sb_upcallarg; + INP_WUNLOCK(toep->inp); CTR2(KTR_IW_CXGBE, "%s:tB %p %d", __func__, ep); From 76583fa294e6774164bdb4d802518d80836234cb Mon Sep 17 00:00:00 2001 From: Mateusz Guzik Date: Thu, 21 Jan 2016 01:04:03 +0000 Subject: [PATCH 018/154] cache: use counter(9) API to maintain statistics Previously the code would just increment statistics while only holding a shared lock, in effect losing updates. Separate tracking for nchstats is removed as values can be obtained from existing counters. Note that some fields are updated by external consumers and are left unfixed. This should not be a serious issue as this structure looks quite obsolete. No strong objections: kib --- sys/kern/vfs_cache.c | 141 ++++++++++++++++++++++++------------------- 1 file changed, 80 insertions(+), 61 deletions(-) diff --git a/sys/kern/vfs_cache.c b/sys/kern/vfs_cache.c index f1bd8212237..58a06a7938f 100644 --- a/sys/kern/vfs_cache.c +++ b/sys/kern/vfs_cache.c @@ -39,6 +39,7 @@ __FBSDID("$FreeBSD$"); #include #include +#include #include #include #include @@ -272,37 +273,35 @@ SYSCTL_INT(_debug_sizeof, OID_AUTO, namecache, CTLFLAG_RD, SYSCTL_NULL_INT_PTR, */ static SYSCTL_NODE(_vfs, OID_AUTO, cache, CTLFLAG_RW, 0, "Name cache statistics"); -#define STATNODE(mode, name, var, descr) \ - SYSCTL_ULONG(_vfs_cache, OID_AUTO, name, mode, var, 0, descr); -STATNODE(CTLFLAG_RD, numneg, &numneg, "Number of negative cache entries"); -STATNODE(CTLFLAG_RD, numcache, &numcache, "Number of cache entries"); -static u_long numcalls; STATNODE(CTLFLAG_RD, numcalls, &numcalls, - "Number of cache lookups"); -static u_long dothits; STATNODE(CTLFLAG_RD, dothits, &dothits, - "Number of '.' hits"); -static u_long dotdothits; STATNODE(CTLFLAG_RD, dotdothits, &dotdothits, - "Number of '..' hits"); -static u_long numchecks; STATNODE(CTLFLAG_RD, numchecks, &numchecks, - "Number of checks in lookup"); -static u_long nummiss; STATNODE(CTLFLAG_RD, nummiss, &nummiss, - "Number of cache misses"); -static u_long nummisszap; STATNODE(CTLFLAG_RD, nummisszap, &nummisszap, - "Number of cache misses we do not want to cache"); -static u_long numposzaps; STATNODE(CTLFLAG_RD, numposzaps, &numposzaps, +#define STATNODE_ULONG(name, descr) \ + SYSCTL_ULONG(_vfs_cache, OID_AUTO, name, CTLFLAG_RD, &name, 0, descr); +#define STATNODE_COUNTER(name, descr) \ + static counter_u64_t name; \ + SYSCTL_COUNTER_U64(_vfs_cache, OID_AUTO, name, CTLFLAG_RD, &name, descr); +STATNODE_ULONG(numneg, "Number of negative cache entries"); +STATNODE_ULONG(numcache, "Number of cache entries"); +STATNODE_COUNTER(numcalls, "Number of cache lookups"); +STATNODE_COUNTER(dothits, "Number of '.' hits"); +STATNODE_COUNTER(dotdothits, "Number of '..' hits"); +STATNODE_COUNTER(numchecks, "Number of checks in lookup"); +STATNODE_COUNTER(nummiss, "Number of cache misses"); +STATNODE_COUNTER(nummisszap, "Number of cache misses we do not want to cache"); +STATNODE_COUNTER(numposzaps, "Number of cache hits (positive) we do not want to cache"); -static u_long numposhits; STATNODE(CTLFLAG_RD, numposhits, &numposhits, - "Number of cache hits (positive)"); -static u_long numnegzaps; STATNODE(CTLFLAG_RD, numnegzaps, &numnegzaps, +STATNODE_COUNTER(numposhits, "Number of cache hits (positive)"); +STATNODE_COUNTER(numnegzaps, "Number of cache hits (negative) we do not want to cache"); -static u_long numneghits; STATNODE(CTLFLAG_RD, numneghits, &numneghits, - "Number of cache hits (negative)"); -static u_long numupgrades; STATNODE(CTLFLAG_RD, numupgrades, &numupgrades, +STATNODE_COUNTER(numneghits, "Number of cache hits (negative)"); +/* These count for kern___getcwd(), too. */ +STATNODE_COUNTER(numfullpathcalls, "Number of fullpath search calls"); +STATNODE_COUNTER(numfullpathfail1, "Number of fullpath search errors (ENOTDIR)"); +STATNODE_COUNTER(numfullpathfail2, + "Number of fullpath search errors (VOP_VPTOCNP failures)"); +STATNODE_COUNTER(numfullpathfail4, "Number of fullpath search errors (ENOMEM)"); +STATNODE_COUNTER(numfullpathfound, "Number of successful fullpath calls"); +static long numupgrades; STATNODE_ULONG(numupgrades, "Number of updates of the cache after lookup (write lock + retry)"); -SYSCTL_OPAQUE(_vfs_cache, OID_AUTO, nchstats, CTLFLAG_RD | CTLFLAG_MPSAFE, - &nchstats, sizeof(nchstats), "LU", - "VFS cache effectiveness statistics"); - static void cache_zap(struct namecache *ncp); static int vn_vptocnp_locked(struct vnode **vp, struct ucred *cred, char *buf, u_int *buflen); @@ -311,6 +310,28 @@ static int vn_fullpath1(struct thread *td, struct vnode *vp, struct vnode *rdir, static MALLOC_DEFINE(M_VFSCACHE, "vfscache", "VFS name cache entries"); +static int +sysctl_nchstats(SYSCTL_HANDLER_ARGS) +{ + struct nchstats snap; + + if (req->oldptr == NULL) + return (SYSCTL_OUT(req, 0, sizeof(snap))); + + snap = nchstats; + snap.ncs_goodhits = counter_u64_fetch(numposhits); + snap.ncs_neghits = counter_u64_fetch(numneghits); + snap.ncs_badhits = counter_u64_fetch(numposzaps) + + counter_u64_fetch(numnegzaps); + snap.ncs_miss = counter_u64_fetch(nummisszap) + + counter_u64_fetch(nummiss); + + return (SYSCTL_OUT(req, &snap, sizeof(snap))); +} +SYSCTL_PROC(_vfs_cache, OID_AUTO, nchstats, CTLTYPE_OPAQUE | CTLFLAG_RD | + CTLFLAG_MPSAFE, 0, 0, sysctl_nchstats, "LU", + "VFS cache effectiveness statistics"); + #ifdef DIAGNOSTIC /* * Grab an atomic snapshot of the name cache hash chain lengths @@ -479,7 +500,7 @@ cache_lookup(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp, retry: CACHE_RLOCK(); wlocked = 0; - numcalls++; + counter_u64_add(numcalls, 1); error = 0; retry_wlocked: @@ -488,7 +509,7 @@ cache_lookup(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp, *vpp = dvp; CTR2(KTR_VFS, "cache_lookup(%p, %s) found via .", dvp, cnp->cn_nameptr); - dothits++; + counter_u64_add(dothits, 1); SDT_PROBE3(vfs, namecache, lookup, hit, dvp, ".", *vpp); if (tsp != NULL) timespecclear(tsp); @@ -497,7 +518,7 @@ cache_lookup(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp, goto success; } if (cnp->cn_namelen == 2 && cnp->cn_nameptr[1] == '.') { - dotdothits++; + counter_u64_add(dotdothits, 1); if (dvp->v_cache_dd == NULL) { SDT_PROBE3(vfs, namecache, lookup, miss, dvp, "..", NULL); @@ -536,7 +557,7 @@ cache_lookup(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp, hash = fnv_32_buf(cnp->cn_nameptr, cnp->cn_namelen, FNV1_32_INIT); hash = fnv_32_buf(&dvp, sizeof(dvp), hash); LIST_FOREACH(ncp, (NCHHASH(hash)), nc_hash) { - numchecks++; + counter_u64_add(numchecks, 1); if (ncp->nc_dvp == dvp && ncp->nc_nlen == cnp->cn_namelen && !bcmp(nc_get_name(ncp), cnp->cn_nameptr, ncp->nc_nlen)) break; @@ -547,18 +568,16 @@ cache_lookup(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp, SDT_PROBE3(vfs, namecache, lookup, miss, dvp, cnp->cn_nameptr, NULL); if ((cnp->cn_flags & MAKEENTRY) == 0) { - nummisszap++; + counter_u64_add(nummisszap, 1); } else { - nummiss++; + counter_u64_add(nummiss, 1); } - nchstats.ncs_miss++; goto unlock; } /* We don't want to have an entry, so dump it */ if ((cnp->cn_flags & MAKEENTRY) == 0) { - numposzaps++; - nchstats.ncs_badhits++; + counter_u64_add(numposzaps, 1); if (!wlocked && !CACHE_UPGRADE_LOCK()) goto wlock; cache_zap(ncp); @@ -568,8 +587,7 @@ cache_lookup(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp, /* We found a "positive" match, return the vnode */ if (ncp->nc_vp) { - numposhits++; - nchstats.ncs_goodhits++; + counter_u64_add(numposhits, 1); *vpp = ncp->nc_vp; CTR4(KTR_VFS, "cache_lookup(%p, %s) found %p via ncp %p", dvp, cnp->cn_nameptr, *vpp, ncp); @@ -582,8 +600,7 @@ cache_lookup(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp, negative_success: /* We found a negative match, and want to create it, so purge */ if (cnp->cn_nameiop == CREATE) { - numnegzaps++; - nchstats.ncs_badhits++; + counter_u64_add(numnegzaps, 1); if (!wlocked && !CACHE_UPGRADE_LOCK()) goto wlock; cache_zap(ncp); @@ -593,7 +610,7 @@ cache_lookup(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp, if (!wlocked && !CACHE_UPGRADE_LOCK()) goto wlock; - numneghits++; + counter_u64_add(numneghits, 1); /* * We found a "negative" match, so we shift it to the end of * the "negative" cache entries queue to satisfy LRU. Also, @@ -602,7 +619,6 @@ cache_lookup(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp, */ TAILQ_REMOVE(&ncneg, ncp, nc_dst); TAILQ_INSERT_TAIL(&ncneg, ncp, nc_dst); - nchstats.ncs_neghits++; if (ncp->nc_flag & NCF_WHITE) cnp->cn_flags |= ISWHITEOUT; SDT_PROBE2(vfs, namecache, lookup, hit__negative, dvp, @@ -918,6 +934,22 @@ nchinit(void *dummy __unused) NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_ZINIT); nchashtbl = hashinit(desiredvnodes * 2, M_VFSCACHE, &nchash); + + numcalls = counter_u64_alloc(M_WAITOK); + dothits = counter_u64_alloc(M_WAITOK); + dotdothits = counter_u64_alloc(M_WAITOK); + numchecks = counter_u64_alloc(M_WAITOK); + nummiss = counter_u64_alloc(M_WAITOK); + nummisszap = counter_u64_alloc(M_WAITOK); + numposzaps = counter_u64_alloc(M_WAITOK); + numposhits = counter_u64_alloc(M_WAITOK); + numnegzaps = counter_u64_alloc(M_WAITOK); + numneghits = counter_u64_alloc(M_WAITOK); + numfullpathcalls = counter_u64_alloc(M_WAITOK); + numfullpathfail1 = counter_u64_alloc(M_WAITOK); + numfullpathfail2 = counter_u64_alloc(M_WAITOK); + numfullpathfail4 = counter_u64_alloc(M_WAITOK); + numfullpathfound = counter_u64_alloc(M_WAITOK); } SYSINIT(vfs, SI_SUB_VFS, SI_ORDER_SECOND, nchinit, NULL); @@ -1122,23 +1154,10 @@ kern___getcwd(struct thread *td, char *buf, enum uio_seg bufseg, u_int buflen, * Thus begins the fullpath magic. */ -#undef STATNODE -#define STATNODE(name, descr) \ - static u_int name; \ - SYSCTL_UINT(_vfs_cache, OID_AUTO, name, CTLFLAG_RD, &name, 0, descr) - static int disablefullpath; SYSCTL_INT(_debug, OID_AUTO, disablefullpath, CTLFLAG_RW, &disablefullpath, 0, "Disable the vn_fullpath function"); -/* These count for kern___getcwd(), too. */ -STATNODE(numfullpathcalls, "Number of fullpath search calls"); -STATNODE(numfullpathfail1, "Number of fullpath search errors (ENOTDIR)"); -STATNODE(numfullpathfail2, - "Number of fullpath search errors (VOP_VPTOCNP failures)"); -STATNODE(numfullpathfail4, "Number of fullpath search errors (ENOMEM)"); -STATNODE(numfullpathfound, "Number of successful fullpath calls"); - /* * Retrieve the full filesystem path that correspond to a vnode from the name * cache (if available) @@ -1226,7 +1245,7 @@ vn_vptocnp_locked(struct vnode **vp, struct ucred *cred, char *buf, if (*buflen < ncp->nc_nlen) { CACHE_RUNLOCK(); vrele(*vp); - numfullpathfail4++; + counter_u64_add(numfullpathfail4, 1); error = ENOMEM; SDT_PROBE3(vfs, namecache, fullpath, return, error, vp, NULL); @@ -1251,7 +1270,7 @@ vn_vptocnp_locked(struct vnode **vp, struct ucred *cred, char *buf, error = VOP_VPTOCNP(*vp, &dvp, cred, buf, buflen); vput(*vp); if (error) { - numfullpathfail2++; + counter_u64_add(numfullpathfail2, 1); SDT_PROBE3(vfs, namecache, fullpath, return, error, vp, NULL); return (error); } @@ -1292,7 +1311,7 @@ vn_fullpath1(struct thread *td, struct vnode *vp, struct vnode *rdir, slash_prefixed = 0; SDT_PROBE1(vfs, namecache, fullpath, entry, vp); - numfullpathcalls++; + counter_u64_add(numfullpathcalls, 1); vref(vp); CACHE_RLOCK(); if (vp->v_type != VDIR) { @@ -1328,7 +1347,7 @@ vn_fullpath1(struct thread *td, struct vnode *vp, struct vnode *rdir, if (vp->v_type != VDIR) { CACHE_RUNLOCK(); vrele(vp); - numfullpathfail1++; + counter_u64_add(numfullpathfail1, 1); error = ENOTDIR; SDT_PROBE3(vfs, namecache, fullpath, return, error, vp, NULL); @@ -1354,14 +1373,14 @@ vn_fullpath1(struct thread *td, struct vnode *vp, struct vnode *rdir, if (buflen == 0) { CACHE_RUNLOCK(); vrele(vp); - numfullpathfail4++; + counter_u64_add(numfullpathfail4, 1); SDT_PROBE3(vfs, namecache, fullpath, return, ENOMEM, startvp, NULL); return (ENOMEM); } buf[--buflen] = '/'; } - numfullpathfound++; + counter_u64_add(numfullpathfound, 1); CACHE_RUNLOCK(); vrele(vp); From db709ecbccd762e2eb1f2f35b087ea33e41fe6a6 Mon Sep 17 00:00:00 2001 From: Mateusz Guzik Date: Thu, 21 Jan 2016 01:05:41 +0000 Subject: [PATCH 019/154] cache: provide a helper for computing the hash Reviewed by: kib --- sys/kern/vfs_cache.c | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/sys/kern/vfs_cache.c b/sys/kern/vfs_cache.c index 58a06a7938f..202f7db7ee3 100644 --- a/sys/kern/vfs_cache.c +++ b/sys/kern/vfs_cache.c @@ -310,6 +310,16 @@ static int vn_fullpath1(struct thread *td, struct vnode *vp, struct vnode *rdir, static MALLOC_DEFINE(M_VFSCACHE, "vfscache", "VFS name cache entries"); +static uint32_t +cache_get_hash(char *name, u_char len, struct vnode *dvp) +{ + uint32_t hash; + + hash = fnv_32_buf(name, len, FNV1_32_INIT); + hash = fnv_32_buf(&dvp, sizeof(dvp), hash); + return (hash); +} + static int sysctl_nchstats(SYSCTL_HANDLER_ARGS) { @@ -554,8 +564,7 @@ cache_lookup(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp, } } - hash = fnv_32_buf(cnp->cn_nameptr, cnp->cn_namelen, FNV1_32_INIT); - hash = fnv_32_buf(&dvp, sizeof(dvp), hash); + hash = cache_get_hash(cnp->cn_nameptr, cnp->cn_namelen, dvp); LIST_FOREACH(ncp, (NCHHASH(hash)), nc_hash) { counter_u64_add(numchecks, 1); if (ncp->nc_dvp == dvp && ncp->nc_nlen == cnp->cn_namelen && @@ -799,9 +808,8 @@ cache_enter_time(struct vnode *dvp, struct vnode *vp, struct componentname *cnp, } } len = ncp->nc_nlen = cnp->cn_namelen; - hash = fnv_32_buf(cnp->cn_nameptr, len, FNV1_32_INIT); + hash = cache_get_hash(cnp->cn_nameptr, len, dvp); strlcpy(nc_get_name(ncp), cnp->cn_nameptr, len + 1); - hash = fnv_32_buf(&dvp, sizeof(dvp), hash); CACHE_WLOCK(); /* @@ -980,10 +988,8 @@ cache_changesize(int newmaxvnodes) nchash = new_nchash; for (i = 0; i <= old_nchash; i++) { while ((ncp = LIST_FIRST(&old_nchashtbl[i])) != NULL) { - hash = fnv_32_buf(nc_get_name(ncp), ncp->nc_nlen, - FNV1_32_INIT); - hash = fnv_32_buf(&ncp->nc_dvp, sizeof(ncp->nc_dvp), - hash); + hash = cache_get_hash(nc_get_name(ncp), ncp->nc_nlen, + ncp->nc_dvp); LIST_REMOVE(ncp, nc_hash); LIST_INSERT_HEAD(NCHHASH(hash), ncp, nc_hash); } From baa2bcf5724deb92ccf7363a0d2539a6a4730b2e Mon Sep 17 00:00:00 2001 From: Mateusz Guzik Date: Thu, 21 Jan 2016 01:07:05 +0000 Subject: [PATCH 020/154] cache: perform . lockup without the namecache lock Reviewed by: kib --- sys/kern/vfs_cache.c | 52 ++++++++++++++++++++------------------------ 1 file changed, 24 insertions(+), 28 deletions(-) diff --git a/sys/kern/vfs_cache.c b/sys/kern/vfs_cache.c index 202f7db7ee3..7a7b882b915 100644 --- a/sys/kern/vfs_cache.c +++ b/sys/kern/vfs_cache.c @@ -508,7 +508,6 @@ cache_lookup(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp, return (0); } retry: - CACHE_RLOCK(); wlocked = 0; counter_u64_add(numcalls, 1); error = 0; @@ -525,8 +524,28 @@ cache_lookup(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp, timespecclear(tsp); if (ticksp != NULL) *ticksp = ticks; - goto success; + VREF(*vpp); + /* + * When we lookup "." we still can be asked to lock it + * differently... + */ + ltype = cnp->cn_lkflags & LK_TYPE_MASK; + if (ltype != VOP_ISLOCKED(*vpp)) { + if (ltype == LK_EXCLUSIVE) { + vn_lock(*vpp, LK_UPGRADE | LK_RETRY); + if ((*vpp)->v_iflag & VI_DOOMED) { + /* forced unmount */ + vrele(*vpp); + *vpp = NULL; + return (ENOENT); + } + } else + vn_lock(*vpp, LK_DOWNGRADE | LK_RETRY); + } + return (-1); } + if (!wlocked) + CACHE_RLOCK(); if (cnp->cn_namelen == 2 && cnp->cn_nameptr[1] == '.') { counter_u64_add(dotdothits, 1); if (dvp->v_cache_dd == NULL) { @@ -562,7 +581,8 @@ cache_lookup(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp, nc_dotdottime; goto success; } - } + } else if (!wlocked) + CACHE_RLOCK(); hash = cache_get_hash(cnp->cn_nameptr, cnp->cn_namelen, dvp); LIST_FOREACH(ncp, (NCHHASH(hash)), nc_hash) { @@ -652,31 +672,7 @@ cache_lookup(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp, * On success we return a locked and ref'd vnode as per the lookup * protocol. */ - if (dvp == *vpp) { /* lookup on "." */ - VREF(*vpp); - if (wlocked) - CACHE_WUNLOCK(); - else - CACHE_RUNLOCK(); - /* - * When we lookup "." we still can be asked to lock it - * differently... - */ - ltype = cnp->cn_lkflags & LK_TYPE_MASK; - if (ltype != VOP_ISLOCKED(*vpp)) { - if (ltype == LK_EXCLUSIVE) { - vn_lock(*vpp, LK_UPGRADE | LK_RETRY); - if ((*vpp)->v_iflag & VI_DOOMED) { - /* forced unmount */ - vrele(*vpp); - *vpp = NULL; - return (ENOENT); - } - } else - vn_lock(*vpp, LK_DOWNGRADE | LK_RETRY); - } - return (-1); - } + MPASS(dvp != *vpp); ltype = 0; /* silence gcc warning */ if (cnp->cn_flags & ISDOTDOT) { ltype = VOP_ISLOCKED(dvp); From b0632ab4327fd12d38437a38d8e9c855d72cf6d9 Mon Sep 17 00:00:00 2001 From: Mateusz Guzik Date: Thu, 21 Jan 2016 01:09:39 +0000 Subject: [PATCH 021/154] cache: minor changes 1. vhold and zap immediately instead of postponing few lines later 2. increment numneg after new entry is added No functional changes. No objections: kib --- sys/kern/vfs_cache.c | 48 ++++++++++++++++++-------------------------- 1 file changed, 20 insertions(+), 28 deletions(-) diff --git a/sys/kern/vfs_cache.c b/sys/kern/vfs_cache.c index 7a7b882b915..ff2ad210c16 100644 --- a/sys/kern/vfs_cache.c +++ b/sys/kern/vfs_cache.c @@ -723,8 +723,6 @@ cache_enter_time(struct vnode *dvp, struct vnode *vp, struct componentname *cnp, struct nchashhead *ncpp; uint32_t hash; int flag; - int hold; - int zap; int len; CTR3(KTR_VFS, "cache_enter(%p, %p, %s)", dvp, vp, cnp->cn_nameptr); @@ -782,9 +780,6 @@ cache_enter_time(struct vnode *dvp, struct vnode *vp, struct componentname *cnp, } } - hold = 0; - zap = 0; - /* * Calculate the hash key and setup as much of the new * namecache entry as possible before acquiring the lock. @@ -855,24 +850,22 @@ cache_enter_time(struct vnode *dvp, struct vnode *vp, struct componentname *cnp, } numcache++; - if (vp == NULL) { - numneg++; - if (cnp->cn_flags & ISWHITEOUT) - ncp->nc_flag |= NCF_WHITE; - } else if (vp->v_type == VDIR) { - if (flag != NCF_ISDOTDOT) { - /* - * For this case, the cache entry maps both the - * directory name in it and the name ".." for the - * directory's parent. - */ - if ((n2 = vp->v_cache_dd) != NULL && - (n2->nc_flag & NCF_ISDOTDOT) != 0) - cache_zap(n2); - vp->v_cache_dd = ncp; + if (vp != NULL) { + if (vp->v_type == VDIR) { + if (flag != NCF_ISDOTDOT) { + /* + * For this case, the cache entry maps both the + * directory name in it and the name ".." for the + * directory's parent. + */ + if ((n2 = vp->v_cache_dd) != NULL && + (n2->nc_flag & NCF_ISDOTDOT) != 0) + cache_zap(n2); + vp->v_cache_dd = ncp; + } + } else { + vp->v_cache_dd = NULL; } - } else { - vp->v_cache_dd = NULL; } /* @@ -882,7 +875,7 @@ cache_enter_time(struct vnode *dvp, struct vnode *vp, struct componentname *cnp, LIST_INSERT_HEAD(ncpp, ncp, nc_hash); if (flag != NCF_ISDOTDOT) { if (LIST_EMPTY(&dvp->v_cache_src)) { - hold = 1; + vhold(dvp); numcachehv++; } LIST_INSERT_HEAD(&dvp->v_cache_src, ncp, nc_src); @@ -898,7 +891,10 @@ cache_enter_time(struct vnode *dvp, struct vnode *vp, struct componentname *cnp, SDT_PROBE3(vfs, namecache, enter, done, dvp, nc_get_name(ncp), vp); } else { + if (cnp->cn_flags & ISWHITEOUT) + ncp->nc_flag |= NCF_WHITE; TAILQ_INSERT_TAIL(&ncneg, ncp, nc_dst); + numneg++; SDT_PROBE2(vfs, namecache, enter_negative, done, dvp, nc_get_name(ncp)); } @@ -906,12 +902,8 @@ cache_enter_time(struct vnode *dvp, struct vnode *vp, struct componentname *cnp, ncp = TAILQ_FIRST(&ncneg); KASSERT(ncp->nc_vp == NULL, ("ncp %p vp %p on ncneg", ncp, ncp->nc_vp)); - zap = 1; - } - if (hold) - vhold(dvp); - if (zap) cache_zap(ncp); + } CACHE_WUNLOCK(); } From 4429f0e2e3dab19e4d38b0c6c65afb49b0cfae5f Mon Sep 17 00:00:00 2001 From: John Baldwin Date: Thu, 21 Jan 2016 01:28:31 +0000 Subject: [PATCH 022/154] Remove unused variables for socket AIO. In r55943, a per-process queue of pending socket AIO requests (requests waiting for the socket to become ready) was added so that they could be cancelled during process rundown. In r154765, the rundown code was changed to handle jobs in this state (JOBST_JOBQSOCK) directly removing the need for the extra queue. However, the per-process queue head and global lock were never removed. Reviewed by: kib Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D4997 --- sys/kern/vfs_aio.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/sys/kern/vfs_aio.c b/sys/kern/vfs_aio.c index 4a4c6125918..63739040168 100644 --- a/sys/kern/vfs_aio.c +++ b/sys/kern/vfs_aio.c @@ -293,9 +293,6 @@ struct kaioinfo { TAILQ_HEAD(,aioliojob) kaio_liojoblist; /* (a) list of lio jobs */ TAILQ_HEAD(,aiocblist) kaio_jobqueue; /* (a) job queue for process */ TAILQ_HEAD(,aiocblist) kaio_bufqueue; /* (a) buffer job queue for process */ - TAILQ_HEAD(,aiocblist) kaio_sockqueue; /* (a) queue for aios waiting on sockets, - * NOT USED YET. - */ TAILQ_HEAD(,aiocblist) kaio_syncqueue; /* (a) queue for aio_fsync */ struct task kaio_task; /* (*) task to kick aio threads */ }; @@ -325,7 +322,6 @@ struct aiocb_ops { static TAILQ_HEAD(,aiothreadlist) aio_freeproc; /* (c) Idle daemons */ static struct sema aio_newproc_sem; static struct mtx aio_job_mtx; -static struct mtx aio_sock_mtx; static TAILQ_HEAD(,aiocblist) aio_jobs; /* (c) Async job list */ static struct unrhdr *aiod_unr; @@ -483,7 +479,6 @@ aio_onceonly(void) TAILQ_INIT(&aio_freeproc); sema_init(&aio_newproc_sem, 0, "aio_new_proc"); mtx_init(&aio_job_mtx, "aio_job", NULL, MTX_DEF); - mtx_init(&aio_sock_mtx, "aio_sock", NULL, MTX_DEF); TAILQ_INIT(&aio_jobs); aiod_unr = new_unrhdr(1, INT_MAX, NULL); kaio_zone = uma_zcreate("AIO", sizeof(struct kaioinfo), NULL, NULL, @@ -556,7 +551,6 @@ aio_unload(void) EVENTHANDLER_DEREGISTER(process_exit, exit_tag); EVENTHANDLER_DEREGISTER(process_exec, exec_tag); mtx_destroy(&aio_job_mtx); - mtx_destroy(&aio_sock_mtx); sema_destroy(&aio_newproc_sem); p31b_setcfg(CTL_P1003_1B_AIO_LISTIO_MAX, -1); p31b_setcfg(CTL_P1003_1B_AIO_MAX, -1); @@ -587,7 +581,6 @@ aio_init_aioinfo(struct proc *p) TAILQ_INIT(&ki->kaio_jobqueue); TAILQ_INIT(&ki->kaio_bufqueue); TAILQ_INIT(&ki->kaio_liojoblist); - TAILQ_INIT(&ki->kaio_sockqueue); TAILQ_INIT(&ki->kaio_syncqueue); TASK_INIT(&ki->kaio_task, 0, aio_kick_helper, p); PROC_LOCK(p); From 39314b7d995f9f34998642bf68a74648bb75d6e6 Mon Sep 17 00:00:00 2001 From: John Baldwin Date: Thu, 21 Jan 2016 02:20:38 +0000 Subject: [PATCH 023/154] AIO daemons have always been kernel processes to facilitate switching to user VM spaces while servicing jobs. Update various comments and data structures that refer to AIO daemons as threads to refer to processes instead. Reviewed by: kib Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D4999 --- sys/kern/vfs_aio.c | 58 +++++++++++++++++++++++----------------------- 1 file changed, 29 insertions(+), 29 deletions(-) diff --git a/sys/kern/vfs_aio.c b/sys/kern/vfs_aio.c index 63739040168..1d99a566abb 100644 --- a/sys/kern/vfs_aio.c +++ b/sys/kern/vfs_aio.c @@ -130,12 +130,12 @@ static SYSCTL_NODE(_vfs, OID_AUTO, aio, CTLFLAG_RW, 0, "Async IO management"); static int max_aio_procs = MAX_AIO_PROCS; SYSCTL_INT(_vfs_aio, OID_AUTO, max_aio_procs, CTLFLAG_RW, &max_aio_procs, 0, - "Maximum number of kernel threads to use for handling async IO "); + "Maximum number of kernel processes to use for handling async IO "); static int num_aio_procs = 0; SYSCTL_INT(_vfs_aio, OID_AUTO, num_aio_procs, CTLFLAG_RD, &num_aio_procs, 0, - "Number of presently active kernel threads for async IO"); + "Number of presently active kernel processes for async IO"); /* * The code will adjust the actual number of AIO processes towards this @@ -143,7 +143,7 @@ SYSCTL_INT(_vfs_aio, OID_AUTO, num_aio_procs, */ static int target_aio_procs = TARGET_AIO_PROCS; SYSCTL_INT(_vfs_aio, OID_AUTO, target_aio_procs, CTLFLAG_RW, &target_aio_procs, - 0, "Preferred number of ready kernel threads for async IO"); + 0, "Preferred number of ready kernel processes for async IO"); static int max_queue_count = MAX_AIO_QUEUE; SYSCTL_INT(_vfs_aio, OID_AUTO, max_aio_queue, CTLFLAG_RW, &max_queue_count, 0, @@ -157,7 +157,7 @@ static int num_buf_aio = 0; SYSCTL_INT(_vfs_aio, OID_AUTO, num_buf_aio, CTLFLAG_RD, &num_buf_aio, 0, "Number of aio requests presently handled by the buf subsystem"); -/* Number of async I/O thread in the process of being started */ +/* Number of async I/O processes in the process of being started */ /* XXX This should be local to aio_aqueue() */ static int num_aio_resv_start = 0; @@ -210,8 +210,8 @@ typedef struct oaiocb { * Current, there is only two backends: BIO and generic file I/O. * socket I/O is served by generic file I/O, this is not a good idea, since * disk file I/O and any other types without O_NONBLOCK flag can block daemon - * threads, if there is no thread to serve socket I/O, the socket I/O will be - * delayed too long or starved, we should create some threads dedicated to + * processes, if there is no thread to serve socket I/O, the socket I/O will be + * delayed too long or starved, we should create some processes dedicated to * sockets to do non-blocking I/O, same for pipe and fifo, for these I/O * systems we really need non-blocking interface, fiddling O_NONBLOCK in file * structure is not safe because there is race between userland and aio @@ -253,10 +253,10 @@ struct aiocblist { */ #define AIOP_FREE 0x1 /* proc on free queue */ -struct aiothreadlist { - int aiothreadflags; /* (c) AIO proc flags */ - TAILQ_ENTRY(aiothreadlist) list; /* (c) list of processes */ - struct thread *aiothread; /* (*) the AIO thread */ +struct aioproc { + int aioprocflags; /* (c) AIO proc flags */ + TAILQ_ENTRY(aioproc) list; /* (c) list of processes */ + struct proc *aioproc; /* (*) the AIO proc */ }; /* @@ -294,7 +294,7 @@ struct kaioinfo { TAILQ_HEAD(,aiocblist) kaio_jobqueue; /* (a) job queue for process */ TAILQ_HEAD(,aiocblist) kaio_bufqueue; /* (a) buffer job queue for process */ TAILQ_HEAD(,aiocblist) kaio_syncqueue; /* (a) queue for aio_fsync */ - struct task kaio_task; /* (*) task to kick aio threads */ + struct task kaio_task; /* (*) task to kick aio processes */ }; #define AIO_LOCK(ki) mtx_lock(&(ki)->kaio_mtx) @@ -319,7 +319,7 @@ struct aiocb_ops { int (*store_aiocb)(struct aiocb **ujobp, struct aiocb *ujob); }; -static TAILQ_HEAD(,aiothreadlist) aio_freeproc; /* (c) Idle daemons */ +static TAILQ_HEAD(,aioproc) aio_freeproc; /* (c) Idle daemons */ static struct sema aio_newproc_sem; static struct mtx aio_job_mtx; static TAILQ_HEAD(,aiocblist) aio_jobs; /* (c) Async job list */ @@ -357,7 +357,7 @@ static int filt_lio(struct knote *kn, long hint); /* * Zones for: * kaio Per process async io info - * aiop async io thread data + * aiop async io process data * aiocb async io jobs * aiol list io job pointer - internal to aio_suspend XXX * aiolio list io jobs @@ -483,7 +483,7 @@ aio_onceonly(void) aiod_unr = new_unrhdr(1, INT_MAX, NULL); kaio_zone = uma_zcreate("AIO", sizeof(struct kaioinfo), NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE); - aiop_zone = uma_zcreate("AIOP", sizeof(struct aiothreadlist), NULL, + aiop_zone = uma_zcreate("AIOP", sizeof(struct aioproc), NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE); aiocb_zone = uma_zcreate("AIOCB", sizeof(struct aiocblist), NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE); @@ -796,7 +796,7 @@ aio_proc_rundown(void *arg, struct proc *p) * Select a job to run (called by an AIO daemon). */ static struct aiocblist * -aio_selectjob(struct aiothreadlist *aiop) +aio_selectjob(struct aioproc *aiop) { struct aiocblist *aiocbe; struct kaioinfo *ki; @@ -1056,7 +1056,7 @@ static void aio_daemon(void *_id) { struct aiocblist *aiocbe; - struct aiothreadlist *aiop; + struct aioproc *aiop; struct kaioinfo *ki; struct proc *p, *userp; struct vmspace *myvm; @@ -1078,8 +1078,8 @@ aio_daemon(void *_id) * per daemon. */ aiop = uma_zalloc(aiop_zone, M_WAITOK); - aiop->aiothread = td; - aiop->aiothreadflags = 0; + aiop->aioproc = p; + aiop->aioprocflags = 0; /* * Wakeup parent process. (Parent sleeps to keep from blasting away @@ -1092,9 +1092,9 @@ aio_daemon(void *_id) /* * Take daemon off of free queue */ - if (aiop->aiothreadflags & AIOP_FREE) { + if (aiop->aioprocflags & AIOP_FREE) { TAILQ_REMOVE(&aio_freeproc, aiop, list); - aiop->aiothreadflags &= ~AIOP_FREE; + aiop->aioprocflags &= ~AIOP_FREE; } /* @@ -1155,15 +1155,15 @@ aio_daemon(void *_id) mtx_assert(&aio_job_mtx, MA_OWNED); TAILQ_INSERT_HEAD(&aio_freeproc, aiop, list); - aiop->aiothreadflags |= AIOP_FREE; + aiop->aioprocflags |= AIOP_FREE; /* * If daemon is inactive for a long time, allow it to exit, * thereby freeing resources. */ - if (msleep(aiop->aiothread, &aio_job_mtx, PRIBIO, "aiordy", + if (msleep(p, &aio_job_mtx, PRIBIO, "aiordy", aiod_lifetime) == EWOULDBLOCK && TAILQ_EMPTY(&aio_jobs) && - (aiop->aiothreadflags & AIOP_FREE) && + (aiop->aioprocflags & AIOP_FREE) && num_aio_procs > target_aio_procs) break; } @@ -1781,13 +1781,13 @@ static void aio_kick_nowait(struct proc *userp) { struct kaioinfo *ki = userp->p_aioinfo; - struct aiothreadlist *aiop; + struct aioproc *aiop; mtx_assert(&aio_job_mtx, MA_OWNED); if ((aiop = TAILQ_FIRST(&aio_freeproc)) != NULL) { TAILQ_REMOVE(&aio_freeproc, aiop, list); - aiop->aiothreadflags &= ~AIOP_FREE; - wakeup(aiop->aiothread); + aiop->aioprocflags &= ~AIOP_FREE; + wakeup(aiop->aioproc); } else if (((num_aio_resv_start + num_aio_procs) < max_aio_procs) && ((ki->kaio_active_count + num_aio_resv_start) < ki->kaio_maxactive_count)) { @@ -1799,15 +1799,15 @@ static int aio_kick(struct proc *userp) { struct kaioinfo *ki = userp->p_aioinfo; - struct aiothreadlist *aiop; + struct aioproc *aiop; int error, ret = 0; mtx_assert(&aio_job_mtx, MA_OWNED); retryproc: if ((aiop = TAILQ_FIRST(&aio_freeproc)) != NULL) { TAILQ_REMOVE(&aio_freeproc, aiop, list); - aiop->aiothreadflags &= ~AIOP_FREE; - wakeup(aiop->aiothread); + aiop->aioprocflags &= ~AIOP_FREE; + wakeup(aiop->aioproc); } else if (((num_aio_resv_start + num_aio_procs) < max_aio_procs) && ((ki->kaio_active_count + num_aio_resv_start) < ki->kaio_maxactive_count)) { From 405b75f94c029e8eadfff1e592289ae978735838 Mon Sep 17 00:00:00 2001 From: Gleb Smirnoff Date: Thu, 21 Jan 2016 07:54:05 +0000 Subject: [PATCH 024/154] Note that new ssh(1) doesn't allow to use DSA keys by default. --- UPDATING | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/UPDATING b/UPDATING index 1b98e40cbaf..75f003731ea 100644 --- a/UPDATING +++ b/UPDATING @@ -32,6 +32,10 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 11.x IS SLOW: "ln -s 'abort:false,junk:false' /etc/malloc.conf".) 20160119: + The default configuration of ssh(1) no longer allows to use ssh-dss + keys. To enable using them, add 'ssh-dss' to PubkeyAcceptedKeyTypes + option in the /etc/ssh/ssh_config. Refer to ssh_config(5) for more + information. The NONE and HPN patches has been removed from OpenSSH. They are still available in the security/openssh-portable port. From cbb26d1b6673ba1c6efd6e36a06fb6a56263b5fc Mon Sep 17 00:00:00 2001 From: Xin LI Date: Thu, 21 Jan 2016 08:50:56 +0000 Subject: [PATCH 025/154] Vendor import of ntp-4.2.8p6. --- ChangeLog | 38 +- CommitLog | 1020 +++++- NEWS | 253 ++ configure | 20 +- html/miscopt.html | 14 +- include/Makefile.am | 1 + include/Makefile.in | 1 + include/ntp.h | 7 +- include/ntp_io.h | 3 +- include/ntp_keyacc.h | 13 + include/ntp_stdlib.h | 5 +- include/ntp_types.h | 1 + include/ntp_worker.h | 53 +- include/parse.h | 6 +- libntp/Makefile.am | 1 + libntp/Makefile.in | 56 +- libntp/authkeys.c | 105 +- libntp/authreadkeys.c | 51 +- libntp/authusekey.c | 2 +- libntp/is_ip_address.c | 129 + libntp/ntp_worker.c | 27 + libntp/systime.c | 15 +- libntp/work_thread.c | 74 +- ntpd/invoke-ntp.conf.texi | 67 +- ntpd/invoke-ntp.keys.texi | 14 +- ntpd/invoke-ntpd.texi | 4 +- ntpd/keyword-gen-utd | 2 +- ntpd/keyword-gen.c | 3 + ntpd/ntp.conf.5man | 76 +- ntpd/ntp.conf.5mdoc | 77 +- ntpd/ntp.conf.def | 71 +- ntpd/ntp.conf.html | 62 +- ntpd/ntp.conf.man.in | 76 +- ntpd/ntp.conf.mdoc.in | 77 +- ntpd/ntp.keys.5man | 18 +- ntpd/ntp.keys.5mdoc | 18 +- ntpd/ntp.keys.def | 12 +- ntpd/ntp.keys.html | 14 +- ntpd/ntp.keys.man.in | 18 +- ntpd/ntp.keys.mdoc.in | 18 +- ntpd/ntp_config.c | 14 + ntpd/ntp_control.c | 221 +- ntpd/ntp_crypto.c | 2 +- ntpd/ntp_io.c | 367 +- ntpd/ntp_keyword.h | 971 ++--- ntpd/ntp_parser.c | 3241 +++++++++-------- ntpd/ntp_parser.h | 488 +-- ntpd/ntp_parser.y | 6 + ntpd/ntp_proto.c | 158 +- ntpd/ntp_request.c | 293 +- ntpd/ntp_scanner.c | 2 +- ntpd/ntp_timer.c | 17 +- ntpd/ntpd-opts.c | 20 +- ntpd/ntpd-opts.h | 8 +- ntpd/ntpd.1ntpdman | 8 +- ntpd/ntpd.1ntpdmdoc | 6 +- ntpd/ntpd.c | 58 +- ntpd/ntpd.html | 4 +- ntpd/ntpd.man.in | 8 +- ntpd/ntpd.mdoc.in | 6 +- ntpd/refclock_chu.c | 2 +- ntpd/refclock_gpsdjson.c | 28 +- ntpd/refclock_jjy.c | 87 +- ntpd/refclock_shm.c | 2 +- ntpdc/invoke-ntpdc.texi | 4 +- ntpdc/ntpdc-opts.c | 20 +- ntpdc/ntpdc-opts.h | 8 +- ntpdc/ntpdc.1ntpdcman | 8 +- ntpdc/ntpdc.1ntpdcmdoc | 6 +- ntpdc/ntpdc.c | 23 +- ntpdc/ntpdc.html | 4 +- ntpdc/ntpdc.man.in | 8 +- ntpdc/ntpdc.mdoc.in | 6 +- ntpq/invoke-ntpq.texi | 4 +- ntpq/ntpq-opts.c | 20 +- ntpq/ntpq-opts.h | 8 +- ntpq/ntpq-subs.c | 8 +- ntpq/ntpq.1ntpqman | 8 +- ntpq/ntpq.1ntpqmdoc | 6 +- ntpq/ntpq.c | 94 +- ntpq/ntpq.html | 4 +- ntpq/ntpq.man.in | 8 +- ntpq/ntpq.mdoc.in | 6 +- ntpsnmpd/invoke-ntpsnmpd.texi | 4 +- ntpsnmpd/ntpsnmpd-opts.c | 20 +- ntpsnmpd/ntpsnmpd-opts.h | 8 +- ntpsnmpd/ntpsnmpd.1ntpsnmpdman | 8 +- ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc | 6 +- ntpsnmpd/ntpsnmpd.html | 2 +- ntpsnmpd/ntpsnmpd.man.in | 8 +- ntpsnmpd/ntpsnmpd.mdoc.in | 6 +- packageinfo.sh | 2 +- .../calc_tickadj.1calc_tickadjman | 6 +- .../calc_tickadj.1calc_tickadjmdoc | 4 +- scripts/calc_tickadj/calc_tickadj.html | 2 +- scripts/calc_tickadj/calc_tickadj.man.in | 6 +- scripts/calc_tickadj/calc_tickadj.mdoc.in | 4 +- scripts/calc_tickadj/invoke-calc_tickadj.texi | 2 +- scripts/invoke-plot_summary.texi | 4 +- scripts/invoke-summary.texi | 4 +- scripts/ntp-wait/invoke-ntp-wait.texi | 4 +- scripts/ntp-wait/ntp-wait-opts | 4 +- scripts/ntp-wait/ntp-wait.1ntp-waitman | 6 +- scripts/ntp-wait/ntp-wait.1ntp-waitmdoc | 4 +- scripts/ntp-wait/ntp-wait.html | 4 +- scripts/ntp-wait/ntp-wait.man.in | 6 +- scripts/ntp-wait/ntp-wait.mdoc.in | 4 +- scripts/ntpsweep/invoke-ntpsweep.texi | 4 +- scripts/ntpsweep/ntpsweep-opts | 4 +- scripts/ntpsweep/ntpsweep.1ntpsweepman | 6 +- scripts/ntpsweep/ntpsweep.1ntpsweepmdoc | 4 +- scripts/ntpsweep/ntpsweep.html | 4 +- scripts/ntpsweep/ntpsweep.man.in | 6 +- scripts/ntpsweep/ntpsweep.mdoc.in | 4 +- scripts/ntptrace/invoke-ntptrace.texi | 4 +- scripts/ntptrace/ntptrace-opts | 4 +- scripts/ntptrace/ntptrace.1ntptraceman | 6 +- scripts/ntptrace/ntptrace.1ntptracemdoc | 4 +- scripts/ntptrace/ntptrace.html | 4 +- scripts/ntptrace/ntptrace.man.in | 6 +- scripts/ntptrace/ntptrace.mdoc.in | 4 +- scripts/plot_summary-opts | 4 +- scripts/plot_summary.1plot_summaryman | 6 +- scripts/plot_summary.1plot_summarymdoc | 4 +- scripts/plot_summary.html | 4 +- scripts/plot_summary.man.in | 6 +- scripts/plot_summary.mdoc.in | 4 +- scripts/summary-opts | 4 +- scripts/summary.1summaryman | 6 +- scripts/summary.1summarymdoc | 4 +- scripts/summary.html | 4 +- scripts/summary.man.in | 6 +- scripts/summary.mdoc.in | 4 +- scripts/update-leap/invoke-update-leap.texi | 2 +- scripts/update-leap/update-leap-opts | 4 +- .../update-leap/update-leap.1update-leapman | 6 +- .../update-leap/update-leap.1update-leapmdoc | 4 +- scripts/update-leap/update-leap.html | 2 +- scripts/update-leap/update-leap.man.in | 6 +- scripts/update-leap/update-leap.mdoc.in | 4 +- sntp/configure | 20 +- sntp/crypto.c | 25 +- sntp/crypto.h | 20 +- sntp/include/copyright.def | 2 +- sntp/include/version.def | 2 +- sntp/include/version.texi | 6 +- sntp/invoke-sntp.texi | 4 +- sntp/libopts/configfile.c | 44 +- sntp/libopts/enum.c | 10 +- sntp/libopts/find.c | 2 +- sntp/libopts/init.c | 5 +- sntp/libopts/load.c | 2 +- sntp/libopts/makeshell.c | 6 +- sntp/libopts/nested.c | 4 +- sntp/libopts/parse-duration.c | 10 +- sntp/libopts/reset.c | 2 +- sntp/libopts/save.c | 4 +- sntp/libopts/tokenize.c | 2 +- sntp/m4/version.m4 | 2 +- sntp/main.c | 2 +- sntp/networking.c | 2 +- sntp/sntp-opts.c | 20 +- sntp/sntp-opts.h | 8 +- sntp/sntp.1sntpman | 8 +- sntp/sntp.1sntpmdoc | 6 +- sntp/sntp.html | 4 +- sntp/sntp.man.in | 8 +- sntp/sntp.mdoc.in | 6 +- sntp/tests/crypto.c | 68 +- sntp/tests/fileHandlingTest.c | 63 +- sntp/tests/fileHandlingTest.h.in | 21 +- sntp/tests/keyFile.c | 112 +- sntp/tests/packetHandling.c | 139 +- sntp/tests/packetProcessing.c | 230 +- sntp/tests/run-packetProcessing.c | 36 +- sntp/unity/unity_internals.h | 2 +- sntp/version.c | 2 +- tests/libntp/authkeys.c | 40 +- tests/libntp/decodenetnum.c | 56 +- tests/libntp/run-authkeys.c | 15 +- tests/libntp/run-decodenetnum.c | 8 +- tests/libntp/run-socktoa.c | 10 +- tests/libntp/socktoa.c | 40 +- tests/ntpd/t-ntp_signd.c | 4 + util/invoke-ntp-keygen.texi | 4 +- util/ntp-keygen-opts.c | 20 +- util/ntp-keygen-opts.h | 8 +- util/ntp-keygen.1ntp-keygenman | 8 +- util/ntp-keygen.1ntp-keygenmdoc | 6 +- util/ntp-keygen.html | 4 +- util/ntp-keygen.man.in | 8 +- util/ntp-keygen.mdoc.in | 6 +- 192 files changed, 6667 insertions(+), 3547 deletions(-) create mode 100644 include/ntp_keyacc.h create mode 100644 libntp/is_ip_address.c diff --git a/ChangeLog b/ChangeLog index 304bd85ab7d..cfe4aa1862e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,37 @@ +--- +(4.2.8p6) 2016/01/20 Released by Harlan Stenn + +* [Sec 2935] Deja Vu: Replay attack on authenticated broadcast mode. HStenn. +* [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. +* [Sec 2937] ntpq: nextvar() missing length check. perlinger@ntp.org +* [Sec 2938] ntpq saveconfig command allows dangerous characters + in filenames. perlinger@ntp.org +* [Sec 2939] reslist NULL pointer dereference. perlinger@ntp.org +* [Sec 2940] Stack exhaustion in recursive traversal of restriction + list. perlinger@ntp.org +* [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. +* [Sec 2945] Zero Origin Timestamp Bypass. perlinger@ntp.org +* [Sec 2948] Potential Infinite Loop in ntpq ( and ntpdc) perlinger@ntp.org +* [Bug 2772] adj_systime overflows tv_usec. perlinger@ntp.org +* [Bug 2814] msyslog deadlock when signaled. perlinger@ntp.org + - applied patch by shenpeng11@huawei.com with minor adjustments +* [Bug 2882] Look at ntp_request.c:list_peers_sum(). perlinger@ntp.org +* [Bug 2891] Deadlock in deferred DNS lookup framework. perlinger@ntp.org +* [Bug 2892] Several test cases assume IPv6 capabilities even when + IPv6 is disabled in the build. perlinger@ntp.org + - Found this already fixed, but validation led to cleanup actions. +* [Bug 2905] DNS lookups broken. perlinger@ntp.org + - added limits to stack consumption, fixed some return code handling +* [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call + - changed stacked/nested handling of CTRL-C. perlinger@ntp.org + - make CTRL-C work for retrieval and printing od MRU list. perlinger@ntp.org +* [Bug 2980] reduce number of warnings. perlinger@ntp.org + - integrated several patches from Havard Eidnes (he@uninett.no) +* [Bug 2985] bogus calculation in authkeys.c perlinger@ntp.org + - implement 'auth_log2()' using integer bithack instead of float calculation +* Make leapsec_query debug messages less verbose. Harlan Stenn. +* Disable incomplete t-ntp_signd.c test. Harlan Stenn. + --- (4.2.8p5) 2016/01/07 Released by Harlan Stenn @@ -47,6 +81,7 @@ lots of clients. perlinger@ntp.org * [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call - changed stacked/nested handling of CTRL-C. perlinger@ntp.org + - make CTRL-C work for retrieval and printing od MRU list. perlinger@ntp.org * Unity cleanup for FreeBSD-6.4. Harlan Stenn. * Unity test cleanup. Harlan Stenn. * Libevent autoconf pthread fixes for FreeBSD-10. Harlan Stenn. @@ -55,9 +90,8 @@ * Quiet a warning from clang. Harlan Stenn. * Update the NEWS file. Harlan Stenn. * Update scripts/calc_tickadj/Makefile.am. Harlan Stenn. + --- -(4.2.8p4) 2015/10/21 Released by Harlan Stenn -(4.2.8p4-RC1) 2015/10/06 Released by Harlan Stenn * [Sec 2899] CVE-2014-9297 perlinger@ntp.org * [Sec 2901] Drop invalid packet before checking KoD. Check for all KoD's. diff --git a/CommitLog b/CommitLog index 9caeaa2a611..26afcc511b1 100644 --- a/CommitLog +++ b/CommitLog @@ -1,8 +1,633 @@ -ChangeSet@1.3623, 2016-01-07 23:33:11+00:00, stenn@deacon.udel.edu +ChangeSet@1.3628, 2016-01-20 04:20:12-05:00, stenn@deacon.udel.edu + NTP_4_2_8P6 + TAG: NTP_4_2_8P6 + + ChangeLog@1.1793 +1 -0 + NTP_4_2_8P6 + + ntpd/invoke-ntp.conf.texi@1.196 +1 -1 + NTP_4_2_8P6 + + ntpd/invoke-ntp.keys.texi@1.188 +1 -1 + NTP_4_2_8P6 + + ntpd/invoke-ntpd.texi@1.504 +2 -2 + NTP_4_2_8P6 + + ntpd/ntp.conf.5man@1.230 +3 -3 + NTP_4_2_8P6 + + ntpd/ntp.conf.5mdoc@1.230 +2 -3 + NTP_4_2_8P6 + + ntpd/ntp.conf.html@1.183 +60 -2 + NTP_4_2_8P6 + + ntpd/ntp.conf.man.in@1.230 +3 -3 + NTP_4_2_8P6 + + ntpd/ntp.conf.mdoc.in@1.230 +2 -3 + NTP_4_2_8P6 + + ntpd/ntp.keys.5man@1.222 +2 -2 + NTP_4_2_8P6 + + ntpd/ntp.keys.5mdoc@1.222 +3 -3 + NTP_4_2_8P6 + + ntpd/ntp.keys.html@1.184 +21 -33 + NTP_4_2_8P6 + + ntpd/ntp.keys.man.in@1.222 +2 -2 + NTP_4_2_8P6 + + ntpd/ntp.keys.mdoc.in@1.222 +3 -3 + NTP_4_2_8P6 + + ntpd/ntpd-opts.c@1.526 +10 -10 + NTP_4_2_8P6 + + ntpd/ntpd-opts.h@1.525 +4 -4 + NTP_4_2_8P6 + + ntpd/ntpd.1ntpdman@1.333 +4 -4 + NTP_4_2_8P6 + + ntpd/ntpd.1ntpdmdoc@1.333 +3 -3 + NTP_4_2_8P6 + + ntpd/ntpd.html@1.177 +2 -2 + NTP_4_2_8P6 + + ntpd/ntpd.man.in@1.333 +4 -4 + NTP_4_2_8P6 + + ntpd/ntpd.mdoc.in@1.333 +3 -3 + NTP_4_2_8P6 + + ntpdc/invoke-ntpdc.texi@1.501 +2 -2 + NTP_4_2_8P6 + + ntpdc/ntpdc-opts.c@1.519 +10 -10 + NTP_4_2_8P6 + + ntpdc/ntpdc-opts.h@1.518 +4 -4 + NTP_4_2_8P6 + + ntpdc/ntpdc.1ntpdcman@1.332 +4 -4 + NTP_4_2_8P6 + + ntpdc/ntpdc.1ntpdcmdoc@1.332 +3 -3 + NTP_4_2_8P6 + + ntpdc/ntpdc.html@1.345 +2 -2 + NTP_4_2_8P6 + + ntpdc/ntpdc.man.in@1.332 +4 -4 + NTP_4_2_8P6 + + ntpdc/ntpdc.mdoc.in@1.332 +3 -3 + NTP_4_2_8P6 + + ntpq/invoke-ntpq.texi@1.508 +2 -2 + NTP_4_2_8P6 + + ntpq/ntpq-opts.c@1.525 +10 -10 + NTP_4_2_8P6 + + ntpq/ntpq-opts.h@1.523 +4 -4 + NTP_4_2_8P6 + + ntpq/ntpq.1ntpqman@1.336 +4 -4 + NTP_4_2_8P6 + + ntpq/ntpq.1ntpqmdoc@1.336 +3 -3 + NTP_4_2_8P6 + + ntpq/ntpq.html@1.174 +2 -2 + NTP_4_2_8P6 + + ntpq/ntpq.man.in@1.336 +4 -4 + NTP_4_2_8P6 + + ntpq/ntpq.mdoc.in@1.336 +3 -3 + NTP_4_2_8P6 + + ntpsnmpd/invoke-ntpsnmpd.texi@1.503 +2 -2 + NTP_4_2_8P6 + + ntpsnmpd/ntpsnmpd-opts.c@1.521 +10 -10 + NTP_4_2_8P6 + + ntpsnmpd/ntpsnmpd-opts.h@1.520 +4 -4 + NTP_4_2_8P6 + + ntpsnmpd/ntpsnmpd.1ntpsnmpdman@1.332 +4 -4 + NTP_4_2_8P6 + + ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc@1.332 +3 -3 + NTP_4_2_8P6 + + ntpsnmpd/ntpsnmpd.html@1.172 +1 -1 + NTP_4_2_8P6 + + ntpsnmpd/ntpsnmpd.man.in@1.332 +4 -4 + NTP_4_2_8P6 + + ntpsnmpd/ntpsnmpd.mdoc.in@1.332 +3 -3 + NTP_4_2_8P6 + + packageinfo.sh@1.524 +2 -2 + NTP_4_2_8P6 + + scripts/calc_tickadj/calc_tickadj.1calc_tickadjman@1.93 +3 -3 + NTP_4_2_8P6 + + scripts/calc_tickadj/calc_tickadj.1calc_tickadjmdoc@1.94 +2 -2 + NTP_4_2_8P6 + + scripts/calc_tickadj/calc_tickadj.html@1.95 +1 -1 + NTP_4_2_8P6 + + scripts/calc_tickadj/calc_tickadj.man.in@1.92 +3 -3 + NTP_4_2_8P6 + + scripts/calc_tickadj/calc_tickadj.mdoc.in@1.94 +2 -2 + NTP_4_2_8P6 + + scripts/calc_tickadj/invoke-calc_tickadj.texi@1.97 +1 -1 + NTP_4_2_8P6 + + scripts/invoke-plot_summary.texi@1.114 +2 -2 + NTP_4_2_8P6 + + scripts/invoke-summary.texi@1.114 +2 -2 + NTP_4_2_8P6 + + scripts/ntp-wait/invoke-ntp-wait.texi@1.324 +2 -2 + NTP_4_2_8P6 + + scripts/ntp-wait/ntp-wait-opts@1.60 +2 -2 + NTP_4_2_8P6 + + scripts/ntp-wait/ntp-wait.1ntp-waitman@1.321 +3 -3 + NTP_4_2_8P6 + + scripts/ntp-wait/ntp-wait.1ntp-waitmdoc@1.322 +2 -2 + NTP_4_2_8P6 + + scripts/ntp-wait/ntp-wait.html@1.341 +2 -2 + NTP_4_2_8P6 + + scripts/ntp-wait/ntp-wait.man.in@1.321 +3 -3 + NTP_4_2_8P6 + + scripts/ntp-wait/ntp-wait.mdoc.in@1.322 +2 -2 + NTP_4_2_8P6 + + scripts/ntpsweep/invoke-ntpsweep.texi@1.112 +2 -2 + NTP_4_2_8P6 + + scripts/ntpsweep/ntpsweep-opts@1.62 +2 -2 + NTP_4_2_8P6 + + scripts/ntpsweep/ntpsweep.1ntpsweepman@1.100 +3 -3 + NTP_4_2_8P6 + + scripts/ntpsweep/ntpsweep.1ntpsweepmdoc@1.100 +2 -2 + NTP_4_2_8P6 + + scripts/ntpsweep/ntpsweep.html@1.113 +2 -2 + NTP_4_2_8P6 + + scripts/ntpsweep/ntpsweep.man.in@1.100 +3 -3 + NTP_4_2_8P6 + + scripts/ntpsweep/ntpsweep.mdoc.in@1.101 +2 -2 + NTP_4_2_8P6 + + scripts/ntptrace/invoke-ntptrace.texi@1.113 +2 -2 + NTP_4_2_8P6 + + scripts/ntptrace/ntptrace-opts@1.62 +2 -2 + NTP_4_2_8P6 + + scripts/ntptrace/ntptrace.1ntptraceman@1.100 +3 -3 + NTP_4_2_8P6 + + scripts/ntptrace/ntptrace.1ntptracemdoc@1.101 +2 -2 + NTP_4_2_8P6 + + scripts/ntptrace/ntptrace.html@1.114 +2 -2 + NTP_4_2_8P6 + + scripts/ntptrace/ntptrace.man.in@1.100 +3 -3 + NTP_4_2_8P6 + + scripts/ntptrace/ntptrace.mdoc.in@1.102 +2 -2 + NTP_4_2_8P6 + + scripts/plot_summary-opts@1.62 +2 -2 + NTP_4_2_8P6 + + scripts/plot_summary.1plot_summaryman@1.112 +3 -3 + NTP_4_2_8P6 + + scripts/plot_summary.1plot_summarymdoc@1.112 +2 -2 + NTP_4_2_8P6 + + scripts/plot_summary.html@1.115 +2 -2 + NTP_4_2_8P6 + + scripts/plot_summary.man.in@1.112 +3 -3 + NTP_4_2_8P6 + + scripts/plot_summary.mdoc.in@1.112 +2 -2 + NTP_4_2_8P6 + + scripts/summary-opts@1.62 +2 -2 + NTP_4_2_8P6 + + scripts/summary.1summaryman@1.112 +3 -3 + NTP_4_2_8P6 + + scripts/summary.1summarymdoc@1.112 +2 -2 + NTP_4_2_8P6 + + scripts/summary.html@1.115 +2 -2 + NTP_4_2_8P6 + + scripts/summary.man.in@1.112 +3 -3 + NTP_4_2_8P6 + + scripts/summary.mdoc.in@1.112 +2 -2 + NTP_4_2_8P6 + + scripts/update-leap/invoke-update-leap.texi@1.13 +1 -1 + NTP_4_2_8P6 + + scripts/update-leap/update-leap-opts@1.13 +2 -2 + NTP_4_2_8P6 + + scripts/update-leap/update-leap.1update-leapman@1.13 +3 -3 + NTP_4_2_8P6 + + scripts/update-leap/update-leap.1update-leapmdoc@1.13 +2 -2 + NTP_4_2_8P6 + + scripts/update-leap/update-leap.html@1.13 +1 -1 + NTP_4_2_8P6 + + scripts/update-leap/update-leap.man.in@1.13 +3 -3 + NTP_4_2_8P6 + + scripts/update-leap/update-leap.mdoc.in@1.13 +2 -2 + NTP_4_2_8P6 + + sntp/invoke-sntp.texi@1.501 +2 -2 + NTP_4_2_8P6 + + sntp/sntp-opts.c@1.520 +10 -10 + NTP_4_2_8P6 + + sntp/sntp-opts.h@1.518 +4 -4 + NTP_4_2_8P6 + + sntp/sntp.1sntpman@1.336 +4 -4 + NTP_4_2_8P6 + + sntp/sntp.1sntpmdoc@1.336 +3 -3 + NTP_4_2_8P6 + + sntp/sntp.html@1.516 +2 -2 + NTP_4_2_8P6 + + sntp/sntp.man.in@1.336 +4 -4 + NTP_4_2_8P6 + + sntp/sntp.mdoc.in@1.336 +3 -3 + NTP_4_2_8P6 + + util/invoke-ntp-keygen.texi@1.504 +2 -2 + NTP_4_2_8P6 + + util/ntp-keygen-opts.c@1.522 +10 -10 + NTP_4_2_8P6 + + util/ntp-keygen-opts.h@1.520 +4 -4 + NTP_4_2_8P6 + + util/ntp-keygen.1ntp-keygenman@1.332 +4 -4 + NTP_4_2_8P6 + + util/ntp-keygen.1ntp-keygenmdoc@1.332 +3 -3 + NTP_4_2_8P6 + + util/ntp-keygen.html@1.178 +2 -2 + NTP_4_2_8P6 + + util/ntp-keygen.man.in@1.332 +4 -4 + NTP_4_2_8P6 + + util/ntp-keygen.mdoc.in@1.332 +3 -3 + NTP_4_2_8P6 + +ChangeSet@1.3627, 2016-01-20 04:14:51-05:00, stenn@deacon.udel.edu + solaris hack + + libntp/work_thread.c@1.20 +2 -0 + solaris hack + +ChangeSet@1.3626, 2016-01-20 01:50:09-05:00, stenn@deacon.udel.edu + 4.2.8p6 + + packageinfo.sh@1.523 +1 -1 + 4.2.8p6 + +ChangeSet@1.3625, 2016-01-20 00:34:15+00:00, stenn@psp-deb1.ntp.org + updates + + NEWS@1.160 +24 -24 + updates + +ChangeSet@1.3624, 2016-01-19 22:28:41+00:00, stenn@psp-deb1.ntp.org + typo + + NEWS@1.159 +1 -1 + typo + +ChangeSet@1.3623, 2016-01-18 11:55:56+00:00, stenn@psp-deb1.ntp.org + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + ChangeLog@1.1792 +1 -0 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + NEWS@1.158 +40 -0 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + include/Makefile.am@1.54 +1 -0 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + include/ntp_io.h@1.23 +2 -1 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + include/ntp_keyacc.h@1.1 +13 -0 + BitKeeper file /home/stenn/ntp-stable-2936/include/ntp_keyacc.h + + include/ntp_keyacc.h@1.0 +0 -0 + + include/ntp_stdlib.h@1.81 +4 -1 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + include/ntp_types.h@1.36 +1 -0 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + libntp/Makefile.am@1.77 +1 -0 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + libntp/authkeys.c@1.31 +60 -6 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + libntp/authreadkeys.c@1.25 +50 -1 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + libntp/authusekey.c@1.11 +1 -1 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + libntp/is_ip_address.c@1.1 +129 -0 + BitKeeper file /home/stenn/ntp-stable-2936/libntp/is_ip_address.c + + libntp/is_ip_address.c@1.0 +0 -0 + + ntpd/invoke-ntp.keys.texi@1.187 +11 -3 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + ntpd/ntp.keys.5man@1.221 +13 -5 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + ntpd/ntp.keys.5mdoc@1.221 +14 -6 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + ntpd/ntp.keys.def@1.11 +10 -2 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + ntpd/ntp.keys.html@1.183 +42 -22 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + ntpd/ntp.keys.man.in@1.221 +13 -5 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + ntpd/ntp.keys.mdoc.in@1.221 +14 -6 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + ntpd/ntp_crypto.c@1.186 +1 -1 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + ntpd/ntp_io.c@1.412 +0 -72 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + ntpd/ntp_proto.c@1.373 +34 -0 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + + tests/libntp/authkeys.c@1.15 +1 -1 + [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. + +ChangeSet@1.3622, 2016-01-17 09:03:57+00:00, stenn@psp-deb1.ntp.org + Disable incomplete t-ntp_signd.c test. Harlan Stenn. + + ChangeLog@1.1791 +1 -0 + Disable incomplete t-ntp_signd.c test. Harlan Stenn. + + tests/ntpd/t-ntp_signd.c@1.16 +4 -0 + Disable incomplete t-ntp_signd.c test. Harlan Stenn. + +ChangeSet@1.3621, 2016-01-17 05:51:14+00:00, stenn@psp-deb1.ntp.org + Update NEWS file for 2942 + + NEWS@1.157 +22 -0 + Update NEWS file for 2942 + +ChangeSet@1.3615.13.1, 2016-01-17 05:07:22+00:00, stenn@psp-deb1.ntp.org + [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. + + ChangeLog@1.1786.13.1 +4 -0 + [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. + + html/miscopt.html@1.85 +11 -3 + [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. + + include/ntp.h@1.213.1.1 +3 -0 + [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. + + ntpd/invoke-ntp.conf.texi@1.195 +64 -3 + [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. + + ntpd/keyword-gen-utd@1.27 +1 -1 + [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. + + ntpd/keyword-gen.c@1.33 +3 -0 + [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. + + ntpd/ntp.conf.5man@1.229 +71 -7 + [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. + + ntpd/ntp.conf.5mdoc@1.229 +71 -7 + [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. + + ntpd/ntp.conf.def@1.21 +67 -4 + [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. + + ntpd/ntp.conf.man.in@1.229 +71 -7 + [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. + + ntpd/ntp.conf.mdoc.in@1.229 +71 -7 + [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. + + ntpd/ntp_config.c@1.335.1.1 +12 -0 + [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. + + ntpd/ntp_keyword.h@1.29 +505 -468 + [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. + + ntpd/ntp_parser.c@1.101 +1762 -1513 + [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. + + ntpd/ntp_parser.h@1.65 +257 -235 + [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. + + ntpd/ntp_parser.y@1.91 +6 -0 + [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. + + ntpd/ntp_proto.c@1.368.2.1 +40 -4 + [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. + +ChangeSet@1.3619, 2016-01-14 12:19:16+00:00, stenn@psp-at1.ntp.org + NEWS file updates + + NEWS@1.156 +21 -0 + NEWS file updates + +ChangeSet@1.3615.1.9, 2016-01-14 11:33:43+00:00, stenn@psp-at1.ntp.org + merge cleanup + + ChangeLog@1.1786.1.9 +3 -0 + merge cleanup + +ChangeSet@1.3615.1.5, 2016-01-14 10:44:13+00:00, stenn@psp-at1.ntp.org + merge cleanup + + ChangeLog@1.1786.1.5 +0 -1 + merge cleanup + +ChangeSet@1.3615.12.4, 2016-01-14 10:27:23+00:00, stenn@psp-at1.ntp.org + merge cleanup + + ChangeLog@1.1786.12.4 +1 -1 + merge cleanup + +ChangeSet@1.3615.12.2, 2016-01-14 09:49:52+00:00, stenn@psp-at1.ntp.org + merge cleanup + + ChangeLog@1.1786.12.2 +2 -2 + merge cleanup + +ChangeSet@1.3615.3.17, 2016-01-14 09:33:56+00:00, stenn@psp-at1.ntp.org + merge cleanup + + ChangeLog@1.1786.3.14 +1 -1 + merge cleanup + +ChangeSet@1.3615.3.14, 2016-01-14 07:36:57+00:00, stenn@psp-at1.ntp.org + NEWS update + + NEWS@1.155 +98 -7 + NEWS update + +ChangeSet@1.3615.3.12, 2016-01-13 08:07:30+00:00, stenn@psp-deb1.ntp.org + typo + + ChangeLog@1.1786.3.10 +1 -1 + typo + +ChangeSet@1.3615.3.10, 2016-01-13 06:08:29+00:00, stenn@psp-deb1.ntp.org + Update NEWS file for bug 2938 + + NEWS@1.154 +29 -2 + Update NEWS file for bug 2938 + +ChangeSet@1.3615.3.8, 2016-01-13 04:23:46+00:00, stenn@psp-deb1.ntp.org + Update NEWS file for bug 2935 + + NEWS@1.153 +52 -0 + Update NEWS file for bug 2935 + +ChangeSet@1.3615.7.12, 2016-01-12 09:53:06+00:00, stenn@psp-at1.ntp.org + [Sec 2935] use L_SUB instead of L_ISGT. Juergen Perlinger + + ntpd/ntp_proto.c@1.368.1.5 +4 -1 + [Sec 2935] use L_SUB instead of L_ISGT. Juergen Perlinger + +ChangeSet@1.3615.7.11, 2016-01-11 03:02:53-08:00, harlan@max.pfcs.com + [Sec 2935] Deja Vu: Replay attack on authenticated broadcast mode. + + ChangeLog@1.1786.9.1 +4 -0 + [Sec 2935] Deja Vu: Replay attack on authenticated broadcast mode. + + include/ntp.h@1.215 +1 -0 + [Sec 2935] Deja Vu: Replay attack on authenticated broadcast mode. + + ntpd/ntp_proto.c@1.368.1.4 +67 -0 + [Sec 2935] Deja Vu: Replay attack on authenticated broadcast mode. + +ChangeSet@1.3615.7.10, 2016-01-11 02:44:25-08:00, harlan@max.pfcs.com + make leapsec_query messages less verbose. + + ntpd/ntp_timer.c@1.93.1.1 +6 -4 + make leapsec_query messages less verbose. + +ChangeSet@1.3615.9.1, 2016-01-11 10:26:12+01:00, jnperlin@hydra.localnet + [Bug 2985] bogus calculation in authkeys.c + - implement 'auth_log2()' using integer bithack instead of float calculation + + ChangeLog@1.1786.7.5 +2 -0 + [Bug 2985] bogus calculation in authkeys.c + - implement 'auth_log2()' using integer bithack instead of float calculation + + libntp/authkeys.c@1.30 +33 -10 + [Bug 2985] bogus calculation in authkeys.c + - implement 'auth_log2()' using integer bithack instead of float calculation + + tests/libntp/authkeys.c@1.14 +38 -0 + [Bug 2985] bogus calculation in authkeys.c + - test bithack implementation of 'auth_log2()' + + tests/libntp/run-authkeys.c@1.12 +9 -6 + [Bug 2985] bogus calculation in authkeys.c + - update auto-generated file + +ChangeSet@1.3615.7.9, 2016-01-09 09:52:44+00:00, stenn@psp-at1.ntp.org + Add timelastrec to the peer structure + + include/ntp.h@1.214 +2 -1 + Add timelastrec to the peer structure + +ChangeSet@1.3615.3.6, 2016-01-08 10:00:03+00:00, stenn@psp-at1.ntp.org + 4.2.8p5 merge cleanup + + ChangeLog@1.1786.3.6 +1 -1 + 4.2.8p5 merge cleanup + +ChangeSet@1.3615.7.8, 2016-01-08 00:26:09+00:00, stenn@deacon.udel.edu + Update copyright year + + sntp/include/copyright.def@1.26 +1 -1 + Update copyright year + +ChangeSet@1.3615.7.7, 2016-01-07 23:33:11+00:00, stenn@deacon.udel.edu NTP_4_2_8P5 TAG: NTP_4_2_8P5 - ChangeLog@1.1791 +1 -0 + ChangeLog@1.1786.7.4 +1 -0 NTP_4_2_8P5 ntpd/invoke-ntp.conf.texi@1.194 +1 -1 @@ -332,60 +957,349 @@ ChangeSet@1.3623, 2016-01-07 23:33:11+00:00, stenn@deacon.udel.edu util/ntp-keygen.mdoc.in@1.331 +2 -2 NTP_4_2_8P5 -ChangeSet@1.3622, 2016-01-07 17:52:24-05:00, stenn@deacon.udel.edu +ChangeSet@1.3615.7.6, 2016-01-07 17:52:24-05:00, stenn@deacon.udel.edu ntp-4.2.8p5 packageinfo.sh@1.521 +1 -1 ntp-4.2.8p5 -ChangeSet@1.3621, 2016-01-07 22:20:05+00:00, stenn@psp-at1.ntp.org +ChangeSet@1.3615.7.5, 2016-01-07 22:20:05+00:00, stenn@psp-at1.ntp.org cleanup NEWS@1.152 +2 -2 cleanup -ChangeSet@1.3620, 2016-01-07 09:33:11+00:00, stenn@psp-at1.ntp.org +ChangeSet@1.3615.7.4, 2016-01-07 09:33:11+00:00, stenn@psp-at1.ntp.org typo in ntp_proto.c - leap smear. Reported by Martin Burnicki - ntpd/ntp_proto.c@1.371 +1 -1 + ntpd/ntp_proto.c@1.368.1.3 +1 -1 typo in ntp_proto.c - leap smear. Reported by Martin Burnicki -ChangeSet@1.3619, 2016-01-07 06:33:08+00:00, stenn@psp-at1.ntp.org +ChangeSet@1.3615.7.3, 2016-01-07 06:33:08+00:00, stenn@psp-at1.ntp.org Update scripts/calc_tickadj/Makefile.am. Harlan Stenn. - ChangeLog@1.1790 +1 -0 + ChangeLog@1.1786.7.3 +1 -0 Update scripts/calc_tickadj/Makefile.am. Harlan Stenn. scripts/calc_tickadj/Makefile.am@1.11 +2 -0 Update scripts/calc_tickadj/Makefile.am. Harlan Stenn. -ChangeSet@1.3616.1.1, 2016-01-05 10:57:45+00:00, stenn@psp-at1.ntp.org +ChangeSet@1.3615.3.2, 2016-01-05 12:34:56+00:00, stenn@psp-at1.ntp.org + ntp-4.2.8p6 + + ChangeLog@1.1786.3.2 +2 -0 + ntp-4.2.8p6 + +ChangeSet@1.3615.8.1, 2016-01-05 10:57:45+00:00, stenn@psp-at1.ntp.org Bug 2952 fixes - ChangeLog@1.1787.1.1 +1 -0 + ChangeLog@1.1786.8.1 +1 -0 Bug 2952 fixes - ntpd/ntp_proto.c@1.370 +165 -152 + ntpd/ntp_proto.c@1.368.1.2 +165 -152 Bug 2952 fixes -ChangeSet@1.3617, 2016-01-05 09:56:31+00:00, stenn@psp-at1.ntp.org +ChangeSet@1.3615.7.1, 2016-01-05 09:56:31+00:00, stenn@psp-at1.ntp.org ntp-4.2.8p5 prep - ChangeLog@1.1788 +2 -1 + ChangeLog@1.1786.7.1 +2 -1 ntp-4.2.8p5 prep NEWS@1.151 +104 -3 ntp-4.2.8p5 prep -ChangeSet@1.3616, 2015-12-06 11:20:02+00:00, stenn@psp-deb1.ntp.org +ChangeSet@1.3615.5.1, 2015-12-13 13:35:12+01:00, jnperlin@hydra.localnet + [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build + Found this already fixed, but validation lead to further cleanup: + - source code formatting + - inline variable definitions moved to start of block + - made some pure input data pointers 'const void*' instead of 'char*'; avoids casts and warnings + + ChangeLog@1.1786.5.1 +3 -0 + [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build + + sntp/crypto.c@1.19 +13 -12 + [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build + - sidekick: make pure input pointers 'const void*' instead of 'char*' + - sidekick: remove unnecessary casts + + sntp/crypto.h@1.11 +11 -9 + [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build + - sidekick: make pure input pointers 'const void*' instead of 'char*' + - source formatting + + sntp/main.c@1.99 +1 -1 + [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build + - no need to cast input to 'make_mac()' any more + + sntp/networking.c@1.68 +1 -1 + [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build + - no need to cast input to 'auth_md5()' any more + + sntp/tests/crypto.c@1.10 +41 -27 + [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build + - remove unnecessary casts + - source code formatting + + sntp/tests/fileHandlingTest.c@1.4 +43 -20 + [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build + - create 'DestroyPath()' companion to 'CreatePath()' to avoid trouble with 'free()' on 'const char*' + + sntp/tests/fileHandlingTest.h.in@1.15 +6 -15 + [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build + - create 'DestroyPath()' companion to 'CreatePath()' to avoid trouble with 'free()' on 'const char*' + + sntp/tests/keyFile.c@1.13 +66 -46 + [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build + - use 'DestroyPath()' avoid trouble with 'free()' on 'const char*' + - printf() combined + - source code formatting + - move variable declarations to front + + sntp/tests/packetHandling.c@1.6 +75 -64 + [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build + - move variable declarations to front + - source code formatting + + sntp/tests/packetProcessing.c@1.9 +124 -90 + [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build + - move variable declarations to front + - source code formatting + - drop unnecessary casts + + sntp/tests/run-packetProcessing.c@1.10 +18 -18 + [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build + + sntp/unity/unity_internals.h@1.6 +1 -1 + [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build + - added missing 'const' in pointer casts + + tests/libntp/decodenetnum.c@1.11 +33 -23 + [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build + - source code formatting + cleanup + + tests/libntp/run-decodenetnum.c@1.11 +4 -4 + [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build + + tests/libntp/run-socktoa.c@1.14 +5 -5 + [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build + + tests/libntp/socktoa.c@1.12 +23 -17 + [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build + - source code formatting + cleanup + +ChangeSet@1.3615.4.1, 2015-12-11 18:24:16+01:00, jnperlin@hydra.localnet + [Bug 2882] Look at ntp_request.c:list_peers_sum() + + ChangeLog@1.1786.4.1 +1 -0 + [Bug 2882] Look at ntp_request.c:list_peers_sum() + + ntpd/ntp_request.c@1.116 +57 -72 + [Bug 2882] Look at ntp_request.c:list_peers_sum() + - 'list_peers()' and 'list_peers_sum()' skip IPv6 entires if client does not support them, + but continue processing until end of list now. + +ChangeSet@1.3615.1.3, 2015-12-09 18:23:31+01:00, jnperlin@hydra.localnet + [Bug 2891] Deadlock in deferred DNS lookup framework. + + ChangeLog@1.1786.1.3 +1 -0 + [Bug 2891] Deadlock in deferred DNS lookup framework. + + include/ntp_worker.h@1.5 +31 -22 + [Bug 2891] Deadlock in deferred DNS lookup framework. + - provide signal-safe result-ready detection + + libntp/ntp_worker.c@1.7 +27 -0 + [Bug 2891] Deadlock in deferred DNS lookup framework. + - support signal-safe result-ready detection + - provide function to harvest async results from mainloop + + ntpd/ntp_io.c@1.409.1.1 +160 -133 + [Bug 2891] Deadlock in deferred DNS lookup framework. + - do not process async-resolver results from signal handler + - set notification tags to harvest asyn-resolver results from mainloop + - avoid double select for synchronous IO + - avoid several syslog calls in signal-handler context + - refactor / conditionalize some functions that cannot be used in signal-driven IO + + ntpd/ntpd.c@1.169 +4 -0 + [Bug 2891] Deadlock in deferred DNS lookup framework. + - reap/harvest async resolver results from mainloop + +ChangeSet@1.3615.1.2, 2015-12-06 21:33:26+01:00, jnperlin@hydra.localnet + [Bug 2814] msyslog deadlock when signaled. perlinger@ntp.org + - applied patch by shenpeng11@huawei.com with minor adjustments + + ChangeLog@1.1786.1.2 +2 -0 + [Bug 2814] msyslog deadlock when signaled. perlinger@ntp.org + - applied patch by shenpeng11@huawei.com with minor adjustments + + ntpd/ntpd.c@1.168 +26 -3 + [Bug 2814] msyslog deadlock when signaled. perlinger@ntp.org + - applied patch by shenpeng11@huawei.com with minor adjustments + +ChangeSet@1.3615.2.1, 2015-12-06 20:19:32+01:00, jnperlin@hydra.localnet + [Bug 2772] adj_systime overflows tv_usec + + ChangeLog@1.1786.2.1 +1 -0 + [Bug 2772] adj_systime overflows tv_usec + + libntp/systime.c@1.71 +12 -3 + [Bug 2772] adj_systime overflows tv_usec + - add missing normalisation for nitpicking implementations of 'adjtime()' + +ChangeSet@1.3615.1.1, 2015-12-06 11:20:02+00:00, stenn@psp-deb1.ntp.org Quiet a warning from clang. Harlan Stenn. - ChangeLog@1.1787 +1 -0 + ChangeLog@1.1786.1.1 +1 -0 Quiet a warning from clang. Harlan Stenn. libntp/ntp_rfc2553.c@1.50 +3 -2 Quiet a warning from clang. Harlan Stenn. +ChangeSet@1.3616, 2015-12-05 20:28:19+00:00, perlinger@psp-deb1.ntp.org + [Bug 2980] reduce number of warnings + - string formatting(arguments should be literals) + - applying constness where necessary + - removing bad consts that are superfluous + - avoid signed/unsigned clashes in conditionals (either by cast or type change) + - signed/unsigned and promotion conflicts + - add prototypes for function pointer tables + - force unsigned argument promotion in calls to 'ctype' functions (is{digit,cntrl,...}) + + ChangeLog@1.1787 +2 -0 + [Bug 2980] reduce number of warnings + + include/parse.h@1.14 +3 -3 + [Bug 2980] reduce number of warnings + - make GPSWRAP and GPSWEEK unqualified literals to avoid signed/unsigned clashes + + ntpd/ntp_config.c@1.336 +2 -0 + [Bug 2980] reduce number of warnings + - add forward declaration of yyparse() + + ntpd/ntp_io.c@1.410 +1 -1 + [Bug 2980] reduce number of warnings + - fix a signedness comparison by adding a cast to size_t + + ntpd/ntp_scanner.c@1.49 +1 -1 + [Bug 2980] reduce number of warnings + - for type compatibility, make counter 'i' a size_t + + ntpd/ntp_timer.c@1.94 +5 -6 + [Bug 2980] reduce number of warnings + - fix a signed / unsigned compare + + ntpd/refclock_chu.c@1.58 +1 -1 + [Bug 2980] reduce number of warnings + - rewrite check to avoid warning about integer overflow + + ntpd/refclock_gpsdjson.c@1.24 +13 -15 + [Bug 2980] reduce number of warnings + - reshuffle to use a literal format string + - fix signed/unsigned clashes in compare + + ntpd/refclock_jjy.c@1.30 +47 -44 + Bug 2980 - reduce number of warnings + - make several pointers 'const char*' + - add prototypes for function pointer tables + - force unsigned argument promotion in calls to 'ctype' functions (is{digit,cntrl,...}) + + ntpd/refclock_shm.c@1.39 +1 -1 + [Bug 2980] reduce number of warnings + - fix signed/unsigned clashes in compare + + ntpq/ntpq-subs.c@1.114.1.1 +1 -1 + [Bug 2980] reduce number of warnings + - avoid signed/unsigned clashe in compare + + ntpq/ntpq.c@1.165.1.1 +47 -7 + [Bug 2980] reduce number of warnings + - avoid juggling with formatting into dynamic buffers by a 'asprintf' like function + + sntp/libopts/configfile.c@1.24 +22 -22 + [Bug 2980] reduce number of warnings + - add some pointer constness to avoid casting it away + + sntp/libopts/enum.c@1.14 +5 -5 + [Bug 2980] reduce number of warnings + - avoid some unnecessary casts + - avoid shift/promote ambiguity by proper typing + + sntp/libopts/find.c@1.13 +1 -1 + [Bug 2980] reduce number of warnings + - Use VOIDP instead of a (char*) cast + + sntp/libopts/init.c@1.9 +2 -3 + [Bug 2980] reduce number of warnings + - use VOIDP() to replace a complicated double cast + - remove one useless cast + + sntp/libopts/load.c@1.22 +1 -1 + [Bug 2980] reduce number of warnings + - remove a useless cast + + sntp/libopts/makeshell.c@1.21 +3 -3 + [Bug 2980] reduce number of warnings + - fix integer promotion in calls to toupper/tolower + + sntp/libopts/nested.c@1.17 +3 -1 + [Bug 2980] reduce number of warnings + - avoid casting away constness by using a helper variable + + sntp/libopts/parse-duration.c@1.15 +8 -2 + [Bug 2980] reduce number of warnings + - avoid casting away constness by using a helper variable + + sntp/libopts/reset.c@1.18 +1 -1 + [Bug 2980] reduce number of warnings + - remove a useless cast + + sntp/libopts/save.c@1.19 +2 -2 + [Bug 2980] reduce number of warnings + - use VOIDP() instead of cast via (void**) + + sntp/libopts/tokenize.c@1.14 +1 -1 + [Bug 2980] reduce number of warnings + - add a required const qualification + +ChangeSet@1.3597.1.5, 2015-12-05 14:29:10+01:00, jnperlin@hydra.localnet + [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call + - make CTRL-C work for retrieval and printing od MRU list. + + ChangeLog@1.1770.1.3 +1 -0 + [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call + - make CTRL-C work for retrieval and printing od MRU list. + + ntpq/ntpq-subs.c@1.115 +6 -0 + [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call + - make CTRL-C work for retrieval and printing od MRU list: + 1) CTRL-C while collecting terminates the assembling of respose. + 2) CTRL-C while printing will terminate the print loop. + 3) both work independently of each other. + + ntpq/ntpq.c@1.166 +16 -0 + [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call + - when collecting fragments, CTRL-C will try to cleanly return the list of fragments so far. + +ChangeSet@1.3597.5.1, 2015-12-05 13:44:57+01:00, jnperlin@hydra.localnet + [Bug 2905] DNS lookups broken. + - added limits to stack consumption, fixed some return code handling + + ChangeLog@1.1770.5.1 +2 -0 + [Bug 2905] DNS lookups broken. + - added limits to stack consumption, fixed some return code handling + + libntp/work_thread.c@1.19 +55 -17 + [Bug 2905] DNS lookups broken. + - added limits to stack consumption + - fixed some return code handling + - harden queue handling + + ntpd/ntpd.c@1.166.1.1 +21 -4 + [Bug 2905] DNS lookups broken. + - added limits to stack consumption of wartmup thread + ChangeSet@1.3615, 2015-12-05 10:41:51+00:00, stenn@psp-at1.ntp.org CID 1341677: Nits in sntp/tests/keyFile.c. HStenn. @@ -1113,7 +2027,7 @@ ChangeSet@1.3584.1.1, 2015-11-13 22:54:35+01:00, jnperlin@hydra.localnet [Bug 2962] truncation of size_t/ptrdiff_t on 64bit targets - avoid 'unused' warnings - ntpd/ntp_proto.c@1.369 +8 -6 + ntpd/ntp_proto.c@1.368.1.1 +8 -6 [Bug 2962] truncation of size_t/ptrdiff_t on 64bit targets - promote use of 'size_t' for values that express a size - format string fixes @@ -1164,7 +2078,7 @@ ChangeSet@1.3584.1.1, 2015-11-13 22:54:35+01:00, jnperlin@hydra.localnet - promote use of 'size_t' for values that express a size - avoid truncation of SOCKET handles - ntpdc/ntpdc.c@1.105 +36 -34 + ntpdc/ntpdc.c@1.104.1.1 +36 -34 [Bug 2962] truncation of size_t/ptrdiff_t on 64bit targets - promote use of 'size_t' for values that express a size - format string fixes @@ -1827,6 +2741,31 @@ ChangeSet@1.3574, 2015-10-20 08:00:43+00:00, stenn@psp-deb1.ntp.org NEWS@1.149 +16 -16 Update CVEs +ChangeSet@1.3558.8.1, 2015-10-17 23:19:57+02:00, jnperlin@hydra.localnet + [Bug 2945] Zero Origin Timestamp Bypass + + ChangeLog@1.1743.8.1 +2 -0 + [Bug 2945] Zero Origin Timestamp Bypass + + ntpd/ntp_proto.c@1.364.2.1 +9 -1 + [Bug 2945] Zero Origin Timestamp Bypass + - in basic mode 'aorg' is cleared to indicate a response has been received. So a reply has to be dropped + when it either does not match the origin timestamp OR the origin time stamp is zero. + +ChangeSet@1.3558.7.1, 2015-10-17 21:15:39+02:00, jnperlin@hydra.localnet + [Bug 2948] Potential Infinite Loop in ntpq and ntpdc + + ChangeLog@1.1743.7.1 +2 -0 + [Bug 2948] Potential Infinite Loop in ntpq and ntpdc + + ntpdc/ntpdc.c@1.105 +20 -1 + [Bug 2948] Potential Infinite Loop in ntpq and ntpdc + - check timeout between request and valid response(s) instead of *any* incoming data + + ntpq/ntpq.c@1.161.2.1 +22 -2 + [Bug 2948] Potential Infinite Loop in ntpq and ntpdc + - check timeout between request and valid response(s) instead of *any* incoming data + ChangeSet@1.3573, 2015-10-17 06:28:49+00:00, stenn@psp-deb1.ntp.org ntp-4.2.8p4-sec-RC2 @@ -2172,6 +3111,53 @@ ChangeSet@1.3571, 2015-10-17 01:39:22+00:00, stenn@psp-deb1.ntp.org ChangeLog@1.1755 +4 -1 [Sec 2941] NAK to the Future: Symmetric association authentication bypass via crypto-NAK +ChangeSet@1.3558.6.2, 2015-10-13 23:31:28+02:00, jnperlin@hydra.localnet + [Bug 2938] ntpq saveconfig command allows dangerous characters in filenames. + - make sure the file does not exist (no overwrite allowed) + - ensure text mode where applicable (windows) + + ntpd/ntp_control.c@1.203.1.2 +17 -3 + [Bug 2938] ntpq saveconfig command allows dangerous characters in filenames. + - make sure the file does not exist (no overwrite allowed) + - ensure text mode where applicable (windows) + +ChangeSet@1.3558.6.1, 2015-10-12 08:18:56+02:00, jnperlin@hydra.localnet + [Bug 2938] ntpq saveconfig command allows dangerous characters in filenames + + ChangeLog@1.1743.6.1 +3 -0 + [Bug 2938] ntpq saveconfig command allows dangerous characters in filenames + + ntpd/ntp_control.c@1.203.1.1 +161 -37 + [Bug 2938] ntpq saveconfig command allows dangerous characters in filenames + - added function to check safe file names ([_A-Za-z0-9][-+._A-Za-z0-9]*) + - checked for truncation, too, not only overrun safey + +ChangeSet@1.3558.5.1, 2015-10-11 14:12:31+02:00, jnperlin@hydra.localnet + [Bug 2939] reslist NULL pointer dereference + [Bug 2940] Stack exhaustion in recursive traversal of restriction list + -- these two where fixed together -- + + ChangeLog@1.1743.5.1 +4 -0 + [Bug 2939] reslist NULL pointer dereference + [Bug 2940] Stack exhaustion in recursive traversal of restriction list + + ntpd/ntp_request.c@1.113.1.1 +127 -39 + [Bug 2939] reslist NULL pointer dereference + [Bug 2940] Stack exhaustion in recursive traversal of restriction list + - use iteration and a scratch pad stack to do the list reversal; deep recusrsion can be dangerous in C + - properly terminate processing when 'more_pkt()' indicates packet full + - check the return value of 'more_pkt()' when used in iterations, or trash it explicitely + - fixed uint32_t vs. u_long clash that would cause security problems on big-endian 64bit machines + +ChangeSet@1.3558.4.1, 2015-10-11 09:32:40+02:00, jnperlin@hydra.localnet + [Bug 2937] (NTPQ) nextvar() missing length check + + ChangeLog@1.1743.4.1 +2 -0 + [Bug 2937] (NTPQ) nextvar() missing length check + + ntpq/ntpq.c@1.161.1.1 +2 -0 + [Bug 2937] (NTPQ) nextvar() missing length check + ChangeSet@1.3558.3.3, 2015-10-11 08:10:20+02:00, jnperlin@hydra.localnet [Bug 2941] NAK to the Future: Symmetric association authentication bypass via crypto-NAK diff --git a/NEWS b/NEWS index 32c9288e63b..278943c7b52 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,258 @@ --- +NTP 4.2.8p6 + +Focus: Security, Bug fixes, enhancements. + +Severity: MEDIUM + +In addition to bug fixes and enhancements, this release fixes the +following X low- and Y medium-severity vulnerabilities: + +* Potential Infinite Loop in 'ntpq' + Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016 + References: Sec 2548 / CVE-2015-8158 + Affects: All ntp-4 releases up to, but not including 4.2.8p6, and + 4.3.0 up to, but not including 4.3.90 + CVSS2: (AV:N/AC:M/Au:N/C:N/I:N/A:P) Base Score: 4.3 - MEDIUM + CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Base Score: 5.3 - MEDIUM + Summary: 'ntpq' processes incoming packets in a loop in 'getresponse()'. + The loop's only stopping conditions are receiving a complete and + correct response or hitting a small number of error conditions. + If the packet contains incorrect values that don't trigger one of + the error conditions, the loop continues to receive new packets. + Note well, this is an attack against an instance of 'ntpq', not + 'ntpd', and this attack requires the attacker to do one of the + following: + * Own a malicious NTP server that the client trusts + * Prevent a legitimate NTP server from sending packets to + the 'ntpq' client + * MITM the 'ntpq' communications between the 'ntpq' client + and the NTP server + Mitigation: + Upgrade to 4.2.8p6, or later, from the NTP Project Download Page + or the NTP Public Services Project Download Page + Credit: This weakness was discovered by Jonathan Gardner of Cisco ASIG. + +* 0rigin: Zero Origin Timestamp Bypass + Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016 + References: Sec 2945 / CVE-2015-8138 + Affects: All ntp-4 releases up to, but not including 4.2.8p6, and + 4.3.0 up to, but not including 4.3.90 + CVSS2: (AV:N/AC:L/Au:N/C:N/I:P/A:N) Base Score: 5.0 - MEDIUM + CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Base Score: 5.3 - MEDIUM + (3.7 - LOW if you score AC:L) + Summary: To distinguish legitimate peer responses from forgeries, a + client attempts to verify a response packet by ensuring that the + origin timestamp in the packet matches the origin timestamp it + transmitted in its last request. A logic error exists that + allows packets with an origin timestamp of zero to bypass this + check whenever there is not an outstanding request to the server. + Mitigation: + Configure 'ntpd' to get time from multiple sources. + Upgrade to 4.2.8p6, or later, from the NTP Project Download Page + or the NTP Public Services Project Download Page. + Monitor your 'ntpd= instances. + Credit: This weakness was discovered by Jonathan Gardner of Cisco ASIG. + +* Stack exhaustion in recursive traversal of restriction list + Date Resolved: Stable (4.2.8p6) 19 Jan 2016 + References: Sec 2940 / CVE-2015-7978 + Affects: All ntp-4 releases up to, but not including 4.2.8p6, and + 4.3.0 up to, but not including 4.3.90 + CVSS: (AV:N/AC:M/Au:N/C:N/I:N/A:P) Base Score: 4.3 - MEDIUM + Summary: An unauthenticated 'ntpdc reslist' command can cause a + segmentation fault in ntpd by exhausting the call stack. + Mitigation: + Implement BCP-38. + Upgrade to 4.2.8p6, or later, from the NTP Project Download Page + or the NTP Public Services Project Download Page. + If you are unable to upgrade: + In ntp-4.2.8, mode 7 is disabled by default. Don't enable it. + If you must enable mode 7: + configure the use of a 'requestkey' to control who can + issue mode 7 requests. + configure 'restrict noquery' to further limit mode 7 + requests to trusted sources. + Monitor your ntpd instances. + Credit: This weakness was discovered by Stephen Gray at Cisco ASIG. + +* Off-path Denial of Service (!DoS) attack on authenticated broadcast mode + Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016 + References: Sec 2942 / CVE-2015-7979 + Affects: All ntp-4 releases up to, but not including 4.2.8p6, and + 4.3.0 up to, but not including 4.3.90 + CVSS: (AV:N/AC:M/Au:N/C:N/I:P/A:P) Base Score: 5.8 + Summary: An off-path attacker can send broadcast packets with bad + authentication (wrong key, mismatched key, incorrect MAC, etc) + to broadcast clients. It is observed that the broadcast client + tears down the association with the broadcast server upon + receiving just one bad packet. + Mitigation: + Implement BCP-38. + Upgrade to 4.2.8p6, or later, from the NTP Project Download Page + or the NTP Public Services Project Download Page. + Monitor your 'ntpd' instances. + If this sort of attack is an active problem for you, you have + deeper problems to investigate. In this case also consider + having smaller NTP broadcast domains. + Credit: This weakness was discovered by Aanchal Malhotra of Boston + University. + +* reslist NULL pointer dereference + Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016 + References: Sec 2939 / CVE-2015-7977 + Affects: All ntp-4 releases up to, but not including 4.2.8p6, and + 4.3.0 up to, but not including 4.3.90 + CVSS: (AV:N/AC:M/Au:N/C:N/I:N/A:P) Base Score: 4.3 - MEDIUM + Summary: An unauthenticated 'ntpdc reslist' command can cause a + segmentation fault in ntpd by causing a NULL pointer dereference. + Mitigation: + Implement BCP-38. + Upgrade to 4.2.8p6, or later, from NTP Project Download Page or + the NTP Public Services Project Download Page. + If you are unable to upgrade: + mode 7 is disabled by default. Don't enable it. + If you must enable mode 7: + configure the use of a 'requestkey' to control who can + issue mode 7 requests. + configure 'restrict noquery' to further limit mode 7 + requests to trusted sources. + Monitor your ntpd instances. + Credit: This weakness was discovered by Stephen Gray of Cisco ASIG. + +* 'ntpq saveconfig' command allows dangerous characters in filenames. + Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016 + References: Sec 2938 / CVE-2015-7976 + Affects: All ntp-4 releases up to, but not including 4.2.8p6, and + 4.3.0 up to, but not including 4.3.90 + CVSS: (AV:N/AC:L/Au:S/C:N/I:P/A:N) Base Score: 4.0 - MEDIUM + Summary: The ntpq saveconfig command does not do adequate filtering + of special characters from the supplied filename. + Note well: The ability to use the saveconfig command is controlled + by the 'restrict nomodify' directive, and the recommended default + configuration is to disable this capability. If the ability to + execute a 'saveconfig' is required, it can easily (and should) be + limited and restricted to a known small number of IP addresses. + Mitigation: + Implement BCP-38. + use 'restrict default nomodify' in your 'ntp.conf' file. + Upgrade to 4.2.8p6, or later, from the NTP Project Download Page. + If you are unable to upgrade: + build NTP with 'configure --disable-saveconfig' if you will + never need this capability, or + use 'restrict default nomodify' in your 'ntp.conf' file. Be + careful about what IPs have the ability to send 'modify' + requests to 'ntpd'. + Monitor your ntpd instances. + 'saveconfig' requests are logged to syslog - monitor your syslog files. + Credit: This weakness was discovered by Jonathan Gardner of Cisco ASIG. + +* nextvar() missing length check in ntpq + Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016 + References: Sec 2937 / CVE-2015-7975 + Affects: All ntp-4 releases up to, but not including 4.2.8p6, and + 4.3.0 up to, but not including 4.3.90 + CVSS: (AV:L/AC:H/Au:N/C:N/I:N/A:P) Base Score: 1.2 - LOW + If you score A:C, this becomes 4.0. + CVSSv3: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L) Base Score 2.9, LOW + Summary: ntpq may call nextvar() which executes a memcpy() into the + name buffer without a proper length check against its maximum + length of 256 bytes. Note well that we're taking about ntpq here. + The usual worst-case effect of this vulnerability is that the + specific instance of ntpq will crash and the person or process + that did this will have stopped themselves. + Mitigation: + Upgrade to 4.2.8p6, or later, from the NTP Project Download Page + or the NTP Public Services Project Download Page. + If you are unable to upgrade: + If you have scripts that feed input to ntpq make sure there are + some sanity checks on the input received from the "outside". + This is potentially more dangerous if ntpq is run as root. + Credit: This weakness was discovered by Jonathan Gardner at Cisco ASIG. + +* Skeleton Key: Any trusted key system can serve time + Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016 + References: Sec 2936 / CVE-2015-7974 + Affects: All ntp-4 releases up to, but not including 4.2.8p6, and + 4.3.0 up to, but not including 4.3.90 + CVSS: (AV:N/AC:H/Au:S/C:N/I:C/A:N) Base Score: 4.9 + Summary: Symmetric key encryption uses a shared trusted key. The + reported title for this issue was "Missing key check allows + impersonation between authenticated peers" and the report claimed + "A key specified only for one server should only work to + authenticate that server, other trusted keys should be refused." + Except there has never been any correlation between this trusted + key and server v. clients machines and there has never been any + way to specify a key only for one server. We have treated this as + an enhancement request, and ntp-4.2.8p6 includes other checks and + tests to strengthen clients against attacks coming from broadcast + servers. + Mitigation: + Implement BCP-38. + If this scenario represents a real or a potential issue for you, + upgrade to 4.2.8p6, or later, from the NTP Project Download + Page or the NTP Public Services Project Download Page, and + use the new field in the ntp.keys file that specifies the list + of IPs that are allowed to serve time. Note that this alone + will not protect against time packets with forged source IP + addresses, however other changes in ntp-4.2.8p6 provide + significant mitigation against broadcast attacks. MITM attacks + are a different story. + If you are unable to upgrade: + Don't use broadcast mode if you cannot monitor your client + servers. + If you choose to use symmetric keys to authenticate time + packets in a hostile environment where ephemeral time + servers can be created, or if it is expected that malicious + time servers will participate in an NTP broadcast domain, + limit the number of participating systems that participate + in the shared-key group. + Monitor your ntpd instances. + Credit: This weakness was discovered by Matt Street of Cisco ASIG. + +* Deja Vu: Replay attack on authenticated broadcast mode + Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016 + References: Sec 2935 / CVE-2015-7973 + Affects: All ntp-4 releases up to, but not including 4.2.8p6, and + 4.3.0 up to, but not including 4.3.90 + CVSS: (AV:A/AC:M/Au:N/C:N/I:P/A:P) Base Score: 4.3 - MEDIUM + Summary: If an NTP network is configured for broadcast operations then + either a man-in-the-middle attacker or a malicious participant + that has the same trusted keys as the victim can replay time packets. + Mitigation: + Implement BCP-38. + Upgrade to 4.2.8p6, or later, from the NTP Project Download Page + or the NTP Public Services Project Download Page. + If you are unable to upgrade: + Don't use broadcast mode if you cannot monitor your client servers. + Monitor your ntpd instances. + Credit: This weakness was discovered by Aanchal Malhotra of Boston + University. + +Other fixes: + +* [Bug 2772] adj_systime overflows tv_usec. perlinger@ntp.org +* [Bug 2814] msyslog deadlock when signaled. perlinger@ntp.org + - applied patch by shenpeng11@huawei.com with minor adjustments +* [Bug 2882] Look at ntp_request.c:list_peers_sum(). perlinger@ntp.org +* [Bug 2891] Deadlock in deferred DNS lookup framework. perlinger@ntp.org +* [Bug 2892] Several test cases assume IPv6 capabilities even when + IPv6 is disabled in the build. perlinger@ntp.org + - Found this already fixed, but validation led to cleanup actions. +* [Bug 2905] DNS lookups broken. perlinger@ntp.org + - added limits to stack consumption, fixed some return code handling +* [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call + - changed stacked/nested handling of CTRL-C. perlinger@ntp.org + - make CTRL-C work for retrieval and printing od MRU list. perlinger@ntp.org +* [Bug 2980] reduce number of warnings. perlinger@ntp.org + - integrated several patches from Havard Eidnes (he@uninett.no) +* [Bug 2985] bogus calculation in authkeys.c perlinger@ntp.org + - implement 'auth_log2()' using integer bithack instead of float calculation +* Make leapsec_query debug messages less verbose. Harlan Stenn. + +--- + NTP 4.2.8p5 Focus: Security, Bug fixes, enhancements. diff --git a/configure b/configure index 758ffa926a5..75724ccfc55 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for ntp 4.2.8p5. +# Generated by GNU Autoconf 2.69 for ntp 4.2.8p6. # # Report bugs to . # @@ -590,8 +590,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='ntp' PACKAGE_TARNAME='ntp' -PACKAGE_VERSION='4.2.8p5' -PACKAGE_STRING='ntp 4.2.8p5' +PACKAGE_VERSION='4.2.8p6' +PACKAGE_STRING='ntp 4.2.8p6' PACKAGE_BUGREPORT='http://bugs.ntp.org./' PACKAGE_URL='http://www.ntp.org./' @@ -1616,7 +1616,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures ntp 4.2.8p5 to adapt to many kinds of systems. +\`configure' configures ntp 4.2.8p6 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1686,7 +1686,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of ntp 4.2.8p5:";; + short | recursive ) echo "Configuration of ntp 4.2.8p6:";; esac cat <<\_ACEOF @@ -1919,7 +1919,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -ntp configure 4.2.8p5 +ntp configure 4.2.8p6 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2749,7 +2749,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by ntp $as_me 4.2.8p5, which was +It was created by ntp $as_me 4.2.8p6, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3750,7 +3750,7 @@ fi # Define the identity of the package. PACKAGE='ntp' - VERSION='4.2.8p5' + VERSION='4.2.8p6' cat >>confdefs.h <<_ACEOF @@ -37840,7 +37840,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by ntp $as_me 4.2.8p5, which was +This file was extended by ntp $as_me 4.2.8p6, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -37907,7 +37907,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -ntp config.status 4.2.8p5 +ntp config.status 4.2.8p6 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff --git a/html/miscopt.html b/html/miscopt.html index 261b08faca6..bc520f60a62 100644 --- a/html/miscopt.html +++ b/html/miscopt.html @@ -11,7 +11,7 @@ giffrom Pogo, Walt Kelly

We have three, now looking for more.

Last update: - 17-Nov-2015 11:06 + 16-Jan-2016 13:08 UTC


Related Links

@@ -29,8 +29,9 @@
The file format consists of a single line containing a single floating point number, which records the frequency offset measured in parts-per-million (PPM). The file is updated by first writing the current drift value into a temporary file and then renaming this file to replace the old version.
dscp dscp
This command specifies the Differentiated Services Code Point (DSCP) value that is used in sent NTP packets. The default value is 46 for Expedited Forwarding (EF).
-
enable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats]
- disable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats]
+
enable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats | unpeer_crypto_early | unpeer_crypto_nak_early | unpeer_digest_early]
+ +
disable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats | unpeer_crypto_early | unpeer_crypto_nak_early | unpeer_digest_early]
Provides a way to enable or disable various system options. Flags not mentioned are unaffected. Note that most of these flags can be modified remotely using ntpq utility program's :config and config-from-file commands.
auth
@@ -50,6 +51,13 @@
Enables time and frequency discipline. In effect, this switch opens and closes the feedback loop, which is useful for testing. The default for this flag is enable.
stats
Enables the statistics facility. See the Monitoring Options page for further information. The default for this flag is enabled. This flag is excluded from runtime configuration using ntpq.
+| unpeer_crypto_early | unpeer_crypto_nak_early | unpeer_digest_early +
unpeer_crypto_early
+
Enables the early resetting of an association in case of a crypto failure. This is generally a feature, but it can be used in a DoS attack. If you are seeing these packets being used as a DoS attack against your server, you should disable this flag. The default for this flag is enabled. This flag is excluded from runtime configuration using ntpq.
+
unpeer_crypto_nak_early
+
Enables the early resetting of an association in case of a crypto_NAK message. This is generally a feature, but it can be used in a DoS attack. If you are seeing these packets being used as a DoS attack against your server, you should disable this flag. The default for this flag is enabled. This flag is excluded from runtime configuration using ntpq.
+
unpeer_digest_early
+
Enables the early resetting of an association in case of an autokey digest failur. This is generally a feature, but it can be used in a DoS attack. If you are seeing these packets being used as a DoS attack against your server, you should disable this flag. The default for this flag is enabled. This flag is excluded from runtime configuration using ntpq.
includefile includefile
diff --git a/include/Makefile.am b/include/Makefile.am index d8b4dd2b54c..521ac146c77 100644 --- a/include/Makefile.am +++ b/include/Makefile.am @@ -36,6 +36,7 @@ noinst_HEADERS = \ ntp_if.h \ ntp_intres.h \ ntp_io.h \ + ntp_keyacc.h \ ntp_libopts.h \ ntp_lineedit.h \ ntp_lists.h \ diff --git a/include/Makefile.in b/include/Makefile.in index 6e45e93f59e..ef92804d14f 100644 --- a/include/Makefile.in +++ b/include/Makefile.in @@ -521,6 +521,7 @@ noinst_HEADERS = \ ntp_if.h \ ntp_intres.h \ ntp_io.h \ + ntp_keyacc.h \ ntp_libopts.h \ ntp_lineedit.h \ ntp_lists.h \ diff --git a/include/ntp.h b/include/ntp.h index 4ffc35f6feb..6a4e9aa6f38 100644 --- a/include/ntp.h +++ b/include/ntp.h @@ -350,6 +350,7 @@ struct peer { l_fp dst; /* destination timestamp */ l_fp aorg; /* origin timestamp */ l_fp borg; /* alternate origin timestamp */ + l_fp bxmt; /* most recent broadcast transmit timestamp */ double offset; /* peer clock offset */ double delay; /* peer roundtrip delay */ double jitter; /* peer jitter (squares) */ @@ -382,7 +383,8 @@ struct peer { * Statistic counters */ u_long timereset; /* time stat counters were reset */ - u_long timereceived; /* last packet received time */ + u_long timelastrec; /* last packet received time */ + u_long timereceived; /* last (clean) packet received time */ u_long timereachable; /* last reachable/unreachable time */ u_long sent; /* packets sent */ @@ -708,6 +710,9 @@ struct pkt { #define PROTO_ORPHAN 26 #define PROTO_ORPHWAIT 27 #define PROTO_MODE7 28 +#define PROTO_UECRYPTO 29 +#define PROTO_UECRYPTONAK 30 +#define PROTO_UEDIGEST 31 /* * Configuration items for the loop filter diff --git a/include/ntp_io.h b/include/ntp_io.h index 5950f0035d6..d34d60a80b9 100644 --- a/include/ntp_io.h +++ b/include/ntp_io.h @@ -40,6 +40,8 @@ #include "libntp.h" /* This needs Something above for GETDTABLESIZE */ +#include "ntp_keyacc.h" + /* * Define FNDELAY and FASYNC using O_NONBLOCK and O_ASYNC if we need * to (and can). This is here initially for QNX, but may help for @@ -83,7 +85,6 @@ typedef enum { extern int qos; SOCKET move_fd(SOCKET fd); isc_boolean_t get_broadcastclient_flag(void); -extern int is_ip_address(const char *, u_short, sockaddr_u *); extern void sau_from_netaddr(sockaddr_u *, const isc_netaddr_t *); extern void add_nic_rule(nic_rule_match match_type, const char *if_name, int prefixlen, diff --git a/include/ntp_keyacc.h b/include/ntp_keyacc.h new file mode 100644 index 00000000000..730c310ac0f --- /dev/null +++ b/include/ntp_keyacc.h @@ -0,0 +1,13 @@ +/* + * ntp_keyacc.h - key access stuff + */ +#ifndef NTP_KEYACC_H +#define NTP_KEYACC_H + +typedef struct keyaccess KeyAccT; +struct keyaccess { + KeyAccT * next; + sockaddr_u addr; +}; + +#endif /* NTP_KEYACC_H */ diff --git a/include/ntp_stdlib.h b/include/ntp_stdlib.h index d735b41f4ba..98ac69eb469 100644 --- a/include/ntp_stdlib.h +++ b/include/ntp_stdlib.h @@ -16,6 +16,7 @@ #include "ntp_malloc.h" #include "ntp_string.h" #include "ntp_syslog.h" +#include "ntp_keyacc.h" #ifdef __GNUC__ #define NTP_PRINTF(fmt, args) __attribute__((__format__(__printf__, fmt, args))) @@ -69,6 +70,7 @@ extern int authdecrypt (keyid_t, u_int32 *, size_t, size_t); extern size_t authencrypt (keyid_t, u_int32 *, size_t); extern int authhavekey (keyid_t); extern int authistrusted (keyid_t); +extern int authistrustedip (keyid_t, sockaddr_u *); extern int authreadkeys (const char *); extern void authtrust (keyid_t, u_long); extern int authusekey (keyid_t, int, const u_char *); @@ -97,7 +99,7 @@ extern int ymd2yd (int, int, int); /* a_md5encrypt.c */ extern int MD5authdecrypt (int, const u_char *, u_int32 *, size_t, size_t); extern size_t MD5authencrypt (int, const u_char *, u_int32 *, size_t); -extern void MD5auth_setkey (keyid_t, int, const u_char *, size_t); +extern void MD5auth_setkey (keyid_t, int, const u_char *, size_t, KeyAccT *c); extern u_int32 addr2refid (sockaddr_u *); /* emalloc.c */ @@ -141,6 +143,7 @@ extern int atouint (const char *, u_long *); extern int hextoint (const char *, u_long *); extern const char * humanlogtime (void); extern const char * humantime (time_t); +extern int is_ip_address (const char *, u_short, sockaddr_u *); extern char * mfptoa (u_int32, u_int32, short); extern char * mfptoms (u_int32, u_int32, short); extern const char * modetoa (size_t); diff --git a/include/ntp_types.h b/include/ntp_types.h index a947f30575e..7ff31254720 100644 --- a/include/ntp_types.h +++ b/include/ntp_types.h @@ -218,6 +218,7 @@ typedef uint16_t associd_t; /* association ID */ #define ASSOCID_MAX USHRT_MAX typedef u_int32 keyid_t; /* cryptographic key ID */ #define KEYID_T_MAX (0xffffffff) + typedef u_int32 tstamp_t; /* NTP seconds timestamp */ /* diff --git a/include/ntp_worker.h b/include/ntp_worker.h index 50616b3df7d..7720b8c8537 100644 --- a/include/ntp_worker.h +++ b/include/ntp_worker.h @@ -60,33 +60,35 @@ typedef sema_type *sem_ref; #if defined(WORK_FORK) typedef struct blocking_child_tag { - int reusable; - int pid; - int req_write_pipe; /* parent */ - int resp_read_pipe; - void * resp_read_ctx; - int req_read_pipe; /* child */ - int resp_write_pipe; - int ispipe; + int reusable; + int pid; + int req_write_pipe; /* parent */ + int resp_read_pipe; + void * resp_read_ctx; + int req_read_pipe; /* child */ + int resp_write_pipe; + int ispipe; + volatile u_int resp_ready_seen; /* signal/scan */ + volatile u_int resp_ready_done; /* consumer/mainloop */ } blocking_child; #elif defined(WORK_THREAD) typedef struct blocking_child_tag { -/* - * blocking workitems and blocking_responses are dynamically-sized - * one-dimensional arrays of pointers to blocking worker requests and - * responses. - * - * IMPORTANT: This structure is shared between threads, and all access - * that is not atomic (especially queue operations) must hold the - * 'accesslock' semaphore to avoid data races. - * - * The resource management (thread/semaphore creation/destruction) - * functions and functions just testing a handle are safe because these - * are only changed by the main thread when no worker is running on the - * same data structure. - */ + /* + * blocking workitems and blocking_responses are + * dynamically-sized one-dimensional arrays of pointers to + * blocking worker requests and responses. + * + * IMPORTANT: This structure is shared between threads, and all + * access that is not atomic (especially queue operations) must + * hold the 'accesslock' semaphore to avoid data races. + * + * The resource management (thread/semaphore + * creation/destruction) functions and functions just testing a + * handle are safe because these are only changed by the main + * thread when no worker is running on the same data structure. + */ int reusable; sem_ref accesslock; /* shared access lock */ thr_ref thread_ref; /* thread 'handle' */ @@ -117,6 +119,8 @@ typedef struct blocking_child_tag { int resp_write_pipe; /* child */ int ispipe; void * resp_read_ctx; /* child */ + volatile u_int resp_ready_seen; /* signal/scan */ + volatile u_int resp_ready_done; /* consumer/mainloop */ #else sem_ref responses_pending; /* signalling */ #endif @@ -126,6 +130,10 @@ typedef struct blocking_child_tag { #endif /* WORK_THREAD */ +/* we need some global tag to indicate any blocking child may be ready: */ +extern volatile u_int blocking_child_ready_seen;/* signal/scan */ +extern volatile u_int blocking_child_ready_done;/* consumer/mainloop */ + extern blocking_child ** blocking_children; extern size_t blocking_children_alloc; extern int worker_per_query; /* boolean */ @@ -139,6 +147,7 @@ extern int queue_blocking_response(blocking_child *, blocking_pipe_header *, size_t, const blocking_pipe_header *); extern void process_blocking_resp(blocking_child *); +extern void harvest_blocking_responses(void); extern int send_blocking_req_internal(blocking_child *, blocking_pipe_header *, void *); diff --git a/include/parse.h b/include/parse.h index 9b1ffb22742..02dbb302190 100644 --- a/include/parse.h +++ b/include/parse.h @@ -107,9 +107,9 @@ extern unsigned int splclock (void); /* * some constants useful for GPS time conversion */ -#define GPSORIGIN 2524953600UL /* NTP origin - GPS origin in seconds */ -#define GPSWRAP 990U /* assume week count less than this in the previous epoch */ -#define GPSWEEKS 1024U /* number of weeks until the GPS epch rolls over */ +#define GPSORIGIN 2524953600UL /* NTP origin - GPS origin in seconds */ +#define GPSWRAP 990 /* assume week count less than this in the previous epoch */ +#define GPSWEEKS 1024 /* number of weeks until the GPS epch rolls over */ /* * state flags diff --git a/libntp/Makefile.am b/libntp/Makefile.am index 914badb5f64..a3b50e1298b 100644 --- a/libntp/Makefile.am +++ b/libntp/Makefile.am @@ -70,6 +70,7 @@ libntp_a_SRCS = \ humandate.c \ icom.c \ iosignal.c \ + is_ip_address.c \ lib_strbuf.c \ machines.c \ mktime.c \ diff --git a/libntp/Makefile.in b/libntp/Makefile.in index e9a90ed1c35..1158691bef7 100644 --- a/libntp/Makefile.in +++ b/libntp/Makefile.in @@ -150,12 +150,12 @@ am__libntp_a_SOURCES_DIST = systime.c a_md5encrypt.c adjtime.c \ calyearstart.c clocktime.c clocktypes.c decodenetnum.c \ dofptoa.c dolfptoa.c emalloc.c findconfig.c getopt.c \ hextoint.c hextolfp.c humandate.c icom.c iosignal.c \ - lib_strbuf.c machines.c mktime.c modetoa.c mstolfp.c msyslog.c \ - netof.c ntp_calendar.c ntp_crypto_rnd.c ntp_intres.c \ - ntp_libopts.c ntp_lineedit.c ntp_random.c ntp_rfc2553.c \ - ntp_worker.c numtoa.c numtohost.c octtoint.c prettydate.c \ - refidsmear.c recvbuff.c refnumtoa.c snprintf.c socket.c \ - socktoa.c socktohost.c ssl_init.c statestr.c strdup.c \ + is_ip_address.c lib_strbuf.c machines.c mktime.c modetoa.c \ + mstolfp.c msyslog.c netof.c ntp_calendar.c ntp_crypto_rnd.c \ + ntp_intres.c ntp_libopts.c ntp_lineedit.c ntp_random.c \ + ntp_rfc2553.c ntp_worker.c numtoa.c numtohost.c octtoint.c \ + prettydate.c refidsmear.c recvbuff.c refnumtoa.c snprintf.c \ + socket.c socktoa.c socktohost.c ssl_init.c statestr.c strdup.c \ strl_obsd.c syssignal.c timetoa.c timevalops.c uglydate.c \ vint64ops.c work_fork.c work_thread.c ymd2yd.c \ $(srcdir)/../lib/isc/assertions.c \ @@ -207,21 +207,21 @@ am__objects_4 = a_md5encrypt.$(OBJEXT) adjtime.$(OBJEXT) \ dolfptoa.$(OBJEXT) emalloc.$(OBJEXT) findconfig.$(OBJEXT) \ getopt.$(OBJEXT) hextoint.$(OBJEXT) hextolfp.$(OBJEXT) \ humandate.$(OBJEXT) icom.$(OBJEXT) iosignal.$(OBJEXT) \ - lib_strbuf.$(OBJEXT) machines.$(OBJEXT) mktime.$(OBJEXT) \ - modetoa.$(OBJEXT) mstolfp.$(OBJEXT) msyslog.$(OBJEXT) \ - netof.$(OBJEXT) ntp_calendar.$(OBJEXT) \ - ntp_crypto_rnd.$(OBJEXT) ntp_intres.$(OBJEXT) \ - ntp_libopts.$(OBJEXT) ntp_lineedit.$(OBJEXT) \ - ntp_random.$(OBJEXT) ntp_rfc2553.$(OBJEXT) \ - ntp_worker.$(OBJEXT) numtoa.$(OBJEXT) numtohost.$(OBJEXT) \ - octtoint.$(OBJEXT) prettydate.$(OBJEXT) refidsmear.$(OBJEXT) \ - recvbuff.$(OBJEXT) refnumtoa.$(OBJEXT) snprintf.$(OBJEXT) \ - socket.$(OBJEXT) socktoa.$(OBJEXT) socktohost.$(OBJEXT) \ - ssl_init.$(OBJEXT) statestr.$(OBJEXT) strdup.$(OBJEXT) \ - strl_obsd.$(OBJEXT) syssignal.$(OBJEXT) timetoa.$(OBJEXT) \ - timevalops.$(OBJEXT) uglydate.$(OBJEXT) vint64ops.$(OBJEXT) \ - work_fork.$(OBJEXT) work_thread.$(OBJEXT) ymd2yd.$(OBJEXT) \ - $(am__objects_3) $(am__objects_1) + is_ip_address.$(OBJEXT) lib_strbuf.$(OBJEXT) \ + machines.$(OBJEXT) mktime.$(OBJEXT) modetoa.$(OBJEXT) \ + mstolfp.$(OBJEXT) msyslog.$(OBJEXT) netof.$(OBJEXT) \ + ntp_calendar.$(OBJEXT) ntp_crypto_rnd.$(OBJEXT) \ + ntp_intres.$(OBJEXT) ntp_libopts.$(OBJEXT) \ + ntp_lineedit.$(OBJEXT) ntp_random.$(OBJEXT) \ + ntp_rfc2553.$(OBJEXT) ntp_worker.$(OBJEXT) numtoa.$(OBJEXT) \ + numtohost.$(OBJEXT) octtoint.$(OBJEXT) prettydate.$(OBJEXT) \ + refidsmear.$(OBJEXT) recvbuff.$(OBJEXT) refnumtoa.$(OBJEXT) \ + snprintf.$(OBJEXT) socket.$(OBJEXT) socktoa.$(OBJEXT) \ + socktohost.$(OBJEXT) ssl_init.$(OBJEXT) statestr.$(OBJEXT) \ + strdup.$(OBJEXT) strl_obsd.$(OBJEXT) syssignal.$(OBJEXT) \ + timetoa.$(OBJEXT) timevalops.$(OBJEXT) uglydate.$(OBJEXT) \ + vint64ops.$(OBJEXT) work_fork.$(OBJEXT) work_thread.$(OBJEXT) \ + ymd2yd.$(OBJEXT) $(am__objects_3) $(am__objects_1) am_libntp_a_OBJECTS = systime.$(OBJEXT) $(am__objects_4) libntp_a_OBJECTS = $(am_libntp_a_OBJECTS) libntpsim_a_AR = $(AR) $(ARFLAGS) @@ -232,12 +232,12 @@ am__libntpsim_a_SOURCES_DIST = systime_s.c a_md5encrypt.c adjtime.c \ calyearstart.c clocktime.c clocktypes.c decodenetnum.c \ dofptoa.c dolfptoa.c emalloc.c findconfig.c getopt.c \ hextoint.c hextolfp.c humandate.c icom.c iosignal.c \ - lib_strbuf.c machines.c mktime.c modetoa.c mstolfp.c msyslog.c \ - netof.c ntp_calendar.c ntp_crypto_rnd.c ntp_intres.c \ - ntp_libopts.c ntp_lineedit.c ntp_random.c ntp_rfc2553.c \ - ntp_worker.c numtoa.c numtohost.c octtoint.c prettydate.c \ - refidsmear.c recvbuff.c refnumtoa.c snprintf.c socket.c \ - socktoa.c socktohost.c ssl_init.c statestr.c strdup.c \ + is_ip_address.c lib_strbuf.c machines.c mktime.c modetoa.c \ + mstolfp.c msyslog.c netof.c ntp_calendar.c ntp_crypto_rnd.c \ + ntp_intres.c ntp_libopts.c ntp_lineedit.c ntp_random.c \ + ntp_rfc2553.c ntp_worker.c numtoa.c numtohost.c octtoint.c \ + prettydate.c refidsmear.c recvbuff.c refnumtoa.c snprintf.c \ + socket.c socktoa.c socktohost.c ssl_init.c statestr.c strdup.c \ strl_obsd.c syssignal.c timetoa.c timevalops.c uglydate.c \ vint64ops.c work_fork.c work_thread.c ymd2yd.c \ $(srcdir)/../lib/isc/assertions.c \ @@ -660,6 +660,7 @@ libntp_a_SRCS = \ humandate.c \ icom.c \ iosignal.c \ + is_ip_address.c \ lib_strbuf.c \ machines.c \ mktime.c \ @@ -806,6 +807,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/inet_pton.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/interfaceiter.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/iosignal.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/is_ip_address.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lib.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lib_strbuf.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/log.Po@am__quote@ diff --git a/libntp/authkeys.c b/libntp/authkeys.c index f7462a2463a..36fdd8b7c11 100644 --- a/libntp/authkeys.c +++ b/libntp/authkeys.c @@ -15,6 +15,7 @@ #include "ntp_string.h" #include "ntp_malloc.h" #include "ntp_stdlib.h" +#include "ntp_keyacc.h" /* * Structure to store keys in in the hash table. @@ -25,6 +26,7 @@ struct savekey { symkey * hlink; /* next in hash bucket */ DECL_DLIST_LINK(symkey, llink); /* for overall & free lists */ u_char * secret; /* shared secret */ + KeyAccT * keyacclist; /* Private key access list */ u_long lifetime; /* remaining lifetime */ keyid_t keyid; /* key identifier */ u_short type; /* OpenSSL digest NID */ @@ -48,13 +50,13 @@ struct symkey_alloc_tag { symkey_alloc * authallocs; #endif /* DEBUG */ -static inline u_short auth_log2(double x); -static void auth_resize_hashtable(void); -static void allocsymkey(symkey **, keyid_t, u_short, - u_short, u_long, u_short, u_char *); -static void freesymkey(symkey *, symkey **); +static u_short auth_log2(size_t); +static void auth_resize_hashtable(void); +static void allocsymkey(symkey **, keyid_t, u_short, u_short, + u_long, u_short, u_char *, KeyAccT *); +static void freesymkey(symkey *, symkey **); #ifdef DEBUG -static void free_auth_mem(void); +static void free_auth_mem(void); #endif symkey key_listhead; /* list of all in-use keys */; @@ -97,6 +99,7 @@ u_char *cache_secret; /* secret */ u_short cache_secretsize; /* secret length */ int cache_type; /* OpenSSL digest NID */ u_short cache_flags; /* flags that wave */ +KeyAccT *cache_keyacclist; /* key access list */ /* @@ -142,6 +145,7 @@ free_auth_mem(void) key_hash = NULL; cache_keyid = 0; cache_flags = 0; + cache_keyacclist = NULL; for (alloc = authallocs; alloc != NULL; alloc = next_alloc) { next_alloc = alloc->link; free(alloc->mem); @@ -210,10 +214,33 @@ auth_prealloc_symkeys( } -static inline u_short -auth_log2(double x) +static u_short +auth_log2(size_t x) { - return (u_short)(log10(x) / log10(2)); + /* + ** bithack to calculate floor(log2(x)) + ** + ** This assumes + ** - (sizeof(size_t) is a power of two + ** - CHAR_BITS is a power of two + ** - returning zero for arguments <= 0 is OK. + ** + ** Does only shifts, masks and sums in integer arithmetic in + ** log2(CHAR_BIT*sizeof(size_t)) steps. (that is, 5/6 steps for + ** 32bit/64bit size_t) + */ + int s; + int r = 0; + size_t m = ~(size_t)0; + + for (s = sizeof(size_t) / 2 * CHAR_BIT; s != 0; s >>= 1) { + m <<= s; + if (x & m) + r += s; + else + x <<= s; + } + return (u_short)r; } @@ -234,7 +261,7 @@ auth_resize_hashtable(void) symkey * sk; totalkeys = authnumkeys + authnumfreekeys; - hashbits = auth_log2(totalkeys / 4.0) + 1; + hashbits = auth_log2(totalkeys / 4) + 1; hashbits = max(4, hashbits); hashbits = min(15, hashbits); @@ -267,7 +294,8 @@ allocsymkey( u_short type, u_long lifetime, u_short secretsize, - u_char * secret + u_char * secret, + KeyAccT * ka ) { symkey * sk; @@ -281,6 +309,7 @@ allocsymkey( sk->type = type; sk->secretsize = secretsize; sk->secret = secret; + sk->keyacclist = ka; sk->lifetime = lifetime; LINK_SLIST(*bucket, sk, hlink); LINK_TAIL_DLIST(key_listhead, sk, llink); @@ -412,6 +441,7 @@ authhavekey( cache_flags = sk->flags; cache_secret = sk->secret; cache_secretsize = sk->secretsize; + cache_keyacclist = sk->keyacclist; return TRUE; } @@ -451,6 +481,7 @@ authtrust( if (cache_keyid == id) { cache_flags = 0; cache_keyid = 0; + cache_keyacclist = NULL; } /* @@ -480,7 +511,7 @@ authtrust( } else { lifetime = 0; } - allocsymkey(bucket, id, KEY_TRUSTED, 0, lifetime, 0, NULL); + allocsymkey(bucket, id, KEY_TRUSTED, 0, lifetime, 0, NULL, NULL); } @@ -511,6 +542,49 @@ authistrusted( return TRUE; } + +/* + * authistrustedip - determine if the IP is OK for the keyid + */ + int + authistrustedip( + keyid_t keyno, + sockaddr_u * sau + ) +{ + symkey * sk; + symkey ** bucket; + KeyAccT * kal; + KeyAccT * k; + + if (keyno == cache_keyid) + kal = cache_keyacclist; + else { + authkeyuncached++; + bucket = &key_hash[KEYHASH(keyno)]; + for (sk = *bucket; sk != NULL; sk = sk->hlink) { + if (keyno == sk->keyid) + break; + } + if (NULL == sk || !(KEY_TRUSTED & sk->flags)) { + INSIST(!"authistrustedip: keyid not found/trusted!"); + return FALSE; + } + kal = sk->keyacclist; + } + + if (NULL == kal) + return TRUE; + + for (k = kal; k; k = k->next) { + if (SOCK_EQ(&k->addr, sau)) + return TRUE; + } + + return FALSE; +} + + /* Note: There are two locations below where 'strncpy()' is used. While * this function is a hazard by itself, it's essential that it is used * here. Bug 1243 involved that the secret was filled with NUL bytes @@ -527,7 +601,8 @@ MD5auth_setkey( keyid_t keyno, int keytype, const u_char *key, - size_t len + size_t len, + KeyAccT *ka ) { symkey * sk; @@ -553,6 +628,7 @@ MD5auth_setkey( sk->type = (u_short)keytype; secretsize = len; sk->secretsize = (u_short)secretsize; + sk->keyacclist = ka; #ifndef DISABLE_BUG1243_FIX memcpy(sk->secret, key, secretsize); #else @@ -563,6 +639,7 @@ MD5auth_setkey( if (cache_keyid == keyno) { cache_flags = 0; cache_keyid = 0; + cache_keyacclist = NULL; } return; } @@ -580,7 +657,7 @@ MD5auth_setkey( strncpy((char *)secret, (const char *)key, secretsize); #endif allocsymkey(bucket, keyno, 0, (u_short)keytype, 0, - (u_short)secretsize, secret); + (u_short)secretsize, secret, ka); #ifdef DEBUG if (debug >= 4) { size_t j; diff --git a/libntp/authreadkeys.c b/libntp/authreadkeys.c index 95a357a8c66..1d4ee305934 100644 --- a/libntp/authreadkeys.c +++ b/libntp/authreadkeys.c @@ -5,10 +5,12 @@ #include #include +#include "ntpd.h" /* Only for DPRINTF */ #include "ntp_fp.h" #include "ntp.h" #include "ntp_syslog.h" #include "ntp_stdlib.h" +#include "ntp_keyacc.h" #ifdef OPENSSL #include "openssl/objects.h" @@ -85,6 +87,7 @@ static void log_maybe(u_int*, const char*, ...) NTP_PRINTF(2, 3); typedef struct keydata KeyDataT; struct keydata { KeyDataT *next; /* queue/stack link */ + KeyAccT *keyacclist; /* key access list */ keyid_t keyid; /* stored key ID */ u_short keytype; /* stored key type */ u_short seclen; /* length of secret */ @@ -228,6 +231,7 @@ authreadkeys( len = strlen(token); if (len <= 20) { /* Bug 2537 */ next = emalloc(sizeof(KeyDataT) + len); + next->keyacclist = NULL; next->keyid = keyno; next->keytype = keytype; next->seclen = len; @@ -257,11 +261,48 @@ authreadkeys( } len = jlim/2; /* hmmmm.... what about odd length?!? */ next = emalloc(sizeof(KeyDataT) + len); + next->keyacclist = NULL; next->keyid = keyno; next->keytype = keytype; next->seclen = len; memcpy(next->secbuf, keystr, len); } + + token = nexttok(&line); +DPRINTF(0, ("authreadkeys: full access list <%s>\n", (token) ? token : "NULL")); + if (token != NULL) { /* A comma-separated IP access list */ + char *tp = token; + + while (tp) { + char *i; + KeyAccT ka; + + i = strchr(tp, (int)','); + if (i) + *i = '\0'; +DPRINTF(0, ("authreadkeys: access list: <%s>\n", tp)); + + if (is_ip_address(tp, AF_UNSPEC, &ka.addr)) { + KeyAccT *kap; + + kap = emalloc(sizeof(KeyAccT)); + memcpy(kap, &ka, sizeof ka); + kap->next = next->keyacclist; + next->keyacclist = kap; + } else { + log_maybe(&nerr, + "authreadkeys: invalid IP address <%s> for key %d", + tp, keyno); + } + + if (i) { + tp = i + 1; + } else { + tp = 0; + } + } + } + INSIST(NULL != next); next->next = list; list = next; @@ -286,7 +327,7 @@ authreadkeys( while (NULL != (next = list)) { list = next->next; MD5auth_setkey(next->keyid, next->keytype, - next->secbuf, next->seclen); + next->secbuf, next->seclen, next->keyacclist); /* purge secrets from memory before free()ing it */ memset(next, 0, sizeof(*next) + next->seclen); free(next); @@ -297,6 +338,14 @@ authreadkeys( /* Mop up temporary storage before bailing out. */ while (NULL != (next = list)) { list = next->next; + + while (next->keyacclist) { + KeyAccT *kap = next->keyacclist; + + next->keyacclist = kap->next; + free(kap); + } + /* purge secrets from memory before free()ing it */ memset(next, 0, sizeof(*next) + next->seclen); free(next); diff --git a/libntp/authusekey.c b/libntp/authusekey.c index 0ccf522b238..ff449d3df6f 100644 --- a/libntp/authusekey.c +++ b/libntp/authusekey.c @@ -29,6 +29,6 @@ authusekey( if (0 == len) return 0; - MD5auth_setkey(keyno, keytype, str, len); + MD5auth_setkey(keyno, keytype, str, len, NULL); return 1; } diff --git a/libntp/is_ip_address.c b/libntp/is_ip_address.c new file mode 100644 index 00000000000..1f2137645f7 --- /dev/null +++ b/libntp/is_ip_address.c @@ -0,0 +1,129 @@ +/* + * is_ip_address + * + */ + +#ifdef HAVE_CONFIG_H +# include +#endif + +#if 0 +#include +#include +#ifdef HAVE_FNMATCH_H +# include +# if !defined(FNM_CASEFOLD) && defined(FNM_IGNORECASE) +# define FNM_CASEFOLD FNM_IGNORECASE +# endif +#endif +#ifdef HAVE_SYS_PARAM_H +# include +#endif +#ifdef HAVE_SYS_IOCTL_H +# include +#endif +#ifdef HAVE_SYS_SOCKIO_H /* UXPV: SIOC* #defines (Frank Vance ) */ +# include +#endif +#ifdef HAVE_SYS_UIO_H +# include +#endif +#endif + +#include "ntp_assert.h" +#include "ntp_stdlib.h" +#include "safecast.h" + +#if 0 +#include "ntp_machine.h" +#include "ntpd.h" +#include "ntp_io.h" +#include "iosignal.h" +#include "ntp_lists.h" +#include "ntp_refclock.h" +#include "ntp_worker.h" +#include "ntp_request.h" +#include "timevalops.h" +#include "timespecops.h" +#include "ntpd-opts.h" +#endif + +/* Don't include ISC's version of IPv6 variables and structures */ +#define ISC_IPV6_H 1 +#include +#include +#include +#include +#include + + +/* + * Code to tell if we have an IP address + * If we have then return the sockaddr structure + * and set the return value + * see the bind9/getaddresses.c for details + */ +int +is_ip_address( + const char * host, + u_short af, + sockaddr_u * addr + ) +{ + struct in_addr in4; + struct addrinfo hints; + struct addrinfo *result; + struct sockaddr_in6 *resaddr6; + char tmpbuf[128]; + char *pch; + + REQUIRE(host != NULL); + REQUIRE(addr != NULL); + + ZERO_SOCK(addr); + + /* + * Try IPv4, then IPv6. In order to handle the extended format + * for IPv6 scoped addresses (address%scope_ID), we'll use a local + * working buffer of 128 bytes. The length is an ad-hoc value, but + * should be enough for this purpose; the buffer can contain a string + * of at least 80 bytes for scope_ID in addition to any IPv6 numeric + * addresses (up to 46 bytes), the delimiter character and the + * terminating NULL character. + */ + if (AF_UNSPEC == af || AF_INET == af) + if (inet_pton(AF_INET, host, &in4) == 1) { + AF(addr) = AF_INET; + SET_ADDR4N(addr, in4.s_addr); + + return TRUE; + } + + if (AF_UNSPEC == af || AF_INET6 == af) + if (sizeof(tmpbuf) > strlen(host)) { + if ('[' == host[0]) { + strlcpy(tmpbuf, &host[1], sizeof(tmpbuf)); + pch = strchr(tmpbuf, ']'); + if (pch != NULL) + *pch = '\0'; + } else { + strlcpy(tmpbuf, host, sizeof(tmpbuf)); + } + ZERO(hints); + hints.ai_family = AF_INET6; + hints.ai_flags |= AI_NUMERICHOST; + if (getaddrinfo(tmpbuf, NULL, &hints, &result) == 0) { + AF(addr) = AF_INET6; + resaddr6 = UA_PTR(struct sockaddr_in6, result->ai_addr); + SET_ADDR6N(addr, resaddr6->sin6_addr); + SET_SCOPE(addr, resaddr6->sin6_scope_id); + + freeaddrinfo(result); + return TRUE; + } + } + /* + * If we got here it was not an IP address + */ + return FALSE; +} diff --git a/libntp/ntp_worker.c b/libntp/ntp_worker.c index f5642e10dc1..087f06c9530 100644 --- a/libntp/ntp_worker.c +++ b/libntp/ntp_worker.c @@ -27,6 +27,8 @@ blocking_child ** blocking_children; size_t blocking_children_alloc; int worker_per_query; /* boolean */ int intres_req_pending; +volatile u_int blocking_child_ready_seen; +volatile u_int blocking_child_ready_done; #ifndef HAVE_IO_COMPLETION_PORT @@ -262,6 +264,31 @@ process_blocking_resp( req_child_exit(c); } +void +harvest_blocking_responses(void) +{ + int idx; + blocking_child* cp; + u_int scseen, scdone; + + scseen = blocking_child_ready_seen; + scdone = blocking_child_ready_done; + if (scdone != scseen) { + blocking_child_ready_done = scseen; + for (idx = 0; idx < blocking_children_alloc; idx++) { + cp = blocking_children[idx]; + if (NULL == cp) + continue; + scseen = cp->resp_ready_seen; + scdone = cp->resp_ready_done; + if (scdone != scseen) { + cp->resp_ready_done = scseen; + process_blocking_resp(cp); + } + } + } +} + /* * blocking_child_common runs as a forked child or a thread diff --git a/libntp/systime.c b/libntp/systime.c index c89d157cb2a..29f1e86375e 100644 --- a/libntp/systime.c +++ b/libntp/systime.c @@ -323,9 +323,18 @@ adj_systime( else quant = 1e-6; ticks = (long)(dtemp / quant + .5); - adjtv.tv_usec = (long)(ticks * quant * 1e6); - dtemp -= adjtv.tv_usec / 1e6; - sys_residual = dtemp; + adjtv.tv_usec = (long)(ticks * quant * 1.e6 + .5); + /* The rounding in the conversions could us push over the + * limits: make sure the result is properly normalised! + * note: sign comes later, all numbers non-negative here. + */ + if (adjtv.tv_usec >= 1000000) { + adjtv.tv_sec += 1; + adjtv.tv_usec -= 1000000; + dtemp -= 1.; + } + /* set the new residual with leftover from correction */ + sys_residual = dtemp - adjtv.tv_usec * 1.e-6; /* * Convert to signed seconds and microseconds for the Unix diff --git a/libntp/work_thread.c b/libntp/work_thread.c index 49e90c16c32..11e3267d4a8 100644 --- a/libntp/work_thread.c +++ b/libntp/work_thread.c @@ -25,12 +25,37 @@ #define CHILD_EXIT_REQ ((blocking_pipe_header *)(intptr_t)-1) #define CHILD_GONE_RESP CHILD_EXIT_REQ +/* Queue size increments: + * The request queue grows a bit faster than the response queue -- the + * deamon can push requests and pull results faster on avarage than the + * worker can process requests and push results... If this really pays + * off is debatable. + */ #define WORKITEMS_ALLOC_INC 16 #define RESPONSES_ALLOC_INC 4 +/* Fiddle with min/max stack sizes. 64kB minimum seems to work, so we + * set the maximum to 256kB. If the minimum goes below the + * system-defined minimum stack size, we have to adjust accordingly. + */ #ifndef THREAD_MINSTACKSIZE -#define THREAD_MINSTACKSIZE (64U * 1024) +# define THREAD_MINSTACKSIZE (64U * 1024) #endif +#ifndef __sun +#if defined(PTHREAD_STACK_MIN) && THREAD_MINSTACKSIZE < PTHREAD_STACK_MIN +# undef THREAD_MINSTACKSIZE +# define THREAD_MINSTACKSIZE PTHREAD_STACK_MIN +#endif +#endif + +#ifndef THREAD_MAXSTACKSIZE +# define THREAD_MAXSTACKSIZE (256U * 1024) +#endif +#if THREAD_MAXSTACKSIZE < THREAD_MINSTACKSIZE +# undef THREAD_MAXSTACKSIZE +# define THREAD_MAXSTACKSIZE THREAD_MINSTACKSIZE +#endif + #ifdef SYS_WINNT @@ -148,15 +173,19 @@ ensure_workitems_empty_slot( size_t new_alloc; size_t slots_used; + size_t sidx; slots_used = c->head_workitem - c->tail_workitem; if (slots_used >= c->workitems_alloc) { new_alloc = c->workitems_alloc + WORKITEMS_ALLOC_INC; c->workitems = erealloc(c->workitems, new_alloc * each); + for (sidx = c->workitems_alloc; sidx < new_alloc; ++sidx) + c->workitems[sidx] = NULL; c->tail_workitem = 0; c->head_workitem = c->workitems_alloc; c->workitems_alloc = new_alloc; } + INSIST(NULL == c->workitems[c->head_workitem % c->workitems_alloc]); return (0 == slots_used); } @@ -180,15 +209,19 @@ ensure_workresp_empty_slot( size_t new_alloc; size_t slots_used; + size_t sidx; slots_used = c->head_response - c->tail_response; if (slots_used >= c->responses_alloc) { new_alloc = c->responses_alloc + RESPONSES_ALLOC_INC; c->responses = erealloc(c->responses, new_alloc * each); + for (sidx = c->responses_alloc; sidx < new_alloc; ++sidx) + c->responses[sidx] = NULL; c->tail_response = 0; c->head_response = c->responses_alloc; c->responses_alloc = new_alloc; } + INSIST(NULL == c->responses[c->head_response % c->responses_alloc]); return (0 == slots_used); } @@ -478,11 +511,11 @@ start_blocking_thread_internal( # endif pthread_attr_t thr_attr; int rc; - int saved_errno; int pipe_ends[2]; /* read then write */ int is_pipe; int flags; - size_t stacksize; + size_t ostacksize; + size_t nstacksize; sigset_t saved_sig_mask; c->thread_ref = NULL; @@ -522,21 +555,29 @@ start_blocking_thread_internal( pthread_attr_setdetachstate(&thr_attr, PTHREAD_CREATE_DETACHED); #if defined(HAVE_PTHREAD_ATTR_GETSTACKSIZE) && \ defined(HAVE_PTHREAD_ATTR_SETSTACKSIZE) - rc = pthread_attr_getstacksize(&thr_attr, &stacksize); - if (-1 == rc) { + rc = pthread_attr_getstacksize(&thr_attr, &ostacksize); + if (0 != rc) { msyslog(LOG_ERR, - "start_blocking_thread: pthread_attr_getstacksize %m"); - } else if (stacksize < THREAD_MINSTACKSIZE) { - rc = pthread_attr_setstacksize(&thr_attr, - THREAD_MINSTACKSIZE); - if (-1 == rc) + "start_blocking_thread: pthread_attr_getstacksize() -> %s", + strerror(rc)); + } else { + if (ostacksize < THREAD_MINSTACKSIZE) + nstacksize = THREAD_MINSTACKSIZE; + else if (ostacksize > THREAD_MAXSTACKSIZE) + nstacksize = THREAD_MAXSTACKSIZE; + else + nstacksize = ostacksize; + if (nstacksize != ostacksize) + rc = pthread_attr_setstacksize(&thr_attr, nstacksize); + if (0 != rc) msyslog(LOG_ERR, - "start_blocking_thread: pthread_attr_setstacksize(0x%lx -> 0x%lx) %m", - (u_long)stacksize, - (u_long)THREAD_MINSTACKSIZE); + "start_blocking_thread: pthread_attr_setstacksize(0x%lx -> 0x%lx) -> %s", + (u_long)ostacksize, (u_long)nstacksize, + strerror(rc)); } #else - UNUSED_ARG(stacksize); + UNUSED_ARG(nstacksize); + UNUSED_ARG(ostacksize); #endif #if defined(PTHREAD_SCOPE_SYSTEM) && defined(NEED_PTHREAD_SCOPE_SYSTEM) pthread_attr_setscope(&thr_attr, PTHREAD_SCOPE_SYSTEM); @@ -545,12 +586,11 @@ start_blocking_thread_internal( block_thread_signals(&saved_sig_mask); rc = pthread_create(&c->thr_table[0], &thr_attr, &blocking_thread, c); - saved_errno = errno; pthread_sigmask(SIG_SETMASK, &saved_sig_mask, NULL); pthread_attr_destroy(&thr_attr); if (0 != rc) { - errno = saved_errno; - msyslog(LOG_ERR, "pthread_create() blocking child: %m"); + msyslog(LOG_ERR, "start_blocking_thread: pthread_create() -> %s", + strerror(rc)); exit(1); } c->thread_ref = &c->thr_table[0]; diff --git a/ntpd/invoke-ntp.conf.texi b/ntpd/invoke-ntp.conf.texi index 32b41e69e19..1d8a621629d 100644 --- a/ntpd/invoke-ntp.conf.texi +++ b/ntpd/invoke-ntp.conf.texi @@ -6,7 +6,7 @@ # # EDIT THIS FILE WITH CAUTION (invoke-ntp.conf.texi) # -# It has been AutoGen-ed January 7, 2016 at 11:30:49 PM by AutoGen 5.18.5 +# It has been AutoGen-ed January 20, 2016 at 04:17:59 AM by AutoGen 5.18.5 # From the definitions ntp.conf.def # and the template file agtexi-file.tpl @end ignore @@ -2294,8 +2294,8 @@ otherwise, should be avoided. @item @code{dscp} @kbd{value} This option specifies the Differentiated Services Control Point (DSCP) value, a 6-bit code. The default value is 46, signifying Expedited Forwarding. -@item @code{enable} @code{[@code{auth} | @code{bclient} | @code{calibrate} | @code{kernel} | @code{mode7} | @code{monitor} | @code{ntp} | @code{stats}]} -@item @code{disable} @code{[@code{auth} | @code{bclient} | @code{calibrate} | @code{kernel} | @code{mode7} | @code{monitor} | @code{ntp} | @code{stats}]} +@item @code{enable} @code{[@code{auth} | @code{bclient} | @code{calibrate} | @code{kernel} | @code{mode7} | @code{monitor} | @code{ntp} | @code{stats} | @code{unpeer_crypto_early} | @code{unpeer_crypto_nak_early} | @code{unpeer_digest_early}]} +@item @code{disable} @code{[@code{auth} | @code{bclient} | @code{calibrate} | @code{kernel} | @code{mode7} | @code{monitor} | @code{ntp} | @code{stats} | @code{unpeer_crypto_early} | @code{unpeer_crypto_nak_early} | @code{unpeer_digest_early}]} Provides a way to enable or disable various server options. Flags not mentioned are unaffected. Note that all of these flags @@ -2367,6 +2367,67 @@ See the section for further information. The default for this flag is @code{disable}. +@item @code{unpeer_crypto_early} +By default, if +@code{ntpd(1ntpdmdoc)} +receives an autokey packet that fails TEST9, +a crypto failure, +the association is immediately cleared. +This is almost certainly a feature, +but if, in spite of the current recommendation of not using autokey, +you are +.B still +using autokey +.B and +you are seeing this sort of DoS attack +disabling this flag will delay +tearing down the association until the reachability counter +becomes zero. +You can check your +@code{peerstats} +file for evidence of any of these attacks. +The +default for this flag is +@code{enable}. +@item @code{unpeer_crypto_nak_early} +By default, if +@code{ntpd(1ntpdmdoc)} +receives a crypto-NAK packet that +passes the duplicate packet and origin timestamp checks +the association is immediately cleared. +While this is generally a feature +as it allows for quick recovery if a server key has changed, +a properly forged and appropriately delivered crypto-NAK packet +can be used in a DoS attack. +If you have active noticable problems with this type of DoS attack +then you should consider +disabling this option. +You can check your +@code{peerstats} +file for evidence of any of these attacks. +The +default for this flag is +@code{enable}. +@item @code{unpeer_digest_early} +By default, if +@code{ntpd(1ntpdmdoc)} +receives what should be an authenticated packet +that passes other packet sanity checks but +contains an invalid digest +the association is immediately cleared. +While this is generally a feature +as it allows for quick recovery, +if this type of packet is carefully forged and sent +during an appropriate window it can be used for a DoS attack. +If you have active noticable problems with this type of DoS attack +then you should consider +disabling this option. +You can check your +@code{peerstats} +file for evidence of any of these attacks. +The +default for this flag is +@code{enable}. @end table @item @code{includefile} @kbd{includefile} This command allows additional configuration commands diff --git a/ntpd/invoke-ntp.keys.texi b/ntpd/invoke-ntp.keys.texi index b755d97a47f..915044e99f0 100644 --- a/ntpd/invoke-ntp.keys.texi +++ b/ntpd/invoke-ntp.keys.texi @@ -6,7 +6,7 @@ # # EDIT THIS FILE WITH CAUTION (invoke-ntp.keys.texi) # -# It has been AutoGen-ed January 7, 2016 at 11:30:52 PM by AutoGen 5.18.5 +# It has been AutoGen-ed January 20, 2016 at 04:18:02 AM by AutoGen 5.18.5 # From the definitions ntp.keys.def # and the template file agtexi-file.tpl @end ignore @@ -37,7 +37,7 @@ as the configuration file. Key entries use a fixed format of the form @example -@kbd{keyno} @kbd{type} @kbd{key} +@kbd{keyno} @kbd{type} @kbd{key} @kbd{opt_IP_list} @end example where @@ -47,7 +47,15 @@ is a positive integer (between 1 and 65534), is the message digest algorithm, and @kbd{key} -is the key itself. +is the key itself, and +@kbd{opt_IP_list} +is an optional comma-separated list of IPs +that are allowed to serve time. +If +@kbd{opt_IP_list} +is empty, +any properly-authenticated server message will be +accepted. The @kbd{key} diff --git a/ntpd/invoke-ntpd.texi b/ntpd/invoke-ntpd.texi index 66ce19dec1c..50e8f653a9b 100644 --- a/ntpd/invoke-ntpd.texi +++ b/ntpd/invoke-ntpd.texi @@ -6,7 +6,7 @@ # # EDIT THIS FILE WITH CAUTION (invoke-ntpd.texi) # -# It has been AutoGen-ed January 7, 2016 at 11:30:54 PM by AutoGen 5.18.5 +# It has been AutoGen-ed January 20, 2016 at 04:18:04 AM by AutoGen 5.18.5 # From the definitions ntpd-opts.def # and the template file agtexi-cmd.tpl @end ignore @@ -142,7 +142,7 @@ with a status code of 0. @exampleindent 0 @example -ntpd - NTP daemon program - Ver. 4.2.8p5 +ntpd - NTP daemon program - Ver. 4.2.8p6 Usage: ntpd [ - [] | --[@{=| @}] ]... \ [ ... ] Flg Arg Option-Name Description diff --git a/ntpd/keyword-gen-utd b/ntpd/keyword-gen-utd index 467351b65e3..99c72201e8b 100644 --- a/ntpd/keyword-gen-utd +++ b/ntpd/keyword-gen-utd @@ -1 +1 @@ - * Generated 2015-06-25 03:57:00 UTC diff_ignore_line + * Generated 2016-01-16 08:33:03 UTC diff_ignore_line diff --git a/ntpd/keyword-gen.c b/ntpd/keyword-gen.c index 42e94973f81..2e7f62129f6 100644 --- a/ntpd/keyword-gen.c +++ b/ntpd/keyword-gen.c @@ -202,6 +202,9 @@ struct key_tok ntp_keywords[] = { { "ntp", T_Ntp, FOLLBY_TOKEN }, { "mode7", T_Mode7, FOLLBY_TOKEN }, { "stats", T_Stats, FOLLBY_TOKEN }, +{ "unpeer_crypto_early", T_UEcrypto, FOLLBY_TOKEN }, +{ "unpeer_crypto_nak_early", T_UEcryptonak, FOLLBY_TOKEN }, +{ "unpeer_digest_early", T_UEdigest, FOLLBY_TOKEN }, /* rlimit_option */ { "memlock", T_Memlock, FOLLBY_TOKEN }, { "stacksize", T_Stacksize, FOLLBY_TOKEN }, diff --git a/ntpd/ntp.conf.5man b/ntpd/ntp.conf.5man index 6e6aa326bd9..1e5e464e63c 100644 --- a/ntpd/ntp.conf.5man +++ b/ntpd/ntp.conf.5man @@ -10,11 +10,11 @@ .ds B-Font B .ds I-Font I .ds R-Font R -.TH ntp.conf 5man "07 Jan 2016" "4.2.8p5" "File Formats" +.TH ntp.conf 5man "20 Jan 2016" "4.2.8p6" "File Formats" .\" -.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-8qayqp/ag-Vraqpp) +.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-gsaOxR/ag-XsaGwR) .\" -.\" It has been AutoGen-ed January 7, 2016 at 11:30:35 PM by AutoGen 5.18.5 +.\" It has been AutoGen-ed January 20, 2016 at 04:17:45 AM by AutoGen 5.18.5 .\" From the definitions ntp.conf.def .\" and the template file agman-cmd.tpl .SH NAME @@ -2573,9 +2573,9 @@ otherwise, should be avoided. This option specifies the Differentiated Services Control Point (DSCP) value, a 6-bit code. The default value is 46, signifying Expedited Forwarding. .TP 7 -.NOP \f\*[B-Font]enable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[]] +.NOP \f\*[B-Font]enable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[] | \f\*[B-Font]unpeer_crypto_early\f[] | \f\*[B-Font]unpeer_crypto_nak_early\f[] | \f\*[B-Font]unpeer_digest_early\f[]] .TP 7 -.NOP \f\*[B-Font]disable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[]] +.NOP \f\*[B-Font]disable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[] | \f\*[B-Font]unpeer_crypto_early\f[] | \f\*[B-Font]unpeer_crypto_nak_early\f[] | \f\*[B-Font]unpeer_digest_early\f[]] Provides a way to enable or disable various server options. Flags not mentioned are unaffected. Note that all of these flags @@ -2655,6 +2655,70 @@ See the section for further information. The default for this flag is \f\*[B-Font]disable\f[]. +.TP 7 +.NOP \f\*[B-Font]unpeer_crypto_early\f[] +By default, if +\fCntpd\f[]\fR(1ntpdmdoc)\f[] +receives an autokey packet that fails TEST9, +a crypto failure, +the association is immediately cleared. +This is almost certainly a feature, +but if, in spite of the current recommendation of not using autokey, +you are +.B still +using autokey +.B and +you are seeing this sort of DoS attack +disabling this flag will delay +tearing down the association until the reachability counter +becomes zero. +You can check your +\f\*[B-Font]peerstats\f[] +file for evidence of any of these attacks. +The +default for this flag is +\f\*[B-Font]enable\f[]. +.TP 7 +.NOP \f\*[B-Font]unpeer_crypto_nak_early\f[] +By default, if +\fCntpd\f[]\fR(1ntpdmdoc)\f[] +receives a crypto-NAK packet that +passes the duplicate packet and origin timestamp checks +the association is immediately cleared. +While this is generally a feature +as it allows for quick recovery if a server key has changed, +a properly forged and appropriately delivered crypto-NAK packet +can be used in a DoS attack. +If you have active noticable problems with this type of DoS attack +then you should consider +disabling this option. +You can check your +\f\*[B-Font]peerstats\f[] +file for evidence of any of these attacks. +The +default for this flag is +\f\*[B-Font]enable\f[]. +.TP 7 +.NOP \f\*[B-Font]unpeer_digest_early\f[] +By default, if +\fCntpd\f[]\fR(1ntpdmdoc)\f[] +receives what should be an authenticated packet +that passes other packet sanity checks but +contains an invalid digest +the association is immediately cleared. +While this is generally a feature +as it allows for quick recovery, +if this type of packet is carefully forged and sent +during an appropriate window it can be used for a DoS attack. +If you have active noticable problems with this type of DoS attack +then you should consider +disabling this option. +You can check your +\f\*[B-Font]peerstats\f[] +file for evidence of any of these attacks. +The +default for this flag is +\f\*[B-Font]enable\f[]. .RE .TP 7 .NOP \f\*[B-Font]includefile\f[] \f\*[I-Font]includefile\f[] @@ -3027,7 +3091,7 @@ RFC5905 .SH "AUTHORS" The University of Delaware and Network Time Foundation .SH "COPYRIGHT" -Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved. +Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved. This program is released under the terms of the NTP license, . .SH BUGS The syntax checking is not picky; some combinations of diff --git a/ntpd/ntp.conf.5mdoc b/ntpd/ntp.conf.5mdoc index 800e995e0f6..f2b418b3118 100644 --- a/ntpd/ntp.conf.5mdoc +++ b/ntpd/ntp.conf.5mdoc @@ -1,9 +1,9 @@ -.Dd January 7 2016 +.Dd January 20 2016 .Dt NTP_CONF 5mdoc File Formats .Os .\" EDIT THIS FILE WITH CAUTION (ntp.mdoc) .\" -.\" It has been AutoGen-ed January 7, 2016 at 11:30:57 PM by AutoGen 5.18.5 +.\" It has been AutoGen-ed January 20, 2016 at 04:18:07 AM by AutoGen 5.18.5 .\" From the definitions ntp.conf.def .\" and the template file agmdoc-cmd.tpl .Sh NAME @@ -2393,16 +2393,18 @@ a 6\-bit code. The default value is 46, signifying Expedited Forwarding. .Oo .Cm auth | Cm bclient | .Cm calibrate | Cm kernel | -.Cm mode7 | monitor | -.Cm ntp | Cm stats +.Cm mode7 | Cm monitor | +.Cm ntp | Cm stats | +.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early .Oc .Xc .It Xo Ic disable .Oo .Cm auth | Cm bclient | .Cm calibrate | Cm kernel | -.Cm mode7 | monitor | -.Cm ntp | Cm stats +.Cm mode7 | Cm monitor | +.Cm ntp | Cm stats | +.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early .Oc .Xc Provides a way to enable or disable various server options. @@ -2476,6 +2478,67 @@ See the section for further information. The default for this flag is .Ic disable . +.It Cm unpeer_crypto_early +By default, if +.Xr ntpd 1ntpdmdoc +receives an autokey packet that fails TEST9, +a crypto failure, +the association is immediately cleared. +This is almost certainly a feature, +but if, in spite of the current recommendation of not using autokey, +you are +.B still +using autokey +.B and +you are seeing this sort of DoS attack +disabling this flag will delay +tearing down the association until the reachability counter +becomes zero. +You can check your +.Cm peerstats +file for evidence of any of these attacks. +The +default for this flag is +.Ic enable . +.It Cm unpeer_crypto_nak_early +By default, if +.Xr ntpd 1ntpdmdoc +receives a crypto\-NAK packet that +passes the duplicate packet and origin timestamp checks +the association is immediately cleared. +While this is generally a feature +as it allows for quick recovery if a server key has changed, +a properly forged and appropriately delivered crypto\-NAK packet +can be used in a DoS attack. +If you have active noticable problems with this type of DoS attack +then you should consider +disabling this option. +You can check your +.Cm peerstats +file for evidence of any of these attacks. +The +default for this flag is +.Ic enable . +.It Cm unpeer_digest_early +By default, if +.Xr ntpd 1ntpdmdoc +receives what should be an authenticated packet +that passes other packet sanity checks but +contains an invalid digest +the association is immediately cleared. +While this is generally a feature +as it allows for quick recovery, +if this type of packet is carefully forged and sent +during an appropriate window it can be used for a DoS attack. +If you have active noticable problems with this type of DoS attack +then you should consider +disabling this option. +You can check your +.Cm peerstats +file for evidence of any of these attacks. +The +default for this flag is +.Ic enable . .El .It Ic includefile Ar includefile This command allows additional configuration commands @@ -2834,7 +2897,7 @@ A snapshot of this documentation is available in HTML format in .Sh "AUTHORS" The University of Delaware and Network Time Foundation .Sh "COPYRIGHT" -Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved. +Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved. This program is released under the terms of the NTP license, . .Sh BUGS The syntax checking is not picky; some combinations of diff --git a/ntpd/ntp.conf.def b/ntpd/ntp.conf.def index 43835bc7632..25d9fd09f40 100644 --- a/ntpd/ntp.conf.def +++ b/ntpd/ntp.conf.def @@ -2395,16 +2395,18 @@ a 6-bit code. The default value is 46, signifying Expedited Forwarding. .Oo .Cm auth | Cm bclient | .Cm calibrate | Cm kernel | -.Cm mode7 | monitor | -.Cm ntp | Cm stats +.Cm mode7 | Cm monitor | +.Cm ntp | Cm stats | +.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early .Oc .Xc .It Xo Ic disable .Oo .Cm auth | Cm bclient | .Cm calibrate | Cm kernel | -.Cm mode7 | monitor | -.Cm ntp | Cm stats +.Cm mode7 | Cm monitor | +.Cm ntp | Cm stats | +.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early .Oc .Xc Provides a way to enable or disable various server options. @@ -2478,6 +2480,67 @@ See the section for further information. The default for this flag is .Ic disable . +.It Cm unpeer_crypto_early +By default, if +.Xr ntpd 1ntpdmdoc +receives an autokey packet that fails TEST9, +a crypto failure, +the association is immediately cleared. +This is almost certainly a feature, +but if, in spite of the current recommendation of not using autokey, +you are +.B still +using autokey +.B and +you are seeing this sort of DoS attack +disabling this flag will delay +tearing down the association until the reachability counter +becomes zero. +You can check your +.Cm peerstats +file for evidence of any of these attacks. +The +default for this flag is +.Ic enable . +.It Cm unpeer_crypto_nak_early +By default, if +.Xr ntpd 1ntpdmdoc +receives a crypto-NAK packet that +passes the duplicate packet and origin timestamp checks +the association is immediately cleared. +While this is generally a feature +as it allows for quick recovery if a server key has changed, +a properly forged and appropriately delivered crypto-NAK packet +can be used in a DoS attack. +If you have active noticable problems with this type of DoS attack +then you should consider +disabling this option. +You can check your +.Cm peerstats +file for evidence of any of these attacks. +The +default for this flag is +.Ic enable . +.It Cm unpeer_digest_early +By default, if +.Xr ntpd 1ntpdmdoc +receives what should be an authenticated packet +that passes other packet sanity checks but +contains an invalid digest +the association is immediately cleared. +While this is generally a feature +as it allows for quick recovery, +if this type of packet is carefully forged and sent +during an appropriate window it can be used for a DoS attack. +If you have active noticable problems with this type of DoS attack +then you should consider +disabling this option. +You can check your +.Cm peerstats +file for evidence of any of these attacks. +The +default for this flag is +.Ic enable . .El .It Ic includefile Ar includefile This command allows additional configuration commands diff --git a/ntpd/ntp.conf.html b/ntpd/ntp.conf.html index d10a88d4e5e..c50f0e1eec6 100644 --- a/ntpd/ntp.conf.html +++ b/ntpd/ntp.conf.html @@ -33,7 +33,7 @@ Up: (dir)

This document describes the configuration file for the NTP Project's ntpd program. -

This document applies to version 4.2.8p5 of ntp.conf. +

This document applies to version 4.2.8p6 of ntp.conf.

Short Contents

@@ -2288,7 +2288,7 @@ drift file is located in, and that file system links, symbolic or otherwise, should be avoided.
dscp value
This option specifies the Differentiated Services Control Point (DSCP) value, a 6-bit code. The default value is 46, signifying Expedited Forwarding. -
enable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats]
disable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats]
Provides a way to enable or disable various server options. +
enable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats | unpeer_crypto_early | unpeer_crypto_nak_early | unpeer_digest_early]
disable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats | unpeer_crypto_early | unpeer_crypto_nak_early | unpeer_digest_early]
Provides a way to enable or disable various server options. Flags not mentioned are unaffected. Note that all of these flags can be controlled remotely using the @@ -2351,6 +2351,64 @@ See the section for further information. The default for this flag is disable. +
unpeer_crypto_early
By default, if +ntpd(1ntpdmdoc) +receives an autokey packet that fails TEST9, +a crypto failure, +the association is immediately cleared. +This is almost certainly a feature, +but if, in spite of the current recommendation of not using autokey, +you are +.B still +using autokey +.B and +you are seeing this sort of DoS attack +disabling this flag will delay +tearing down the association until the reachability counter +becomes zero. +You can check your +peerstats +file for evidence of any of these attacks. +The +default for this flag is +enable. +
unpeer_crypto_nak_early
By default, if +ntpd(1ntpdmdoc) +receives a crypto-NAK packet that +passes the duplicate packet and origin timestamp checks +the association is immediately cleared. +While this is generally a feature +as it allows for quick recovery if a server key has changed, +a properly forged and appropriately delivered crypto-NAK packet +can be used in a DoS attack. +If you have active noticable problems with this type of DoS attack +then you should consider +disabling this option. +You can check your +peerstats +file for evidence of any of these attacks. +The +default for this flag is +enable. +
unpeer_digest_early
By default, if +ntpd(1ntpdmdoc) +receives what should be an authenticated packet +that passes other packet sanity checks but +contains an invalid digest +the association is immediately cleared. +While this is generally a feature +as it allows for quick recovery, +if this type of packet is carefully forged and sent +during an appropriate window it can be used for a DoS attack. +If you have active noticable problems with this type of DoS attack +then you should consider +disabling this option. +You can check your +peerstats +file for evidence of any of these attacks. +The +default for this flag is +enable.
includefile includefile
This command allows additional configuration commands to be included from a separate file. diff --git a/ntpd/ntp.conf.man.in b/ntpd/ntp.conf.man.in index f701b41fd2b..7a5b7502d84 100644 --- a/ntpd/ntp.conf.man.in +++ b/ntpd/ntp.conf.man.in @@ -10,11 +10,11 @@ .ds B-Font B .ds I-Font I .ds R-Font R -.TH ntp.conf 5 "07 Jan 2016" "4.2.8p5" "File Formats" +.TH ntp.conf 5 "20 Jan 2016" "4.2.8p6" "File Formats" .\" -.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-8qayqp/ag-Vraqpp) +.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-gsaOxR/ag-XsaGwR) .\" -.\" It has been AutoGen-ed January 7, 2016 at 11:30:35 PM by AutoGen 5.18.5 +.\" It has been AutoGen-ed January 20, 2016 at 04:17:45 AM by AutoGen 5.18.5 .\" From the definitions ntp.conf.def .\" and the template file agman-cmd.tpl .SH NAME @@ -2573,9 +2573,9 @@ otherwise, should be avoided. This option specifies the Differentiated Services Control Point (DSCP) value, a 6-bit code. The default value is 46, signifying Expedited Forwarding. .TP 7 -.NOP \f\*[B-Font]enable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[]] +.NOP \f\*[B-Font]enable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[] | \f\*[B-Font]unpeer_crypto_early\f[] | \f\*[B-Font]unpeer_crypto_nak_early\f[] | \f\*[B-Font]unpeer_digest_early\f[]] .TP 7 -.NOP \f\*[B-Font]disable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[]] +.NOP \f\*[B-Font]disable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[] | \f\*[B-Font]unpeer_crypto_early\f[] | \f\*[B-Font]unpeer_crypto_nak_early\f[] | \f\*[B-Font]unpeer_digest_early\f[]] Provides a way to enable or disable various server options. Flags not mentioned are unaffected. Note that all of these flags @@ -2655,6 +2655,70 @@ See the section for further information. The default for this flag is \f\*[B-Font]disable\f[]. +.TP 7 +.NOP \f\*[B-Font]unpeer_crypto_early\f[] +By default, if +\fCntpd\f[]\fR(@NTPD_MS@)\f[] +receives an autokey packet that fails TEST9, +a crypto failure, +the association is immediately cleared. +This is almost certainly a feature, +but if, in spite of the current recommendation of not using autokey, +you are +.B still +using autokey +.B and +you are seeing this sort of DoS attack +disabling this flag will delay +tearing down the association until the reachability counter +becomes zero. +You can check your +\f\*[B-Font]peerstats\f[] +file for evidence of any of these attacks. +The +default for this flag is +\f\*[B-Font]enable\f[]. +.TP 7 +.NOP \f\*[B-Font]unpeer_crypto_nak_early\f[] +By default, if +\fCntpd\f[]\fR(@NTPD_MS@)\f[] +receives a crypto-NAK packet that +passes the duplicate packet and origin timestamp checks +the association is immediately cleared. +While this is generally a feature +as it allows for quick recovery if a server key has changed, +a properly forged and appropriately delivered crypto-NAK packet +can be used in a DoS attack. +If you have active noticable problems with this type of DoS attack +then you should consider +disabling this option. +You can check your +\f\*[B-Font]peerstats\f[] +file for evidence of any of these attacks. +The +default for this flag is +\f\*[B-Font]enable\f[]. +.TP 7 +.NOP \f\*[B-Font]unpeer_digest_early\f[] +By default, if +\fCntpd\f[]\fR(@NTPD_MS@)\f[] +receives what should be an authenticated packet +that passes other packet sanity checks but +contains an invalid digest +the association is immediately cleared. +While this is generally a feature +as it allows for quick recovery, +if this type of packet is carefully forged and sent +during an appropriate window it can be used for a DoS attack. +If you have active noticable problems with this type of DoS attack +then you should consider +disabling this option. +You can check your +\f\*[B-Font]peerstats\f[] +file for evidence of any of these attacks. +The +default for this flag is +\f\*[B-Font]enable\f[]. .RE .TP 7 .NOP \f\*[B-Font]includefile\f[] \f\*[I-Font]includefile\f[] @@ -3027,7 +3091,7 @@ RFC5905 .SH "AUTHORS" The University of Delaware and Network Time Foundation .SH "COPYRIGHT" -Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved. +Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved. This program is released under the terms of the NTP license, . .SH BUGS The syntax checking is not picky; some combinations of diff --git a/ntpd/ntp.conf.mdoc.in b/ntpd/ntp.conf.mdoc.in index 7ad4cc1b3a1..fe85d854883 100644 --- a/ntpd/ntp.conf.mdoc.in +++ b/ntpd/ntp.conf.mdoc.in @@ -1,9 +1,9 @@ -.Dd January 7 2016 +.Dd January 20 2016 .Dt NTP_CONF 5 File Formats .Os .\" EDIT THIS FILE WITH CAUTION (ntp.mdoc) .\" -.\" It has been AutoGen-ed January 7, 2016 at 11:30:57 PM by AutoGen 5.18.5 +.\" It has been AutoGen-ed January 20, 2016 at 04:18:07 AM by AutoGen 5.18.5 .\" From the definitions ntp.conf.def .\" and the template file agmdoc-cmd.tpl .Sh NAME @@ -2393,16 +2393,18 @@ a 6\-bit code. The default value is 46, signifying Expedited Forwarding. .Oo .Cm auth | Cm bclient | .Cm calibrate | Cm kernel | -.Cm mode7 | monitor | -.Cm ntp | Cm stats +.Cm mode7 | Cm monitor | +.Cm ntp | Cm stats | +.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early .Oc .Xc .It Xo Ic disable .Oo .Cm auth | Cm bclient | .Cm calibrate | Cm kernel | -.Cm mode7 | monitor | -.Cm ntp | Cm stats +.Cm mode7 | Cm monitor | +.Cm ntp | Cm stats | +.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early .Oc .Xc Provides a way to enable or disable various server options. @@ -2476,6 +2478,67 @@ See the section for further information. The default for this flag is .Ic disable . +.It Cm unpeer_crypto_early +By default, if +.Xr ntpd @NTPD_MS@ +receives an autokey packet that fails TEST9, +a crypto failure, +the association is immediately cleared. +This is almost certainly a feature, +but if, in spite of the current recommendation of not using autokey, +you are +.B still +using autokey +.B and +you are seeing this sort of DoS attack +disabling this flag will delay +tearing down the association until the reachability counter +becomes zero. +You can check your +.Cm peerstats +file for evidence of any of these attacks. +The +default for this flag is +.Ic enable . +.It Cm unpeer_crypto_nak_early +By default, if +.Xr ntpd @NTPD_MS@ +receives a crypto\-NAK packet that +passes the duplicate packet and origin timestamp checks +the association is immediately cleared. +While this is generally a feature +as it allows for quick recovery if a server key has changed, +a properly forged and appropriately delivered crypto\-NAK packet +can be used in a DoS attack. +If you have active noticable problems with this type of DoS attack +then you should consider +disabling this option. +You can check your +.Cm peerstats +file for evidence of any of these attacks. +The +default for this flag is +.Ic enable . +.It Cm unpeer_digest_early +By default, if +.Xr ntpd @NTPD_MS@ +receives what should be an authenticated packet +that passes other packet sanity checks but +contains an invalid digest +the association is immediately cleared. +While this is generally a feature +as it allows for quick recovery, +if this type of packet is carefully forged and sent +during an appropriate window it can be used for a DoS attack. +If you have active noticable problems with this type of DoS attack +then you should consider +disabling this option. +You can check your +.Cm peerstats +file for evidence of any of these attacks. +The +default for this flag is +.Ic enable . .El .It Ic includefile Ar includefile This command allows additional configuration commands @@ -2834,7 +2897,7 @@ A snapshot of this documentation is available in HTML format in .Sh "AUTHORS" The University of Delaware and Network Time Foundation .Sh "COPYRIGHT" -Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved. +Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved. This program is released under the terms of the NTP license, . .Sh BUGS The syntax checking is not picky; some combinations of diff --git a/ntpd/ntp.keys.5man b/ntpd/ntp.keys.5man index bb0028bd15b..6d270b611bb 100644 --- a/ntpd/ntp.keys.5man +++ b/ntpd/ntp.keys.5man @@ -1,8 +1,8 @@ -.TH ntp.keys 5man "07 Jan 2016" "4.2.8p5" "File Formats" +.TH ntp.keys 5man "20 Jan 2016" "4.2.8p6" "File Formats" .\" .\" EDIT THIS FILE WITH CAUTION (ntp.man) .\" -.\" It has been AutoGen-ed January 7, 2016 at 11:30:41 PM by AutoGen 5.18.5 +.\" It has been AutoGen-ed January 20, 2016 at 04:17:51 AM by AutoGen 5.18.5 .\" From the definitions ntp.keys.def .\" and the template file agman-file.tpl .Sh NAME @@ -66,7 +66,7 @@ Key entries use a fixed format of the form .ne 2 .in +4 -\f\*[I-Font]keyno\f[] \f\*[I-Font]type\f[] \f\*[I-Font]key\f[] +\f\*[I-Font]keyno\f[] \f\*[I-Font]type\f[] \f\*[I-Font]key\f[] \f\*[I-Font]opt_IP_list\f[] .in -4 .sp \n(Ppu .ne 2 @@ -78,7 +78,15 @@ is a positive integer (between 1 and 65534), is the message digest algorithm, and \f\*[I-Font]key\f[] -is the key itself. +is the key itself, and +\f\*[I-Font]opt_IP_list\f[] +is an optional comma-separated list of IPs +that are allowed to serve time. +If +\f\*[I-Font]opt_IP_list\f[] +is empty, +any properly-authenticated server message will be +accepted. .sp \n(Ppu .ne 2 @@ -160,7 +168,7 @@ the default name of the configuration file .SH "AUTHORS" The University of Delaware and Network Time Foundation .SH "COPYRIGHT" -Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved. +Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved. This program is released under the terms of the NTP license, . .SH "BUGS" Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org diff --git a/ntpd/ntp.keys.5mdoc b/ntpd/ntp.keys.5mdoc index 9524989cb1a..6091e0959df 100644 --- a/ntpd/ntp.keys.5mdoc +++ b/ntpd/ntp.keys.5mdoc @@ -1,9 +1,9 @@ -.Dd January 7 2016 +.Dd January 20 2016 .Dt NTP_KEYS 5mdoc File Formats .Os SunOS 5.10 .\" EDIT THIS FILE WITH CAUTION (ntp.mdoc) .\" -.\" It has been AutoGen-ed January 7, 2016 at 11:31:00 PM by AutoGen 5.18.5 +.\" It has been AutoGen-ed January 20, 2016 at 04:18:10 AM by AutoGen 5.18.5 .\" From the definitions ntp.keys.def .\" and the template file agmdoc-file.tpl .Sh NAME @@ -44,7 +44,7 @@ The key file uses the same comment conventions as the configuration file. Key entries use a fixed format of the form .Pp -.D1 Ar keyno type key +.D1 Ar keyno type key opt_IP_list .Pp where .Ar keyno @@ -53,7 +53,15 @@ is a positive integer (between 1 and 65534), is the message digest algorithm, and .Ar key -is the key itself. +is the key itself, and +.Ar opt_IP_list +is an optional comma\-separated list of IPs +that are allowed to serve time. +If +.Ar opt_IP_list +is empty, +any properly\-authenticated server message will be +accepted. .Pp The .Ar key @@ -147,7 +155,7 @@ it to autogen\-users@lists.sourceforge.net. Thank you. .Sh "AUTHORS" The University of Delaware and Network Time Foundation .Sh "COPYRIGHT" -Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved. +Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved. This program is released under the terms of the NTP license, . .Sh "BUGS" Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org diff --git a/ntpd/ntp.keys.def b/ntpd/ntp.keys.def index dcb3d55ead9..efe774c2e54 100644 --- a/ntpd/ntp.keys.def +++ b/ntpd/ntp.keys.def @@ -43,7 +43,7 @@ The key file uses the same comment conventions as the configuration file. Key entries use a fixed format of the form .Pp -.D1 Ar keyno type key +.D1 Ar keyno type key opt_IP_list .Pp where .Ar keyno @@ -52,7 +52,15 @@ is a positive integer (between 1 and 65534), is the message digest algorithm, and .Ar key -is the key itself. +is the key itself, and +.Ar opt_IP_list +is an optional comma-separated list of IPs +that are allowed to serve time. +If +.Ar opt_IP_list +is empty, +any properly-authenticated server message will be +accepted. .Pp The .Ar key diff --git a/ntpd/ntp.keys.html b/ntpd/ntp.keys.html index 738f9e03e73..409e7fcaf16 100644 --- a/ntpd/ntp.keys.html +++ b/ntpd/ntp.keys.html @@ -33,7 +33,7 @@ Up: (dir)

This document describes the symmetric key file for the NTP Project's ntpd program. -

This document applies to version 4.2.8p5 of ntp.keys. +

This document applies to version 4.2.8p6 of ntp.keys.

Short Contents

@@ -93,7 +93,7 @@ may be arbitrarily set in the keys file. as the configuration file. Key entries use a fixed format of the form -
     keyno type key
+
     keyno type key opt_IP_list
 

where keyno @@ -102,7 +102,15 @@ is a positive integer (between 1 and 65534), is the message digest algorithm, and key -is the key itself. +is the key itself, and +opt_IP_list +is an optional comma-separated list of IPs +that are allowed to serve time. +If +opt_IP_list +is empty, +any properly-authenticated server message will be +accepted.

The key diff --git a/ntpd/ntp.keys.man.in b/ntpd/ntp.keys.man.in index 78d5f091d32..2e97e270f98 100644 --- a/ntpd/ntp.keys.man.in +++ b/ntpd/ntp.keys.man.in @@ -1,8 +1,8 @@ -.TH ntp.keys 5 "07 Jan 2016" "4.2.8p5" "File Formats" +.TH ntp.keys 5 "20 Jan 2016" "4.2.8p6" "File Formats" .\" .\" EDIT THIS FILE WITH CAUTION (ntp.man) .\" -.\" It has been AutoGen-ed January 7, 2016 at 11:30:41 PM by AutoGen 5.18.5 +.\" It has been AutoGen-ed January 20, 2016 at 04:17:51 AM by AutoGen 5.18.5 .\" From the definitions ntp.keys.def .\" and the template file agman-file.tpl .Sh NAME @@ -66,7 +66,7 @@ Key entries use a fixed format of the form .ne 2 .in +4 -\f\*[I-Font]keyno\f[] \f\*[I-Font]type\f[] \f\*[I-Font]key\f[] +\f\*[I-Font]keyno\f[] \f\*[I-Font]type\f[] \f\*[I-Font]key\f[] \f\*[I-Font]opt_IP_list\f[] .in -4 .sp \n(Ppu .ne 2 @@ -78,7 +78,15 @@ is a positive integer (between 1 and 65534), is the message digest algorithm, and \f\*[I-Font]key\f[] -is the key itself. +is the key itself, and +\f\*[I-Font]opt_IP_list\f[] +is an optional comma-separated list of IPs +that are allowed to serve time. +If +\f\*[I-Font]opt_IP_list\f[] +is empty, +any properly-authenticated server message will be +accepted. .sp \n(Ppu .ne 2 @@ -160,7 +168,7 @@ the default name of the configuration file .SH "AUTHORS" The University of Delaware and Network Time Foundation .SH "COPYRIGHT" -Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved. +Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved. This program is released under the terms of the NTP license, . .SH "BUGS" Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org diff --git a/ntpd/ntp.keys.mdoc.in b/ntpd/ntp.keys.mdoc.in index 40c821e517d..3b4fa2ceb9d 100644 --- a/ntpd/ntp.keys.mdoc.in +++ b/ntpd/ntp.keys.mdoc.in @@ -1,9 +1,9 @@ -.Dd January 7 2016 +.Dd January 20 2016 .Dt NTP_KEYS 5 File Formats .Os SunOS 5.10 .\" EDIT THIS FILE WITH CAUTION (ntp.mdoc) .\" -.\" It has been AutoGen-ed January 7, 2016 at 11:31:00 PM by AutoGen 5.18.5 +.\" It has been AutoGen-ed January 20, 2016 at 04:18:10 AM by AutoGen 5.18.5 .\" From the definitions ntp.keys.def .\" and the template file agmdoc-file.tpl .Sh NAME @@ -44,7 +44,7 @@ The key file uses the same comment conventions as the configuration file. Key entries use a fixed format of the form .Pp -.D1 Ar keyno type key +.D1 Ar keyno type key opt_IP_list .Pp where .Ar keyno @@ -53,7 +53,15 @@ is a positive integer (between 1 and 65534), is the message digest algorithm, and .Ar key -is the key itself. +is the key itself, and +.Ar opt_IP_list +is an optional comma\-separated list of IPs +that are allowed to serve time. +If +.Ar opt_IP_list +is empty, +any properly\-authenticated server message will be +accepted. .Pp The .Ar key @@ -147,7 +155,7 @@ it to autogen\-users@lists.sourceforge.net. Thank you. .Sh "AUTHORS" The University of Delaware and Network Time Foundation .Sh "COPYRIGHT" -Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved. +Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved. This program is released under the terms of the NTP license, . .Sh "BUGS" Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org diff --git a/ntpd/ntp_config.c b/ntpd/ntp_config.c index 1c754bd1613..cb327374698 100644 --- a/ntpd/ntp_config.c +++ b/ntpd/ntp_config.c @@ -53,6 +53,8 @@ #include "ntp_parser.h" #include "ntpd-opts.h" +extern int yyparse(void); + /* Bug 2817 */ #if defined(HAVE_SYS_MMAN_H) # include @@ -2981,6 +2983,18 @@ apply_enable_disable( proto_config(PROTO_FILEGEN, enable, 0., NULL); break; + case T_UEcrypto: + proto_config(PROTO_UECRYPTO, enable, 0., NULL); + break; + + case T_UEcryptonak: + proto_config(PROTO_UECRYPTONAK, enable, 0., NULL); + break; + + case T_UEdigest: + proto_config(PROTO_UEDIGEST, enable, 0., NULL); + break; + #ifdef BC_LIST_FRAMEWORK_NOT_YET_USED case T_Bc_bugXXXX: pentry = bc_list; diff --git a/ntpd/ntp_control.c b/ntpd/ntp_control.c index 2e174d0210a..e5a567e789d 100644 --- a/ntpd/ntp_control.c +++ b/ntpd/ntp_control.c @@ -75,6 +75,7 @@ static void ctl_putarray (const char *, double *, int); static void ctl_putsys (int); static void ctl_putpeer (int, struct peer *); static void ctl_putfs (const char *, tstamp_t); +static void ctl_printf (const char *, ...) NTP_PRINTF(1, 2); #ifdef REFCLOCK static void ctl_putclock (int, struct refclockstat *, int); #endif /* REFCLOCK */ @@ -111,6 +112,8 @@ static void unset_trap (struct recvbuf *, int); static struct ctl_trap *ctlfindtrap(sockaddr_u *, struct interface *); +int/*BOOL*/ is_safe_filename(const char * name); + static const struct ctl_proc control_codes[] = { { CTL_OP_UNSPEC, NOAUTH, control_unspec }, { CTL_OP_READSTAT, NOAUTH, read_status }, @@ -873,10 +876,66 @@ ctl_error( CTL_HEADER_LEN); } +int/*BOOL*/ +is_safe_filename(const char * name) +{ + /* We need a strict validation of filenames we should write: The + * daemon might run with special permissions and is remote + * controllable, so we better take care what we allow as file + * name! + * + * The first character must be digit or a letter from the ASCII + * base plane or a '_' ([_A-Za-z0-9]), the following characters + * must be from [-._+A-Za-z0-9]. + * + * We do not trust the character classification much here: Since + * the NTP protocol makes no provisions for UTF-8 or local code + * pages, we strictly require the 7bit ASCII code page. + * + * The following table is a packed bit field of 128 two-bit + * groups. The LSB in each group tells us if a character is + * acceptable at the first position, the MSB if the character is + * accepted at any other position. + * + * This does not ensure that the file name is syntactically + * correct (multiple dots will not work with VMS...) but it will + * exclude potential globbing bombs and directory traversal. It + * also rules out drive selection. (For systems that have this + * notion, like Windows or VMS.) + */ + static const uint32_t chclass[8] = { + 0x00000000, 0x00000000, + 0x28800000, 0x000FFFFF, + 0xFFFFFFFC, 0xC03FFFFF, + 0xFFFFFFFC, 0x003FFFFF + }; + + u_int widx, bidx, mask; + if (!*name) + return FALSE; + + mask = 1u; + while (0 != (widx = (u_char)*name++)) { + bidx = (widx & 15) << 1; + widx = widx >> 4; + if (widx >= sizeof(chclass)) + return FALSE; + if (0 == ((chclass[widx] >> bidx) & mask)) + return FALSE; + mask |= 2u; + } + return TRUE; +} + + /* * save_config - Implements ntpq -c "saveconfig " * Writes current configuration including any runtime * changes by ntpq's :config or config-from-file + * + * Note: There should be no buffer overflow or truncation in the + * processing of file names -- both cause security problems. This is bit + * painful to code but essential here. */ void save_config( @@ -904,24 +963,38 @@ save_config( "\\/" /* separator and critical char for POSIX */ #endif ; - - char reply[128]; #ifdef SAVECONFIG + static const char savedconfig_eq[] = "savedconfig="; + + /* Build a safe open mode from the available mode flags. We want + * to create a new file and write it in text mode (when + * applicable -- only Windows does this...) + */ + static const int openmode = O_CREAT | O_TRUNC | O_WRONLY +# if defined(O_EXCL) /* posix, vms */ + | O_EXCL +# elif defined(_O_EXCL) /* windows is alway very special... */ + | _O_EXCL +# endif +# if defined(_O_TEXT) /* windows, again */ + | _O_TEXT +#endif + ; + char filespec[128]; char filename[128]; char fullpath[512]; - const char savedconfig_eq[] = "savedconfig="; char savedconfig[sizeof(savedconfig_eq) + sizeof(filename)]; time_t now; int fd; FILE *fptr; + int prc; + size_t reqlen; #endif if (RES_NOMODIFY & restrict_mask) { - snprintf(reply, sizeof(reply), - "saveconfig prohibited by restrict ... nomodify"); - ctl_putdata(reply, strlen(reply), 0); + ctl_printf("%s", "saveconfig prohibited by restrict ... nomodify"); ctl_flushpkt(0); NLOG(NLOG_SYSINFO) msyslog(LOG_NOTICE, @@ -933,9 +1006,7 @@ save_config( #ifdef SAVECONFIG if (NULL == saveconfigdir) { - snprintf(reply, sizeof(reply), - "saveconfig prohibited, no saveconfigdir configured"); - ctl_putdata(reply, strlen(reply), 0); + ctl_printf("%s", "saveconfig prohibited, no saveconfigdir configured"); ctl_flushpkt(0); NLOG(NLOG_SYSINFO) msyslog(LOG_NOTICE, @@ -944,21 +1015,79 @@ save_config( return; } - if (0 == reqend - reqpt) + /* The length checking stuff gets serious. Do not assume a NUL + * byte can be found, but if so, use it to calculate the needed + * buffer size. If the available buffer is too short, bail out; + * likewise if there is no file spec. (The latter will not + * happen when using NTPQ, but there are other ways to craft a + * network packet!) + */ + reqlen = (size_t)(reqend - reqpt); + if (0 != reqlen) { + char * nulpos = (char*)memchr(reqpt, 0, reqlen); + if (NULL != nulpos) + reqlen = (size_t)(nulpos - reqpt); + } + if (0 == reqlen) return; + if (reqlen >= sizeof(filespec)) { + ctl_printf("saveconfig exceeded maximum raw name length (%u)", + (u_int)sizeof(filespec)); + ctl_flushpkt(0); + msyslog(LOG_NOTICE, + "saveconfig exceeded maximum raw name length from %s", + stoa(&rbufp->recv_srcadr)); + return; + } - strlcpy(filespec, reqpt, sizeof(filespec)); - time(&now); - + /* copy data directly as we exactly know the size */ + memcpy(filespec, reqpt, reqlen); + filespec[reqlen] = '\0'; + /* * allow timestamping of the saved config filename with * strftime() format such as: * ntpq -c "saveconfig ntp-%Y%m%d-%H%M%S.conf" * XXX: Nice feature, but not too safe. + * YYY: The check for permitted characters in file names should + * weed out the worst. Let's hope 'strftime()' does not + * develop pathological problems. */ + time(&now); if (0 == strftime(filename, sizeof(filename), filespec, - localtime(&now))) + localtime(&now))) + { + /* + * If we arrive here, 'strftime()' balked; most likely + * the buffer was too short. (Or it encounterd an empty + * format, or just a format that expands to an empty + * string.) We try to use the original name, though this + * is very likely to fail later if there are format + * specs in the string. Note that truncation cannot + * happen here as long as both buffers have the same + * size! + */ strlcpy(filename, filespec, sizeof(filename)); + } + + /* + * Check the file name for sanity. This might/will rule out file + * names that would be legal but problematic, and it blocks + * directory traversal. + */ + if (!is_safe_filename(filename)) { + ctl_printf("saveconfig rejects unsafe file name '%s'", + filename); + ctl_flushpkt(0); + msyslog(LOG_NOTICE, + "saveconfig rejects unsafe file name from %s", + stoa(&rbufp->recv_srcadr)); + return; + } + + /* + * XXX: This next test may not be needed with is_safe_filename() + */ /* block directory/drive traversal */ /* TALOS-CAN-0062: block directory traversal for VMS, too */ @@ -968,38 +1097,49 @@ save_config( ctl_putdata(reply, strlen(reply), 0); ctl_flushpkt(0); msyslog(LOG_NOTICE, - "saveconfig with path from %s rejected", + "saveconfig rejects unsafe file name from %s", stoa(&rbufp->recv_srcadr)); return; } - snprintf(fullpath, sizeof(fullpath), "%s%s", - saveconfigdir, filename); + /* concatenation of directory and path can cause another + * truncation... + */ + prc = snprintf(fullpath, sizeof(fullpath), "%s%s", + saveconfigdir, filename); + if (prc < 0 || prc >= sizeof(fullpath)) { + ctl_printf("saveconfig exceeded maximum path length (%u)", + (u_int)sizeof(fullpath)); + ctl_flushpkt(0); + msyslog(LOG_NOTICE, + "saveconfig exceeded maximum path length from %s", + stoa(&rbufp->recv_srcadr)); + return; + } - fd = open(fullpath, O_CREAT | O_TRUNC | O_WRONLY, - S_IRUSR | S_IWUSR); + fd = open(fullpath, openmode, S_IRUSR | S_IWUSR); if (-1 == fd) fptr = NULL; else fptr = fdopen(fd, "w"); if (NULL == fptr || -1 == dump_all_config_trees(fptr, 1)) { - snprintf(reply, sizeof(reply), - "Unable to save configuration to file %s", - filename); + ctl_printf("Unable to save configuration to file '%s': %m", + filename); msyslog(LOG_ERR, "saveconfig %s from %s failed", filename, stoa(&rbufp->recv_srcadr)); } else { - snprintf(reply, sizeof(reply), - "Configuration saved to %s", filename); + ctl_printf("Configuration saved to '%s'", filename); msyslog(LOG_NOTICE, - "Configuration saved to %s (requested by %s)", + "Configuration saved to '%s' (requested by %s)", fullpath, stoa(&rbufp->recv_srcadr)); /* * save the output filename in system variable * savedconfig, retrieved with: * ntpq -c "rv 0 savedconfig" + * Note: the way 'savedconfig' is defined makes overflow + * checks unnecessary here. */ snprintf(savedconfig, sizeof(savedconfig), "%s%s", savedconfig_eq, filename); @@ -1009,11 +1149,9 @@ save_config( if (NULL != fptr) fclose(fptr); #else /* !SAVECONFIG follows */ - snprintf(reply, sizeof(reply), - "saveconfig unavailable, configured with --disable-saveconfig"); -#endif - - ctl_putdata(reply, strlen(reply), 0); + ctl_printf("%s", + "saveconfig unavailable, configured with --disable-saveconfig"); +#endif ctl_flushpkt(0); } @@ -1757,6 +1895,29 @@ ctl_putarray( ctl_putdata(buffer, (unsigned)(cp - buffer), 0); } +/* + * ctl_printf - put a formatted string into the data buffer + */ +static void +ctl_printf( + const char * fmt, + ... + ) +{ + static const char * ellipsis = "[...]"; + va_list va; + char fmtbuf[128]; + int rc; + + va_start(va, fmt); + rc = vsnprintf(fmtbuf, sizeof(fmtbuf), fmt, va); + va_end(va); + if (rc < 0 || rc >= sizeof(fmtbuf)) + strcpy(fmtbuf + sizeof(fmtbuf) - strlen(ellipsis) - 1, + ellipsis); + ctl_putdata(fmtbuf, strlen(fmtbuf), 0); +} + /* * ctl_putsys - output a system variable diff --git a/ntpd/ntp_crypto.c b/ntpd/ntp_crypto.c index 7dd39a7c93a..86541bdc16c 100644 --- a/ntpd/ntp_crypto.c +++ b/ntpd/ntp_crypto.c @@ -269,7 +269,7 @@ session_key( memcpy(&keyid, dgst, 4); keyid = ntohl(keyid); if (lifetime != 0) { - MD5auth_setkey(keyno, crypto_nid, dgst, len); + MD5auth_setkey(keyno, crypto_nid, dgst, len, NULL); authtrust(keyno, lifetime); } DPRINTF(2, ("session_key: %s > %s %08x %08x hash %08x life %lu\n", diff --git a/ntpd/ntp_io.c b/ntpd/ntp_io.c index dd23459dff3..ee52b1a5c38 100644 --- a/ntpd/ntp_io.c +++ b/ntpd/ntp_io.c @@ -62,6 +62,9 @@ # endif #endif +#if defined(HAVE_SIGNALED_IO) && defined(DEBUG_TIMING) +# undef DEBUG_TIMING +#endif /* * setsockopt does not always have the same arg declaration @@ -280,9 +283,12 @@ static int addr_samesubnet (const sockaddr_u *, const sockaddr_u *, const sockaddr_u *, const sockaddr_u *); static int create_sockets (u_short); static SOCKET open_socket (sockaddr_u *, int, int, endpt *); -static char * fdbits (int, fd_set *); static void set_reuseaddr (int); static isc_boolean_t socket_broadcast_enable (struct interface *, SOCKET, sockaddr_u *); + +#if !defined(HAVE_IO_COMPLETION_PORT) && !defined(HAVE_SIGNALED_IO) +static char * fdbits (int, const fd_set *); +#endif #ifdef OS_MISSES_SPECIFIC_ROUTE_UPDATES static isc_boolean_t socket_broadcast_disable (struct interface *, sockaddr_u *); #endif @@ -337,12 +343,15 @@ static int cmp_addr_distance(const sockaddr_u *, #if !defined(HAVE_IO_COMPLETION_PORT) static inline int read_network_packet (SOCKET, struct interface *, l_fp); static void ntpd_addremove_io_fd (int, int, int); -static input_handler_t input_handler; +static void input_handler_scan (const l_fp*, const fd_set*); +static int/*BOOL*/ sanitize_fdset (int errc); #ifdef REFCLOCK static inline int read_refclock_packet (SOCKET, struct refclockio *, l_fp); #endif +#ifdef HAVE_SIGNALED_IO +static void input_handler (l_fp*); +#endif #endif - #ifndef HAVE_IO_COMPLETION_PORT @@ -455,11 +464,9 @@ init_io(void) addremove_io_fd = &ntpd_addremove_io_fd; #endif -#ifdef SYS_WINNT +#if defined(SYS_WINNT) init_io_completion_port(); -#endif - -#if defined(HAVE_SIGNALED_IO) +#elif defined(HAVE_SIGNALED_IO) (void) set_signal(input_handler); #endif } @@ -475,7 +482,8 @@ ntpd_addremove_io_fd( UNUSED_ARG(is_pipe); #ifdef HAVE_SIGNALED_IO - init_socket_sig(fd); + if (!remove_it) + init_socket_sig(fd); #endif /* not HAVE_SIGNALED_IO */ maintain_activefds(fd, remove_it); @@ -716,78 +724,6 @@ addr_samesubnet( } -/* - * Code to tell if we have an IP address - * If we have then return the sockaddr structure - * and set the return value - * see the bind9/getaddresses.c for details - */ -int -is_ip_address( - const char * host, - u_short af, - sockaddr_u * addr - ) -{ - struct in_addr in4; - struct addrinfo hints; - struct addrinfo *result; - struct sockaddr_in6 *resaddr6; - char tmpbuf[128]; - char *pch; - - REQUIRE(host != NULL); - REQUIRE(addr != NULL); - - ZERO_SOCK(addr); - - /* - * Try IPv4, then IPv6. In order to handle the extended format - * for IPv6 scoped addresses (address%scope_ID), we'll use a local - * working buffer of 128 bytes. The length is an ad-hoc value, but - * should be enough for this purpose; the buffer can contain a string - * of at least 80 bytes for scope_ID in addition to any IPv6 numeric - * addresses (up to 46 bytes), the delimiter character and the - * terminating NULL character. - */ - if (AF_UNSPEC == af || AF_INET == af) - if (inet_pton(AF_INET, host, &in4) == 1) { - AF(addr) = AF_INET; - SET_ADDR4N(addr, in4.s_addr); - - return TRUE; - } - - if (AF_UNSPEC == af || AF_INET6 == af) - if (sizeof(tmpbuf) > strlen(host)) { - if ('[' == host[0]) { - strlcpy(tmpbuf, &host[1], sizeof(tmpbuf)); - pch = strchr(tmpbuf, ']'); - if (pch != NULL) - *pch = '\0'; - } else { - strlcpy(tmpbuf, host, sizeof(tmpbuf)); - } - ZERO(hints); - hints.ai_family = AF_INET6; - hints.ai_flags |= AI_NUMERICHOST; - if (getaddrinfo(tmpbuf, NULL, &hints, &result) == 0) { - AF(addr) = AF_INET6; - resaddr6 = UA_PTR(struct sockaddr_in6, result->ai_addr); - SET_ADDR6N(addr, resaddr6->sin6_addr); - SET_SCOPE(addr, resaddr6->sin6_scope_id); - - freeaddrinfo(result); - return TRUE; - } - } - /* - * If we got here it was not an IP address - */ - return FALSE; -} - - /* * interface list enumerator - visitor pattern */ @@ -2354,6 +2290,7 @@ get_broadcastclient_flag(void) { return (broadcast_client_enabled); } + /* * Check to see if the address is a multicast address */ @@ -3204,15 +3141,15 @@ sendpkt( } -#if !defined(HAVE_IO_COMPLETION_PORT) +#if !defined(HAVE_IO_COMPLETION_PORT) && !defined(HAVE_SIGNALED_IO) /* * fdbits - generate ascii representation of fd_set (FAU debug support) * HFDF format - highest fd first. */ static char * fdbits( - int count, - fd_set *set + int count, + const fd_set* set ) { static char buffer[256]; @@ -3228,7 +3165,7 @@ fdbits( return buffer; } - +#endif #ifdef REFCLOCK /* @@ -3265,7 +3202,7 @@ read_refclock_packet( /* TALOS-CAN-0064: avoid signed/unsigned clashes that can lead * to buffer overrun and memory corruption */ - if (rp->datalen <= 0 || rp->datalen > sizeof(rb->recv_space)) + if (rp->datalen <= 0 || (size_t)rp->datalen > sizeof(rb->recv_space)) read_count = sizeof(rb->recv_space); else read_count = (u_int)rp->datalen; @@ -3582,6 +3519,7 @@ io_handler(void) * and - lacking a hardware reference clock - I have * yet to learn about anything else that is. */ + ++handler_calls; rdfdes = activefds; # if !defined(VMS) && !defined(SYS_VXWORKS) nfound = select(maxactivefd + 1, &rdfdes, NULL, @@ -3590,20 +3528,29 @@ io_handler(void) /* make select() wake up after one second */ { struct timeval t1; - - t1.tv_sec = 1; + t1.tv_sec = 1; t1.tv_usec = 0; nfound = select(maxactivefd + 1, &rdfdes, NULL, NULL, &t1); } # endif /* VMS, VxWorks */ + if (nfound < 0 && sanitize_fdset(errno)) { + struct timeval t1; + t1.tv_sec = 0; + t1.tv_usec = 0; + rdfdes = activefds; + nfound = select(maxactivefd + 1, + &rdfdes, NULL, NULL, + &t1); + } + if (nfound > 0) { l_fp ts; get_systime(&ts); - input_handler(&ts); + input_handler_scan(&ts, &rdfdes); } else if (nfound == -1 && errno != EINTR) { msyslog(LOG_ERR, "select() error: %m"); } @@ -3619,27 +3566,110 @@ io_handler(void) # endif /* HAVE_SIGNALED_IO */ } +#ifdef HAVE_SIGNALED_IO /* * input_handler - receive packets asynchronously + * + * ALWAYS IN SIGNAL HANDLER CONTEXT -- only async-safe functions allowed! */ -static void +static RETSIGTYPE input_handler( l_fp * cts ) { - int buflen; int n; + struct timeval tvzero; + fd_set fds; + + ++handler_calls; + + /* + * Do a poll to see who has data + */ + + fds = activefds; + tvzero.tv_sec = tvzero.tv_usec = 0; + + n = select(maxactivefd + 1, &fds, NULL, NULL, &tvzero); + if (n < 0 && sanitize_fdset(errno)) { + fds = activefds; + tvzero.tv_sec = tvzero.tv_usec = 0; + n = select(maxactivefd + 1, &fds, NULL, NULL, &tvzero); + } + if (n > 0) + input_handler_scan(cts, &fds); +} +#endif /* HAVE_SIGNALED_IO */ + + +/* + * Try to sanitize the global FD set + * + * SIGNAL HANDLER CONTEXT if HAVE_SIGNALED_IO, ordinary userspace otherwise + */ +static int/*BOOL*/ +sanitize_fdset( + int errc + ) +{ + int j, b, maxscan; + +# ifndef HAVE_SIGNALED_IO + /* + * extended FAU debugging output + */ + if (errc != EINTR) { + msyslog(LOG_ERR, + "select(%d, %s, 0L, 0L, &0.0) error: %m", + maxactivefd + 1, + fdbits(maxactivefd, &activefds)); + } +# endif + + if (errc != EBADF) + return FALSE; + + /* if we have oviously bad FDs, try to sanitize the FD set. */ + for (j = 0, maxscan = 0; j <= maxactivefd; j++) { + if (FD_ISSET(j, &activefds)) { + if (-1 != read(j, &b, 0)) { + maxscan = j; + continue; + } +# ifndef HAVE_SIGNALED_IO + msyslog(LOG_ERR, + "Removing bad file descriptor %d from select set", + j); +# endif + FD_CLR(j, &activefds); + } + } + if (maxactivefd != maxscan) + maxactivefd = maxscan; + return TRUE; +} + +/* + * scan the known FDs (clocks, servers, ...) for presence in a 'fd_set'. + * + * SIGNAL HANDLER CONTEXT if HAVE_SIGNALED_IO, ordinary userspace otherwise + */ +static void +input_handler_scan( + const l_fp * cts, + const fd_set * pfds + ) +{ + int buflen; u_int idx; int doing; SOCKET fd; blocking_child *c; - struct timeval tvzero; l_fp ts; /* Timestamp at BOselect() gob */ -#ifdef DEBUG_TIMING + +#if defined(DEBUG_TIMING) l_fp ts_e; /* Timestamp at EOselect() gob */ #endif - fd_set fds; - size_t select_count; endpt * ep; #ifdef REFCLOCK struct refclockio *rp; @@ -3651,99 +3681,43 @@ input_handler( struct asyncio_reader * next_asyncio_reader; #endif - handler_calls++; - select_count = 0; - - /* - * If we have something to do, freeze a timestamp. - * See below for the other cases (nothing left to do or error) - */ - ts = *cts; - - /* - * Do a poll to see who has data - */ - - fds = activefds; - tvzero.tv_sec = tvzero.tv_usec = 0; - - n = select(maxactivefd + 1, &fds, NULL, NULL, &tvzero); - - /* - * If there are no packets waiting just return - */ - if (n < 0) { - int err = errno; - int j, b, prior; - /* - * extended FAU debugging output - */ - if (err != EINTR) - msyslog(LOG_ERR, - "select(%d, %s, 0L, 0L, &0.0) error: %m", - maxactivefd + 1, - fdbits(maxactivefd, &activefds)); - if (err != EBADF) - goto ih_return; - for (j = 0, prior = 0; j <= maxactivefd; j++) { - if (FD_ISSET(j, &activefds)) { - if (-1 != read(j, &b, 0)) { - prior = j; - continue; - } - msyslog(LOG_ERR, - "Removing bad file descriptor %d from select set", - j); - FD_CLR(j, &activefds); - if (j == maxactivefd) - maxactivefd = prior; - } - } - goto ih_return; - } - else if (n == 0) - goto ih_return; - ++handler_pkts; + ts = *cts; #ifdef REFCLOCK /* * Check out the reference clocks first, if any */ - - if (refio != NULL) { - for (rp = refio; rp != NULL; rp = rp->next) { - fd = rp->fd; - - if (!FD_ISSET(fd, &fds)) - continue; - ++select_count; - buflen = read_refclock_packet(fd, rp, ts); - /* - * The first read must succeed after select() - * indicates readability, or we've reached - * a permanent EOF. http://bugs.ntp.org/1732 - * reported ntpd munching CPU after a USB GPS - * was unplugged because select was indicating - * EOF but ntpd didn't remove the descriptor - * from the activefds set. - */ - if (buflen < 0 && EAGAIN != errno) { - saved_errno = errno; - clk = refnumtoa(&rp->srcclock->srcadr); - errno = saved_errno; - msyslog(LOG_ERR, "%s read: %m", clk); - maintain_activefds(fd, TRUE); - } else if (0 == buflen) { - clk = refnumtoa(&rp->srcclock->srcadr); - msyslog(LOG_ERR, "%s read EOF", clk); - maintain_activefds(fd, TRUE); - } else { - /* drain any remaining refclock input */ - do { - buflen = read_refclock_packet(fd, rp, ts); - } while (buflen > 0); - } + + for (rp = refio; rp != NULL; rp = rp->next) { + fd = rp->fd; + + if (!FD_ISSET(fd, pfds)) + continue; + buflen = read_refclock_packet(fd, rp, ts); + /* + * The first read must succeed after select() indicates + * readability, or we've reached a permanent EOF. + * http://bugs.ntp.org/1732 reported ntpd munching CPU + * after a USB GPS was unplugged because select was + * indicating EOF but ntpd didn't remove the descriptor + * from the activefds set. + */ + if (buflen < 0 && EAGAIN != errno) { + saved_errno = errno; + clk = refnumtoa(&rp->srcclock->srcadr); + errno = saved_errno; + msyslog(LOG_ERR, "%s read: %m", clk); + maintain_activefds(fd, TRUE); + } else if (0 == buflen) { + clk = refnumtoa(&rp->srcclock->srcadr); + msyslog(LOG_ERR, "%s read EOF", clk); + maintain_activefds(fd, TRUE); + } else { + /* drain any remaining refclock input */ + do { + buflen = read_refclock_packet(fd, rp, ts); + } while (buflen > 0); } } #endif /* REFCLOCK */ @@ -3762,9 +3736,8 @@ input_handler( } if (fd < 0) continue; - if (FD_ISSET(fd, &fds)) + if (FD_ISSET(fd, pfds)) do { - ++select_count; buflen = read_network_packet( fd, ep, ts); } while (buflen > 0); @@ -3781,10 +3754,8 @@ input_handler( while (asyncio_reader != NULL) { /* callback may unlink and free asyncio_reader */ next_asyncio_reader = asyncio_reader->link; - if (FD_ISSET(asyncio_reader->fd, &fds)) { - ++select_count; + if (FD_ISSET(asyncio_reader->fd, pfds)) (*asyncio_reader->receiver)(asyncio_reader); - } asyncio_reader = next_asyncio_reader; } #endif /* HAS_ROUTING_SOCKET */ @@ -3796,26 +3767,14 @@ input_handler( c = blocking_children[idx]; if (NULL == c || -1 == c->resp_read_pipe) continue; - if (FD_ISSET(c->resp_read_pipe, &fds)) { - select_count++; - process_blocking_resp(c); + if (FD_ISSET(c->resp_read_pipe, pfds)) { + ++c->resp_ready_seen; + ++blocking_child_ready_seen; } } - /* - * Done everything from that select. - * If nothing to do, just return. - * If an error occurred, complain and return. - */ - if (select_count == 0) { /* We really had nothing to do */ -#ifdef DEBUG - if (debug) - msyslog(LOG_DEBUG, "input_handler: select() returned 0"); -#endif /* DEBUG */ - goto ih_return; - } /* We've done our work */ -#ifdef DEBUG_TIMING +#if defined(DEBUG_TIMING) get_systime(&ts_e); /* * (ts_e - ts) is the amount of time we spent @@ -3829,11 +3788,7 @@ input_handler( "input_handler: Processed a gob of fd's in %s msec", lfptoms(&ts_e, 6)); #endif /* DEBUG_TIMING */ - /* We're done... */ - ih_return: - return; } -#endif /* !HAVE_IO_COMPLETION_PORT */ /* diff --git a/ntpd/ntp_keyword.h b/ntpd/ntp_keyword.h index 0a593f69dd2..c726c60da4e 100644 --- a/ntpd/ntp_keyword.h +++ b/ntpd/ntp_keyword.h @@ -2,7 +2,7 @@ * ntp_keyword.h * * NOTE: edit this file with caution, it is generated by keyword-gen.c - * Generated 2015-06-25 03:57:00 UTC diff_ignore_line + * Generated 2016-01-16 08:33:03 UTC diff_ignore_line * */ #include "ntp_scanner.h" @@ -10,7 +10,7 @@ #define LOWEST_KEYWORD_ID 258 -const char * const keyword_text[191] = { +const char * const keyword_text[194] = { /* 0 258 T_Abbrev */ "abbrev", /* 1 259 T_Age */ "age", /* 2 260 T_All */ "all", @@ -182,31 +182,34 @@ const char * const keyword_text[191] = { /* 168 426 T_Ttl */ "ttl", /* 169 427 T_Type */ "type", /* 170 428 T_U_int */ NULL, - /* 171 429 T_Unconfig */ "unconfig", - /* 172 430 T_Unpeer */ "unpeer", - /* 173 431 T_Version */ "version", - /* 174 432 T_WanderThreshold */ NULL, - /* 175 433 T_Week */ "week", - /* 176 434 T_Wildcard */ "wildcard", - /* 177 435 T_Xleave */ "xleave", - /* 178 436 T_Year */ "year", - /* 179 437 T_Flag */ NULL, - /* 180 438 T_EOC */ NULL, - /* 181 439 T_Simulate */ "simulate", - /* 182 440 T_Beep_Delay */ "beep_delay", - /* 183 441 T_Sim_Duration */ "simulation_duration", - /* 184 442 T_Server_Offset */ "server_offset", - /* 185 443 T_Duration */ "duration", - /* 186 444 T_Freq_Offset */ "freq_offset", - /* 187 445 T_Wander */ "wander", - /* 188 446 T_Jitter */ "jitter", - /* 189 447 T_Prop_Delay */ "prop_delay", - /* 190 448 T_Proc_Delay */ "proc_delay" + /* 171 429 T_UEcrypto */ "unpeer_crypto_early", + /* 172 430 T_UEcryptonak */ "unpeer_crypto_nak_early", + /* 173 431 T_UEdigest */ "unpeer_digest_early", + /* 174 432 T_Unconfig */ "unconfig", + /* 175 433 T_Unpeer */ "unpeer", + /* 176 434 T_Version */ "version", + /* 177 435 T_WanderThreshold */ NULL, + /* 178 436 T_Week */ "week", + /* 179 437 T_Wildcard */ "wildcard", + /* 180 438 T_Xleave */ "xleave", + /* 181 439 T_Year */ "year", + /* 182 440 T_Flag */ NULL, + /* 183 441 T_EOC */ NULL, + /* 184 442 T_Simulate */ "simulate", + /* 185 443 T_Beep_Delay */ "beep_delay", + /* 186 444 T_Sim_Duration */ "simulation_duration", + /* 187 445 T_Server_Offset */ "server_offset", + /* 188 446 T_Duration */ "duration", + /* 189 447 T_Freq_Offset */ "freq_offset", + /* 190 448 T_Wander */ "wander", + /* 191 449 T_Jitter */ "jitter", + /* 192 450 T_Prop_Delay */ "prop_delay", + /* 193 451 T_Proc_Delay */ "proc_delay" }; -#define SCANNER_INIT_S 853 +#define SCANNER_INIT_S 887 -const scan_state sst[856] = { +const scan_state sst[890] = { /*SS_T( ch, f-by, match, other ), */ 0, /* 0 */ S_ST( '-', 3, 323, 0 ), /* 1 */ @@ -252,7 +255,7 @@ const scan_state sst[856] = { S_ST( 'd', 3, 42, 0 ), /* 41 beep_ */ S_ST( 'e', 3, 43, 0 ), /* 42 beep_d */ S_ST( 'l', 3, 44, 0 ), /* 43 beep_de */ - S_ST( 'a', 3, 440, 0 ), /* 44 beep_del */ + S_ST( 'a', 3, 443, 0 ), /* 44 beep_del */ S_ST( 'r', 3, 46, 34 ), /* 45 b */ S_ST( 'o', 3, 47, 0 ), /* 46 br */ S_ST( 'a', 3, 48, 0 ), /* 47 bro */ @@ -352,7 +355,7 @@ const scan_state sst[856] = { S_ST( 'a', 3, 142, 0 ), /* 141 dur */ S_ST( 't', 3, 143, 0 ), /* 142 dura */ S_ST( 'i', 3, 144, 0 ), /* 143 durat */ - S_ST( 'o', 3, 443, 0 ), /* 144 durati */ + S_ST( 'o', 3, 446, 0 ), /* 144 durati */ S_ST( 'e', 3, 146, 105 ), /* 145 */ S_ST( 'n', 3, 293, 0 ), /* 146 e */ S_ST( 'a', 3, 148, 0 ), /* 147 en */ @@ -378,7 +381,7 @@ const scan_state sst[856] = { S_ST( 'f', 3, 168, 0 ), /* 167 freq_o */ S_ST( 'f', 3, 169, 0 ), /* 168 freq_of */ S_ST( 's', 3, 170, 0 ), /* 169 freq_off */ - S_ST( 'e', 3, 444, 0 ), /* 170 freq_offs */ + S_ST( 'e', 3, 447, 0 ), /* 170 freq_offs */ S_ST( 'u', 3, 172, 163 ), /* 171 f */ S_ST( 'd', 3, 173, 0 ), /* 172 fu */ S_ST( 'g', 3, 305, 0 ), /* 173 fud */ @@ -438,7 +441,7 @@ const scan_state sst[856] = { S_ST( 'i', 3, 228, 0 ), /* 227 j */ S_ST( 't', 3, 229, 0 ), /* 228 ji */ S_ST( 't', 3, 230, 0 ), /* 229 jit */ - S_ST( 'e', 3, 446, 0 ), /* 230 jitt */ + S_ST( 'e', 3, 449, 0 ), /* 230 jitt */ S_ST( 'k', 3, 238, 226 ), /* 231 */ S_ST( 'e', 3, 325, 0 ), /* 232 k */ S_ST( 'r', 3, 234, 0 ), /* 233 ke */ @@ -447,7 +450,7 @@ const scan_state sst[856] = { S_ST( 'd', 3, 237, 0 ), /* 236 keys */ S_ST( 'i', 3, 327, 0 ), /* 237 keysd */ S_ST( 'o', 3, 328, 232 ), /* 238 k */ - S_ST( 'l', 3, 449, 231 ), /* 239 */ + S_ST( 'l', 3, 452, 231 ), /* 239 */ S_ST( 'e', 3, 241, 0 ), /* 240 l */ S_ST( 'a', 3, 242, 0 ), /* 241 le */ S_ST( 'p', 3, 246, 0 ), /* 242 lea */ @@ -495,7 +498,7 @@ const scan_state sst[856] = { S_ST( 'e', 0, 0, 0 ), /* 284 T_Disable */ S_ST( 'd', 0, 0, 0 ), /* 285 T_Discard */ S_ST( 'n', 0, 0, 0 ), /* 286 T_Dispersion */ - S_ST( 'i', 3, 432, 240 ), /* 287 l */ + S_ST( 'i', 3, 435, 240 ), /* 287 l */ S_ST( 'e', 1, 0, 0 ), /* 288 T_Driftfile */ S_ST( 'p', 0, 0, 0 ), /* 289 T_Drop */ S_ST( 'p', 0, 0, 0 ), /* 290 T_Dscp */ @@ -557,7 +560,7 @@ const scan_state sst[856] = { S_ST( 'm', 0, 0, 0 ), /* 346 T_Maxmem */ S_ST( 'l', 0, 0, 0 ), /* 347 T_Maxpoll */ S_ST( 's', 0, 0, 0 ), /* 348 T_Mdnstries */ - S_ST( 'm', 0, 518, 0 ), /* 349 T_Mem */ + S_ST( 'm', 0, 521, 0 ), /* 349 T_Mem */ S_ST( 'k', 0, 0, 0 ), /* 350 T_Memlock */ S_ST( 'k', 0, 0, 0 ), /* 351 T_Minclock */ S_ST( 'h', 0, 0, 0 ), /* 352 T_Mindepth */ @@ -583,23 +586,23 @@ const scan_state sst[856] = { S_ST( 'e', 0, 0, 0 ), /* 372 T_Noserve */ S_ST( 'p', 0, 0, 0 ), /* 373 T_Notrap */ S_ST( 't', 0, 0, 0 ), /* 374 T_Notrust */ - S_ST( 'p', 0, 614, 0 ), /* 375 T_Ntp */ + S_ST( 'p', 0, 617, 0 ), /* 375 T_Ntp */ S_ST( 't', 0, 0, 0 ), /* 376 T_Ntpport */ S_ST( 't', 1, 0, 0 ), /* 377 T_NtpSignDsocket */ - S_ST( 'n', 0, 629, 0 ), /* 378 T_Orphan */ + S_ST( 'n', 0, 632, 0 ), /* 378 T_Orphan */ S_ST( 't', 0, 0, 0 ), /* 379 T_Orphanwait */ S_ST( 'c', 0, 0, 0 ), /* 380 T_Panic */ - S_ST( 'r', 1, 638, 0 ), /* 381 T_Peer */ + S_ST( 'r', 1, 641, 0 ), /* 381 T_Peer */ S_ST( 's', 0, 0, 0 ), /* 382 T_Peerstats */ S_ST( 'e', 2, 0, 0 ), /* 383 T_Phone */ - S_ST( 'd', 0, 646, 0 ), /* 384 T_Pid */ + S_ST( 'd', 0, 649, 0 ), /* 384 T_Pid */ S_ST( 'e', 1, 0, 0 ), /* 385 T_Pidfile */ S_ST( 'l', 1, 0, 0 ), /* 386 T_Pool */ S_ST( 't', 0, 0, 0 ), /* 387 T_Port */ S_ST( 't', 0, 0, 0 ), /* 388 T_Preempt */ S_ST( 'r', 0, 0, 0 ), /* 389 T_Prefer */ S_ST( 's', 0, 0, 0 ), /* 390 T_Protostats */ - S_ST( 'w', 1, 0, 652 ), /* 391 T_Pw */ + S_ST( 'w', 1, 0, 655 ), /* 391 T_Pw */ S_ST( 'e', 1, 0, 0 ), /* 392 T_Randfile */ S_ST( 's', 0, 0, 0 ), /* 393 T_Rawstats */ S_ST( 'd', 1, 0, 0 ), /* 394 T_Refid */ @@ -609,20 +612,20 @@ const scan_state sst[856] = { S_ST( 'e', 0, 0, 0 ), /* 398 T_Revoke */ S_ST( 't', 0, 0, 0 ), /* 399 T_Rlimit */ S_ST( 'r', 1, 0, 0 ), /* 400 T_Saveconfigdir */ - S_ST( 'r', 1, 729, 0 ), /* 401 T_Server */ + S_ST( 'r', 1, 732, 0 ), /* 401 T_Server */ S_ST( 'r', 1, 0, 0 ), /* 402 T_Setvar */ S_ST( 'e', 0, 0, 0 ), /* 403 T_Source */ S_ST( 'e', 0, 0, 0 ), /* 404 T_Stacksize */ S_ST( 's', 0, 0, 0 ), /* 405 T_Statistics */ - S_ST( 's', 0, 772, 767 ), /* 406 T_Stats */ + S_ST( 's', 0, 775, 770 ), /* 406 T_Stats */ S_ST( 'r', 1, 0, 0 ), /* 407 T_Statsdir */ - S_ST( 'p', 0, 780, 0 ), /* 408 T_Step */ + S_ST( 'p', 0, 783, 0 ), /* 408 T_Step */ S_ST( 'k', 0, 0, 0 ), /* 409 T_Stepback */ S_ST( 'd', 0, 0, 0 ), /* 410 T_Stepfwd */ S_ST( 't', 0, 0, 0 ), /* 411 T_Stepout */ S_ST( 'm', 0, 0, 0 ), /* 412 T_Stratum */ S_ST( 'e', 3, 332, 0 ), /* 413 limit */ - S_ST( 's', 0, 787, 0 ), /* 414 T_Sys */ + S_ST( 's', 0, 790, 0 ), /* 414 T_Sys */ S_ST( 's', 0, 0, 0 ), /* 415 T_Sysstats */ S_ST( 'k', 0, 0, 0 ), /* 416 T_Tick */ S_ST( '1', 0, 0, 0 ), /* 417 T_Time1 */ @@ -637,432 +640,466 @@ const scan_state sst[856] = { S_ST( 'l', 0, 0, 0 ), /* 426 T_Ttl */ S_ST( 'e', 0, 0, 0 ), /* 427 T_Type */ S_ST( 'n', 3, 333, 294 ), /* 428 li */ - S_ST( 'g', 1, 0, 0 ), /* 429 T_Unconfig */ - S_ST( 'r', 1, 0, 0 ), /* 430 T_Unpeer */ - S_ST( 'n', 0, 0, 0 ), /* 431 T_Version */ - S_ST( 's', 3, 437, 428 ), /* 432 li */ - S_ST( 'k', 0, 0, 0 ), /* 433 T_Week */ - S_ST( 'd', 0, 0, 0 ), /* 434 T_Wildcard */ - S_ST( 'e', 0, 0, 0 ), /* 435 T_Xleave */ - S_ST( 'r', 0, 0, 0 ), /* 436 T_Year */ - S_ST( 't', 3, 438, 0 ), /* 437 lis */ - S_ST( 'e', 3, 334, 0 ), /* 438 list */ - S_ST( 'e', 0, 0, 0 ), /* 439 T_Simulate */ - S_ST( 'y', 0, 0, 0 ), /* 440 T_Beep_Delay */ - S_ST( 'n', 0, 0, 0 ), /* 441 T_Sim_Duration */ - S_ST( 't', 0, 0, 0 ), /* 442 T_Server_Offset */ - S_ST( 'n', 0, 0, 0 ), /* 443 T_Duration */ - S_ST( 't', 0, 0, 0 ), /* 444 T_Freq_Offset */ - S_ST( 'r', 0, 0, 0 ), /* 445 T_Wander */ - S_ST( 'r', 0, 0, 0 ), /* 446 T_Jitter */ - S_ST( 'y', 0, 0, 0 ), /* 447 T_Prop_Delay */ - S_ST( 'y', 0, 0, 0 ), /* 448 T_Proc_Delay */ - S_ST( 'o', 3, 465, 287 ), /* 449 l */ - S_ST( 'g', 3, 456, 0 ), /* 450 lo */ - S_ST( 'c', 3, 452, 0 ), /* 451 log */ - S_ST( 'o', 3, 453, 0 ), /* 452 logc */ - S_ST( 'n', 3, 454, 0 ), /* 453 logco */ - S_ST( 'f', 3, 455, 0 ), /* 454 logcon */ - S_ST( 'i', 3, 335, 0 ), /* 455 logconf */ - S_ST( 'f', 3, 457, 451 ), /* 456 log */ - S_ST( 'i', 3, 458, 0 ), /* 457 logf */ - S_ST( 'l', 3, 336, 0 ), /* 458 logfi */ - S_ST( 'o', 3, 460, 450 ), /* 459 lo */ - S_ST( 'p', 3, 461, 0 ), /* 460 loo */ - S_ST( 's', 3, 462, 0 ), /* 461 loop */ - S_ST( 't', 3, 463, 0 ), /* 462 loops */ - S_ST( 'a', 3, 464, 0 ), /* 463 loopst */ - S_ST( 't', 3, 337, 0 ), /* 464 loopsta */ - S_ST( 'w', 3, 466, 459 ), /* 465 lo */ - S_ST( 'p', 3, 467, 0 ), /* 466 low */ - S_ST( 'r', 3, 468, 0 ), /* 467 lowp */ - S_ST( 'i', 3, 469, 0 ), /* 468 lowpr */ - S_ST( 'o', 3, 470, 0 ), /* 469 lowpri */ - S_ST( 't', 3, 471, 0 ), /* 470 lowprio */ - S_ST( 'r', 3, 472, 0 ), /* 471 lowpriot */ - S_ST( 'a', 3, 338, 0 ), /* 472 lowpriotr */ - S_ST( 'm', 3, 554, 239 ), /* 473 */ - S_ST( 'a', 3, 492, 0 ), /* 474 m */ - S_ST( 'n', 3, 476, 0 ), /* 475 ma */ - S_ST( 'y', 3, 477, 0 ), /* 476 man */ - S_ST( 'c', 3, 478, 0 ), /* 477 many */ - S_ST( 'a', 3, 479, 0 ), /* 478 manyc */ - S_ST( 's', 3, 480, 0 ), /* 479 manyca */ - S_ST( 't', 3, 486, 0 ), /* 480 manycas */ - S_ST( 'c', 3, 482, 0 ), /* 481 manycast */ - S_ST( 'l', 3, 483, 0 ), /* 482 manycastc */ - S_ST( 'i', 3, 484, 0 ), /* 483 manycastcl */ - S_ST( 'e', 3, 485, 0 ), /* 484 manycastcli */ - S_ST( 'n', 3, 339, 0 ), /* 485 manycastclie */ - S_ST( 's', 3, 487, 481 ), /* 486 manycast */ - S_ST( 'e', 3, 488, 0 ), /* 487 manycasts */ - S_ST( 'r', 3, 489, 0 ), /* 488 manycastse */ - S_ST( 'v', 3, 490, 0 ), /* 489 manycastser */ - S_ST( 'e', 3, 340, 0 ), /* 490 manycastserv */ - S_ST( 's', 3, 341, 475 ), /* 491 ma */ - S_ST( 'x', 3, 507, 491 ), /* 492 ma */ - S_ST( 'a', 3, 494, 0 ), /* 493 max */ - S_ST( 'g', 3, 342, 0 ), /* 494 maxa */ - S_ST( 'c', 3, 496, 493 ), /* 495 max */ - S_ST( 'l', 3, 497, 0 ), /* 496 maxc */ - S_ST( 'o', 3, 498, 0 ), /* 497 maxcl */ - S_ST( 'c', 3, 343, 0 ), /* 498 maxclo */ - S_ST( 'd', 3, 503, 495 ), /* 499 max */ - S_ST( 'e', 3, 501, 0 ), /* 500 maxd */ - S_ST( 'p', 3, 502, 0 ), /* 501 maxde */ - S_ST( 't', 3, 344, 0 ), /* 502 maxdep */ - S_ST( 'i', 3, 504, 500 ), /* 503 maxd */ - S_ST( 's', 3, 345, 0 ), /* 504 maxdi */ - S_ST( 'm', 3, 506, 499 ), /* 505 max */ - S_ST( 'e', 3, 346, 0 ), /* 506 maxm */ - S_ST( 'p', 3, 508, 505 ), /* 507 max */ - S_ST( 'o', 3, 509, 0 ), /* 508 maxp */ - S_ST( 'l', 3, 347, 0 ), /* 509 maxpo */ - S_ST( 'd', 3, 511, 474 ), /* 510 m */ - S_ST( 'n', 3, 512, 0 ), /* 511 md */ - S_ST( 's', 3, 513, 0 ), /* 512 mdn */ - S_ST( 't', 3, 514, 0 ), /* 513 mdns */ - S_ST( 'r', 3, 515, 0 ), /* 514 mdnst */ - S_ST( 'i', 3, 516, 0 ), /* 515 mdnstr */ - S_ST( 'e', 3, 348, 0 ), /* 516 mdnstri */ - S_ST( 'e', 3, 349, 510 ), /* 517 m */ - S_ST( 'l', 3, 519, 0 ), /* 518 mem */ - S_ST( 'o', 3, 520, 0 ), /* 519 meml */ - S_ST( 'c', 3, 350, 0 ), /* 520 memlo */ - S_ST( 'i', 3, 522, 517 ), /* 521 m */ - S_ST( 'n', 3, 539, 0 ), /* 522 mi */ - S_ST( 'c', 3, 524, 0 ), /* 523 min */ - S_ST( 'l', 3, 525, 0 ), /* 524 minc */ - S_ST( 'o', 3, 526, 0 ), /* 525 mincl */ - S_ST( 'c', 3, 351, 0 ), /* 526 minclo */ - S_ST( 'd', 3, 531, 523 ), /* 527 min */ - S_ST( 'e', 3, 529, 0 ), /* 528 mind */ - S_ST( 'p', 3, 530, 0 ), /* 529 minde */ - S_ST( 't', 3, 352, 0 ), /* 530 mindep */ - S_ST( 'i', 3, 532, 528 ), /* 531 mind */ - S_ST( 's', 3, 353, 0 ), /* 532 mindi */ - S_ST( 'i', 3, 534, 527 ), /* 533 min */ - S_ST( 'm', 3, 535, 0 ), /* 534 mini */ - S_ST( 'u', 3, 354, 0 ), /* 535 minim */ - S_ST( 'p', 3, 537, 533 ), /* 536 min */ - S_ST( 'o', 3, 538, 0 ), /* 537 minp */ - S_ST( 'l', 3, 355, 0 ), /* 538 minpo */ - S_ST( 's', 3, 540, 536 ), /* 539 min */ - S_ST( 'a', 3, 541, 0 ), /* 540 mins */ - S_ST( 'n', 3, 356, 0 ), /* 541 minsa */ - S_ST( 'o', 3, 544, 521 ), /* 542 m */ - S_ST( 'd', 3, 357, 0 ), /* 543 mo */ - S_ST( 'n', 3, 548, 543 ), /* 544 mo */ - S_ST( 'i', 3, 546, 0 ), /* 545 mon */ - S_ST( 't', 3, 547, 0 ), /* 546 moni */ - S_ST( 'o', 3, 359, 0 ), /* 547 monit */ - S_ST( 't', 3, 360, 545 ), /* 548 mon */ - S_ST( 'r', 3, 361, 542 ), /* 549 m */ - S_ST( 's', 3, 551, 549 ), /* 550 m */ - S_ST( 's', 3, 552, 0 ), /* 551 ms */ - S_ST( 'n', 3, 553, 0 ), /* 552 mss */ - S_ST( 't', 3, 329, 0 ), /* 553 mssn */ - S_ST( 'u', 3, 555, 550 ), /* 554 m */ - S_ST( 'l', 3, 556, 0 ), /* 555 mu */ - S_ST( 't', 3, 557, 0 ), /* 556 mul */ - S_ST( 'i', 3, 558, 0 ), /* 557 mult */ - S_ST( 'c', 3, 559, 0 ), /* 558 multi */ - S_ST( 'a', 3, 560, 0 ), /* 559 multic */ - S_ST( 's', 3, 561, 0 ), /* 560 multica */ - S_ST( 't', 3, 562, 0 ), /* 561 multicas */ - S_ST( 'c', 3, 563, 0 ), /* 562 multicast */ - S_ST( 'l', 3, 564, 0 ), /* 563 multicastc */ - S_ST( 'i', 3, 565, 0 ), /* 564 multicastcl */ - S_ST( 'e', 3, 566, 0 ), /* 565 multicastcli */ - S_ST( 'n', 3, 362, 0 ), /* 566 multicastclie */ - S_ST( 'n', 3, 610, 473 ), /* 567 */ - S_ST( 'i', 3, 363, 0 ), /* 568 n */ - S_ST( 'o', 3, 605, 568 ), /* 569 n */ - S_ST( 'l', 3, 571, 0 ), /* 570 no */ - S_ST( 'i', 3, 572, 0 ), /* 571 nol */ - S_ST( 'n', 3, 364, 0 ), /* 572 noli */ - S_ST( 'm', 3, 578, 570 ), /* 573 no */ - S_ST( 'o', 3, 575, 0 ), /* 574 nom */ - S_ST( 'd', 3, 576, 0 ), /* 575 nomo */ - S_ST( 'i', 3, 577, 0 ), /* 576 nomod */ - S_ST( 'f', 3, 365, 0 ), /* 577 nomodi */ - S_ST( 'r', 3, 579, 574 ), /* 578 nom */ - S_ST( 'u', 3, 580, 0 ), /* 579 nomr */ - S_ST( 'l', 3, 581, 0 ), /* 580 nomru */ - S_ST( 'i', 3, 582, 0 ), /* 581 nomrul */ - S_ST( 's', 3, 366, 0 ), /* 582 nomruli */ - S_ST( 'n', 3, 584, 573 ), /* 583 no */ - S_ST( 'v', 3, 585, 367 ), /* 584 non */ - S_ST( 'o', 3, 586, 0 ), /* 585 nonv */ - S_ST( 'l', 3, 587, 0 ), /* 586 nonvo */ - S_ST( 'a', 3, 588, 0 ), /* 587 nonvol */ - S_ST( 't', 3, 589, 0 ), /* 588 nonvola */ - S_ST( 'i', 3, 590, 0 ), /* 589 nonvolat */ - S_ST( 'l', 3, 368, 0 ), /* 590 nonvolati */ - S_ST( 'p', 3, 592, 583 ), /* 591 no */ - S_ST( 'e', 3, 593, 0 ), /* 592 nop */ - S_ST( 'e', 3, 369, 0 ), /* 593 nope */ - S_ST( 'q', 3, 595, 591 ), /* 594 no */ - S_ST( 'u', 3, 596, 0 ), /* 595 noq */ - S_ST( 'e', 3, 597, 0 ), /* 596 noqu */ - S_ST( 'r', 3, 370, 0 ), /* 597 noque */ - S_ST( 's', 3, 599, 594 ), /* 598 no */ - S_ST( 'e', 3, 603, 0 ), /* 599 nos */ - S_ST( 'l', 3, 601, 0 ), /* 600 nose */ - S_ST( 'e', 3, 602, 0 ), /* 601 nosel */ - S_ST( 'c', 3, 371, 0 ), /* 602 nosele */ - S_ST( 'r', 3, 604, 600 ), /* 603 nose */ - S_ST( 'v', 3, 372, 0 ), /* 604 noser */ - S_ST( 't', 3, 606, 598 ), /* 605 no */ - S_ST( 'r', 3, 608, 0 ), /* 606 not */ - S_ST( 'a', 3, 373, 0 ), /* 607 notr */ - S_ST( 'u', 3, 609, 607 ), /* 608 notr */ - S_ST( 's', 3, 374, 0 ), /* 609 notru */ - S_ST( 't', 3, 375, 569 ), /* 610 n */ - S_ST( 'p', 3, 612, 0 ), /* 611 ntp */ - S_ST( 'o', 3, 613, 0 ), /* 612 ntpp */ - S_ST( 'r', 3, 376, 0 ), /* 613 ntppo */ - S_ST( 's', 3, 615, 611 ), /* 614 ntp */ - S_ST( 'i', 3, 616, 0 ), /* 615 ntps */ - S_ST( 'g', 3, 617, 0 ), /* 616 ntpsi */ - S_ST( 'n', 3, 618, 0 ), /* 617 ntpsig */ - S_ST( 'd', 3, 619, 0 ), /* 618 ntpsign */ - S_ST( 's', 3, 620, 0 ), /* 619 ntpsignd */ - S_ST( 'o', 3, 621, 0 ), /* 620 ntpsignds */ - S_ST( 'c', 3, 622, 0 ), /* 621 ntpsigndso */ - S_ST( 'k', 3, 623, 0 ), /* 622 ntpsigndsoc */ - S_ST( 'e', 3, 377, 0 ), /* 623 ntpsigndsock */ - S_ST( 'o', 3, 625, 567 ), /* 624 */ - S_ST( 'r', 3, 626, 0 ), /* 625 o */ - S_ST( 'p', 3, 627, 0 ), /* 626 or */ - S_ST( 'h', 3, 628, 0 ), /* 627 orp */ - S_ST( 'a', 3, 378, 0 ), /* 628 orph */ - S_ST( 'w', 3, 630, 0 ), /* 629 orphan */ - S_ST( 'a', 3, 631, 0 ), /* 630 orphanw */ - S_ST( 'i', 3, 379, 0 ), /* 631 orphanwa */ - S_ST( 'p', 3, 391, 624 ), /* 632 */ - S_ST( 'a', 3, 634, 0 ), /* 633 p */ - S_ST( 'n', 3, 635, 0 ), /* 634 pa */ - S_ST( 'i', 3, 380, 0 ), /* 635 pan */ - S_ST( 'e', 3, 637, 633 ), /* 636 p */ - S_ST( 'e', 3, 381, 0 ), /* 637 pe */ - S_ST( 's', 3, 639, 0 ), /* 638 peer */ - S_ST( 't', 3, 640, 0 ), /* 639 peers */ - S_ST( 'a', 3, 641, 0 ), /* 640 peerst */ - S_ST( 't', 3, 382, 0 ), /* 641 peersta */ - S_ST( 'h', 3, 643, 636 ), /* 642 p */ - S_ST( 'o', 3, 644, 0 ), /* 643 ph */ - S_ST( 'n', 3, 383, 0 ), /* 644 pho */ - S_ST( 'i', 3, 384, 642 ), /* 645 p */ - S_ST( 'f', 3, 647, 0 ), /* 646 pid */ - S_ST( 'i', 3, 648, 0 ), /* 647 pidf */ - S_ST( 'l', 3, 385, 0 ), /* 648 pidfi */ - S_ST( 'o', 3, 651, 645 ), /* 649 p */ - S_ST( 'o', 3, 386, 0 ), /* 650 po */ - S_ST( 'r', 3, 387, 650 ), /* 651 po */ - S_ST( 'r', 3, 659, 649 ), /* 652 p */ - S_ST( 'e', 3, 657, 0 ), /* 653 pr */ - S_ST( 'e', 3, 655, 0 ), /* 654 pre */ - S_ST( 'm', 3, 656, 0 ), /* 655 pree */ - S_ST( 'p', 3, 388, 0 ), /* 656 preem */ - S_ST( 'f', 3, 658, 654 ), /* 657 pre */ - S_ST( 'e', 3, 389, 0 ), /* 658 pref */ - S_ST( 'o', 3, 672, 653 ), /* 659 pr */ - S_ST( 'c', 3, 661, 0 ), /* 660 pro */ - S_ST( '_', 3, 662, 0 ), /* 661 proc */ - S_ST( 'd', 3, 663, 0 ), /* 662 proc_ */ - S_ST( 'e', 3, 664, 0 ), /* 663 proc_d */ - S_ST( 'l', 3, 665, 0 ), /* 664 proc_de */ - S_ST( 'a', 3, 448, 0 ), /* 665 proc_del */ - S_ST( 'p', 3, 667, 660 ), /* 666 pro */ - S_ST( '_', 3, 668, 0 ), /* 667 prop */ - S_ST( 'd', 3, 669, 0 ), /* 668 prop_ */ - S_ST( 'e', 3, 670, 0 ), /* 669 prop_d */ - S_ST( 'l', 3, 671, 0 ), /* 670 prop_de */ - S_ST( 'a', 3, 447, 0 ), /* 671 prop_del */ - S_ST( 't', 3, 673, 666 ), /* 672 pro */ - S_ST( 'o', 3, 674, 0 ), /* 673 prot */ - S_ST( 's', 3, 675, 0 ), /* 674 proto */ - S_ST( 't', 3, 676, 0 ), /* 675 protos */ - S_ST( 'a', 3, 677, 0 ), /* 676 protost */ - S_ST( 't', 3, 390, 0 ), /* 677 protosta */ - S_ST( 'r', 3, 709, 632 ), /* 678 */ - S_ST( 'a', 3, 685, 0 ), /* 679 r */ - S_ST( 'n', 3, 681, 0 ), /* 680 ra */ - S_ST( 'd', 3, 682, 0 ), /* 681 ran */ - S_ST( 'f', 3, 683, 0 ), /* 682 rand */ - S_ST( 'i', 3, 684, 0 ), /* 683 randf */ - S_ST( 'l', 3, 392, 0 ), /* 684 randfi */ - S_ST( 'w', 3, 686, 680 ), /* 685 ra */ - S_ST( 's', 3, 687, 0 ), /* 686 raw */ - S_ST( 't', 3, 688, 0 ), /* 687 raws */ - S_ST( 'a', 3, 689, 0 ), /* 688 rawst */ - S_ST( 't', 3, 393, 0 ), /* 689 rawsta */ - S_ST( 'e', 3, 706, 679 ), /* 690 r */ - S_ST( 'f', 3, 692, 0 ), /* 691 re */ - S_ST( 'i', 3, 394, 0 ), /* 692 ref */ - S_ST( 'q', 3, 694, 691 ), /* 693 re */ - S_ST( 'u', 3, 695, 0 ), /* 694 req */ - S_ST( 'e', 3, 696, 0 ), /* 695 requ */ - S_ST( 's', 3, 697, 0 ), /* 696 reque */ - S_ST( 't', 3, 698, 0 ), /* 697 reques */ - S_ST( 'k', 3, 699, 0 ), /* 698 request */ - S_ST( 'e', 3, 395, 0 ), /* 699 requestk */ - S_ST( 's', 3, 702, 693 ), /* 700 re */ - S_ST( 'e', 3, 396, 0 ), /* 701 res */ - S_ST( 't', 3, 703, 701 ), /* 702 res */ - S_ST( 'r', 3, 704, 0 ), /* 703 rest */ - S_ST( 'i', 3, 705, 0 ), /* 704 restr */ - S_ST( 'c', 3, 397, 0 ), /* 705 restri */ - S_ST( 'v', 3, 707, 700 ), /* 706 re */ - S_ST( 'o', 3, 708, 0 ), /* 707 rev */ - S_ST( 'k', 3, 398, 0 ), /* 708 revo */ - S_ST( 'l', 3, 710, 690 ), /* 709 r */ - S_ST( 'i', 3, 711, 0 ), /* 710 rl */ - S_ST( 'm', 3, 712, 0 ), /* 711 rli */ - S_ST( 'i', 3, 399, 0 ), /* 712 rlim */ - S_ST( 's', 3, 786, 678 ), /* 713 */ - S_ST( 'a', 3, 715, 0 ), /* 714 s */ - S_ST( 'v', 3, 716, 0 ), /* 715 sa */ - S_ST( 'e', 3, 717, 0 ), /* 716 sav */ - S_ST( 'c', 3, 718, 0 ), /* 717 save */ - S_ST( 'o', 3, 719, 0 ), /* 718 savec */ - S_ST( 'n', 3, 720, 0 ), /* 719 saveco */ - S_ST( 'f', 3, 721, 0 ), /* 720 savecon */ - S_ST( 'i', 3, 722, 0 ), /* 721 saveconf */ - S_ST( 'g', 3, 723, 0 ), /* 722 saveconfi */ - S_ST( 'd', 3, 724, 0 ), /* 723 saveconfig */ - S_ST( 'i', 3, 400, 0 ), /* 724 saveconfigd */ - S_ST( 'e', 3, 735, 714 ), /* 725 s */ - S_ST( 'r', 3, 727, 0 ), /* 726 se */ - S_ST( 'v', 3, 728, 0 ), /* 727 ser */ - S_ST( 'e', 3, 401, 0 ), /* 728 serv */ - S_ST( '_', 3, 730, 0 ), /* 729 server */ - S_ST( 'o', 3, 731, 0 ), /* 730 server_ */ - S_ST( 'f', 3, 732, 0 ), /* 731 server_o */ - S_ST( 'f', 3, 733, 0 ), /* 732 server_of */ - S_ST( 's', 3, 734, 0 ), /* 733 server_off */ - S_ST( 'e', 3, 442, 0 ), /* 734 server_offs */ - S_ST( 't', 3, 736, 726 ), /* 735 se */ - S_ST( 'v', 3, 737, 0 ), /* 736 set */ - S_ST( 'a', 3, 402, 0 ), /* 737 setv */ - S_ST( 'i', 3, 739, 725 ), /* 738 s */ - S_ST( 'm', 3, 740, 0 ), /* 739 si */ - S_ST( 'u', 3, 741, 0 ), /* 740 sim */ - S_ST( 'l', 3, 742, 0 ), /* 741 simu */ - S_ST( 'a', 3, 743, 0 ), /* 742 simul */ - S_ST( 't', 3, 744, 0 ), /* 743 simula */ - S_ST( 'i', 3, 745, 439 ), /* 744 simulat */ - S_ST( 'o', 3, 746, 0 ), /* 745 simulati */ - S_ST( 'n', 3, 747, 0 ), /* 746 simulatio */ - S_ST( '_', 3, 748, 0 ), /* 747 simulation */ - S_ST( 'd', 3, 749, 0 ), /* 748 simulation_ */ - S_ST( 'u', 3, 750, 0 ), /* 749 simulation_d */ - S_ST( 'r', 3, 751, 0 ), /* 750 simulation_du */ - S_ST( 'a', 3, 752, 0 ), /* 751 simulation_dur */ - S_ST( 't', 3, 753, 0 ), /* 752 simulation_dura */ - S_ST( 'i', 3, 754, 0 ), /* 753 simulation_durat */ - S_ST( 'o', 3, 441, 0 ), /* 754 simulation_durati */ - S_ST( 'o', 3, 756, 738 ), /* 755 s */ - S_ST( 'u', 3, 757, 0 ), /* 756 so */ - S_ST( 'r', 3, 758, 0 ), /* 757 sou */ - S_ST( 'c', 3, 403, 0 ), /* 758 sour */ - S_ST( 't', 3, 782, 755 ), /* 759 s */ - S_ST( 'a', 3, 766, 0 ), /* 760 st */ - S_ST( 'c', 3, 762, 0 ), /* 761 sta */ - S_ST( 'k', 3, 763, 0 ), /* 762 stac */ - S_ST( 's', 3, 764, 0 ), /* 763 stack */ - S_ST( 'i', 3, 765, 0 ), /* 764 stacks */ - S_ST( 'z', 3, 404, 0 ), /* 765 stacksi */ - S_ST( 't', 3, 406, 761 ), /* 766 sta */ - S_ST( 'i', 3, 768, 0 ), /* 767 stat */ - S_ST( 's', 3, 769, 0 ), /* 768 stati */ - S_ST( 't', 3, 770, 0 ), /* 769 statis */ - S_ST( 'i', 3, 771, 0 ), /* 770 statist */ - S_ST( 'c', 3, 405, 0 ), /* 771 statisti */ - S_ST( 'd', 3, 773, 0 ), /* 772 stats */ - S_ST( 'i', 3, 407, 0 ), /* 773 statsd */ - S_ST( 'e', 3, 408, 760 ), /* 774 st */ - S_ST( 'b', 3, 776, 0 ), /* 775 step */ - S_ST( 'a', 3, 777, 0 ), /* 776 stepb */ - S_ST( 'c', 3, 409, 0 ), /* 777 stepba */ - S_ST( 'f', 3, 779, 775 ), /* 778 step */ - S_ST( 'w', 3, 410, 0 ), /* 779 stepf */ - S_ST( 'o', 3, 781, 778 ), /* 780 step */ - S_ST( 'u', 3, 411, 0 ), /* 781 stepo */ - S_ST( 'r', 3, 783, 774 ), /* 782 st */ - S_ST( 'a', 3, 784, 0 ), /* 783 str */ - S_ST( 't', 3, 785, 0 ), /* 784 stra */ - S_ST( 'u', 3, 412, 0 ), /* 785 strat */ - S_ST( 'y', 3, 414, 759 ), /* 786 s */ - S_ST( 's', 3, 788, 0 ), /* 787 sys */ - S_ST( 't', 3, 789, 0 ), /* 788 syss */ - S_ST( 'a', 3, 790, 0 ), /* 789 sysst */ - S_ST( 't', 3, 415, 0 ), /* 790 syssta */ - S_ST( 't', 3, 817, 713 ), /* 791 */ - S_ST( 'i', 3, 803, 0 ), /* 792 t */ - S_ST( 'c', 3, 416, 0 ), /* 793 ti */ - S_ST( 'm', 3, 796, 793 ), /* 794 ti */ - S_ST( 'e', 3, 419, 0 ), /* 795 tim */ - S_ST( 'i', 3, 797, 795 ), /* 796 tim */ - S_ST( 'n', 3, 798, 0 ), /* 797 timi */ - S_ST( 'g', 3, 799, 0 ), /* 798 timin */ - S_ST( 's', 3, 800, 0 ), /* 799 timing */ - S_ST( 't', 3, 801, 0 ), /* 800 timings */ - S_ST( 'a', 3, 802, 0 ), /* 801 timingst */ - S_ST( 't', 3, 420, 0 ), /* 802 timingsta */ - S_ST( 'n', 3, 804, 794 ), /* 803 ti */ - S_ST( 'k', 3, 805, 0 ), /* 804 tin */ - S_ST( 'e', 3, 421, 0 ), /* 805 tink */ - S_ST( 'o', 3, 422, 792 ), /* 806 t */ - S_ST( 'r', 3, 809, 806 ), /* 807 t */ - S_ST( 'a', 3, 423, 0 ), /* 808 tr */ - S_ST( 'u', 3, 810, 808 ), /* 809 tr */ - S_ST( 's', 3, 811, 424 ), /* 810 tru */ - S_ST( 't', 3, 812, 0 ), /* 811 trus */ - S_ST( 'e', 3, 813, 0 ), /* 812 trust */ - S_ST( 'd', 3, 814, 0 ), /* 813 truste */ - S_ST( 'k', 3, 815, 0 ), /* 814 trusted */ - S_ST( 'e', 3, 425, 0 ), /* 815 trustedk */ - S_ST( 't', 3, 426, 807 ), /* 816 t */ - S_ST( 'y', 3, 818, 816 ), /* 817 t */ - S_ST( 'p', 3, 427, 0 ), /* 818 ty */ - S_ST( 'u', 3, 820, 791 ), /* 819 */ - S_ST( 'n', 3, 826, 0 ), /* 820 u */ - S_ST( 'c', 3, 822, 0 ), /* 821 un */ - S_ST( 'o', 3, 823, 0 ), /* 822 unc */ - S_ST( 'n', 3, 824, 0 ), /* 823 unco */ - S_ST( 'f', 3, 825, 0 ), /* 824 uncon */ - S_ST( 'i', 3, 429, 0 ), /* 825 unconf */ - S_ST( 'p', 3, 827, 821 ), /* 826 un */ - S_ST( 'e', 3, 828, 0 ), /* 827 unp */ - S_ST( 'e', 3, 430, 0 ), /* 828 unpe */ - S_ST( 'v', 3, 830, 819 ), /* 829 */ - S_ST( 'e', 3, 831, 0 ), /* 830 v */ - S_ST( 'r', 3, 832, 0 ), /* 831 ve */ - S_ST( 's', 3, 833, 0 ), /* 832 ver */ - S_ST( 'i', 3, 834, 0 ), /* 833 vers */ - S_ST( 'o', 3, 431, 0 ), /* 834 versi */ - S_ST( 'w', 3, 842, 829 ), /* 835 */ - S_ST( 'a', 3, 837, 0 ), /* 836 w */ - S_ST( 'n', 3, 838, 0 ), /* 837 wa */ - S_ST( 'd', 3, 839, 0 ), /* 838 wan */ - S_ST( 'e', 3, 445, 0 ), /* 839 wand */ - S_ST( 'e', 3, 841, 836 ), /* 840 w */ - S_ST( 'e', 3, 433, 0 ), /* 841 we */ - S_ST( 'i', 3, 843, 840 ), /* 842 w */ - S_ST( 'l', 3, 844, 0 ), /* 843 wi */ - S_ST( 'd', 3, 845, 0 ), /* 844 wil */ - S_ST( 'c', 3, 846, 0 ), /* 845 wild */ - S_ST( 'a', 3, 847, 0 ), /* 846 wildc */ - S_ST( 'r', 3, 434, 0 ), /* 847 wildca */ - S_ST( 'x', 3, 849, 835 ), /* 848 */ - S_ST( 'l', 3, 850, 0 ), /* 849 x */ - S_ST( 'e', 3, 851, 0 ), /* 850 xl */ - S_ST( 'a', 3, 852, 0 ), /* 851 xle */ - S_ST( 'v', 3, 435, 0 ), /* 852 xlea */ - S_ST( 'y', 3, 854, 848 ), /* 853 [initial state] */ - S_ST( 'e', 3, 855, 0 ), /* 854 y */ - S_ST( 'a', 3, 436, 0 ) /* 855 ye */ + S_ST( 'y', 0, 0, 0 ), /* 429 T_UEcrypto */ + S_ST( 'y', 0, 0, 0 ), /* 430 T_UEcryptonak */ + S_ST( 'y', 0, 0, 0 ), /* 431 T_UEdigest */ + S_ST( 'g', 1, 0, 0 ), /* 432 T_Unconfig */ + S_ST( 'r', 1, 832, 0 ), /* 433 T_Unpeer */ + S_ST( 'n', 0, 0, 0 ), /* 434 T_Version */ + S_ST( 's', 3, 440, 428 ), /* 435 li */ + S_ST( 'k', 0, 0, 0 ), /* 436 T_Week */ + S_ST( 'd', 0, 0, 0 ), /* 437 T_Wildcard */ + S_ST( 'e', 0, 0, 0 ), /* 438 T_Xleave */ + S_ST( 'r', 0, 0, 0 ), /* 439 T_Year */ + S_ST( 't', 3, 441, 0 ), /* 440 lis */ + S_ST( 'e', 3, 334, 0 ), /* 441 list */ + S_ST( 'e', 0, 0, 0 ), /* 442 T_Simulate */ + S_ST( 'y', 0, 0, 0 ), /* 443 T_Beep_Delay */ + S_ST( 'n', 0, 0, 0 ), /* 444 T_Sim_Duration */ + S_ST( 't', 0, 0, 0 ), /* 445 T_Server_Offset */ + S_ST( 'n', 0, 0, 0 ), /* 446 T_Duration */ + S_ST( 't', 0, 0, 0 ), /* 447 T_Freq_Offset */ + S_ST( 'r', 0, 0, 0 ), /* 448 T_Wander */ + S_ST( 'r', 0, 0, 0 ), /* 449 T_Jitter */ + S_ST( 'y', 0, 0, 0 ), /* 450 T_Prop_Delay */ + S_ST( 'y', 0, 0, 0 ), /* 451 T_Proc_Delay */ + S_ST( 'o', 3, 468, 287 ), /* 452 l */ + S_ST( 'g', 3, 459, 0 ), /* 453 lo */ + S_ST( 'c', 3, 455, 0 ), /* 454 log */ + S_ST( 'o', 3, 456, 0 ), /* 455 logc */ + S_ST( 'n', 3, 457, 0 ), /* 456 logco */ + S_ST( 'f', 3, 458, 0 ), /* 457 logcon */ + S_ST( 'i', 3, 335, 0 ), /* 458 logconf */ + S_ST( 'f', 3, 460, 454 ), /* 459 log */ + S_ST( 'i', 3, 461, 0 ), /* 460 logf */ + S_ST( 'l', 3, 336, 0 ), /* 461 logfi */ + S_ST( 'o', 3, 463, 453 ), /* 462 lo */ + S_ST( 'p', 3, 464, 0 ), /* 463 loo */ + S_ST( 's', 3, 465, 0 ), /* 464 loop */ + S_ST( 't', 3, 466, 0 ), /* 465 loops */ + S_ST( 'a', 3, 467, 0 ), /* 466 loopst */ + S_ST( 't', 3, 337, 0 ), /* 467 loopsta */ + S_ST( 'w', 3, 469, 462 ), /* 468 lo */ + S_ST( 'p', 3, 470, 0 ), /* 469 low */ + S_ST( 'r', 3, 471, 0 ), /* 470 lowp */ + S_ST( 'i', 3, 472, 0 ), /* 471 lowpr */ + S_ST( 'o', 3, 473, 0 ), /* 472 lowpri */ + S_ST( 't', 3, 474, 0 ), /* 473 lowprio */ + S_ST( 'r', 3, 475, 0 ), /* 474 lowpriot */ + S_ST( 'a', 3, 338, 0 ), /* 475 lowpriotr */ + S_ST( 'm', 3, 557, 239 ), /* 476 */ + S_ST( 'a', 3, 495, 0 ), /* 477 m */ + S_ST( 'n', 3, 479, 0 ), /* 478 ma */ + S_ST( 'y', 3, 480, 0 ), /* 479 man */ + S_ST( 'c', 3, 481, 0 ), /* 480 many */ + S_ST( 'a', 3, 482, 0 ), /* 481 manyc */ + S_ST( 's', 3, 483, 0 ), /* 482 manyca */ + S_ST( 't', 3, 489, 0 ), /* 483 manycas */ + S_ST( 'c', 3, 485, 0 ), /* 484 manycast */ + S_ST( 'l', 3, 486, 0 ), /* 485 manycastc */ + S_ST( 'i', 3, 487, 0 ), /* 486 manycastcl */ + S_ST( 'e', 3, 488, 0 ), /* 487 manycastcli */ + S_ST( 'n', 3, 339, 0 ), /* 488 manycastclie */ + S_ST( 's', 3, 490, 484 ), /* 489 manycast */ + S_ST( 'e', 3, 491, 0 ), /* 490 manycasts */ + S_ST( 'r', 3, 492, 0 ), /* 491 manycastse */ + S_ST( 'v', 3, 493, 0 ), /* 492 manycastser */ + S_ST( 'e', 3, 340, 0 ), /* 493 manycastserv */ + S_ST( 's', 3, 341, 478 ), /* 494 ma */ + S_ST( 'x', 3, 510, 494 ), /* 495 ma */ + S_ST( 'a', 3, 497, 0 ), /* 496 max */ + S_ST( 'g', 3, 342, 0 ), /* 497 maxa */ + S_ST( 'c', 3, 499, 496 ), /* 498 max */ + S_ST( 'l', 3, 500, 0 ), /* 499 maxc */ + S_ST( 'o', 3, 501, 0 ), /* 500 maxcl */ + S_ST( 'c', 3, 343, 0 ), /* 501 maxclo */ + S_ST( 'd', 3, 506, 498 ), /* 502 max */ + S_ST( 'e', 3, 504, 0 ), /* 503 maxd */ + S_ST( 'p', 3, 505, 0 ), /* 504 maxde */ + S_ST( 't', 3, 344, 0 ), /* 505 maxdep */ + S_ST( 'i', 3, 507, 503 ), /* 506 maxd */ + S_ST( 's', 3, 345, 0 ), /* 507 maxdi */ + S_ST( 'm', 3, 509, 502 ), /* 508 max */ + S_ST( 'e', 3, 346, 0 ), /* 509 maxm */ + S_ST( 'p', 3, 511, 508 ), /* 510 max */ + S_ST( 'o', 3, 512, 0 ), /* 511 maxp */ + S_ST( 'l', 3, 347, 0 ), /* 512 maxpo */ + S_ST( 'd', 3, 514, 477 ), /* 513 m */ + S_ST( 'n', 3, 515, 0 ), /* 514 md */ + S_ST( 's', 3, 516, 0 ), /* 515 mdn */ + S_ST( 't', 3, 517, 0 ), /* 516 mdns */ + S_ST( 'r', 3, 518, 0 ), /* 517 mdnst */ + S_ST( 'i', 3, 519, 0 ), /* 518 mdnstr */ + S_ST( 'e', 3, 348, 0 ), /* 519 mdnstri */ + S_ST( 'e', 3, 349, 513 ), /* 520 m */ + S_ST( 'l', 3, 522, 0 ), /* 521 mem */ + S_ST( 'o', 3, 523, 0 ), /* 522 meml */ + S_ST( 'c', 3, 350, 0 ), /* 523 memlo */ + S_ST( 'i', 3, 525, 520 ), /* 524 m */ + S_ST( 'n', 3, 542, 0 ), /* 525 mi */ + S_ST( 'c', 3, 527, 0 ), /* 526 min */ + S_ST( 'l', 3, 528, 0 ), /* 527 minc */ + S_ST( 'o', 3, 529, 0 ), /* 528 mincl */ + S_ST( 'c', 3, 351, 0 ), /* 529 minclo */ + S_ST( 'd', 3, 534, 526 ), /* 530 min */ + S_ST( 'e', 3, 532, 0 ), /* 531 mind */ + S_ST( 'p', 3, 533, 0 ), /* 532 minde */ + S_ST( 't', 3, 352, 0 ), /* 533 mindep */ + S_ST( 'i', 3, 535, 531 ), /* 534 mind */ + S_ST( 's', 3, 353, 0 ), /* 535 mindi */ + S_ST( 'i', 3, 537, 530 ), /* 536 min */ + S_ST( 'm', 3, 538, 0 ), /* 537 mini */ + S_ST( 'u', 3, 354, 0 ), /* 538 minim */ + S_ST( 'p', 3, 540, 536 ), /* 539 min */ + S_ST( 'o', 3, 541, 0 ), /* 540 minp */ + S_ST( 'l', 3, 355, 0 ), /* 541 minpo */ + S_ST( 's', 3, 543, 539 ), /* 542 min */ + S_ST( 'a', 3, 544, 0 ), /* 543 mins */ + S_ST( 'n', 3, 356, 0 ), /* 544 minsa */ + S_ST( 'o', 3, 547, 524 ), /* 545 m */ + S_ST( 'd', 3, 357, 0 ), /* 546 mo */ + S_ST( 'n', 3, 551, 546 ), /* 547 mo */ + S_ST( 'i', 3, 549, 0 ), /* 548 mon */ + S_ST( 't', 3, 550, 0 ), /* 549 moni */ + S_ST( 'o', 3, 359, 0 ), /* 550 monit */ + S_ST( 't', 3, 360, 548 ), /* 551 mon */ + S_ST( 'r', 3, 361, 545 ), /* 552 m */ + S_ST( 's', 3, 554, 552 ), /* 553 m */ + S_ST( 's', 3, 555, 0 ), /* 554 ms */ + S_ST( 'n', 3, 556, 0 ), /* 555 mss */ + S_ST( 't', 3, 329, 0 ), /* 556 mssn */ + S_ST( 'u', 3, 558, 553 ), /* 557 m */ + S_ST( 'l', 3, 559, 0 ), /* 558 mu */ + S_ST( 't', 3, 560, 0 ), /* 559 mul */ + S_ST( 'i', 3, 561, 0 ), /* 560 mult */ + S_ST( 'c', 3, 562, 0 ), /* 561 multi */ + S_ST( 'a', 3, 563, 0 ), /* 562 multic */ + S_ST( 's', 3, 564, 0 ), /* 563 multica */ + S_ST( 't', 3, 565, 0 ), /* 564 multicas */ + S_ST( 'c', 3, 566, 0 ), /* 565 multicast */ + S_ST( 'l', 3, 567, 0 ), /* 566 multicastc */ + S_ST( 'i', 3, 568, 0 ), /* 567 multicastcl */ + S_ST( 'e', 3, 569, 0 ), /* 568 multicastcli */ + S_ST( 'n', 3, 362, 0 ), /* 569 multicastclie */ + S_ST( 'n', 3, 613, 476 ), /* 570 */ + S_ST( 'i', 3, 363, 0 ), /* 571 n */ + S_ST( 'o', 3, 608, 571 ), /* 572 n */ + S_ST( 'l', 3, 574, 0 ), /* 573 no */ + S_ST( 'i', 3, 575, 0 ), /* 574 nol */ + S_ST( 'n', 3, 364, 0 ), /* 575 noli */ + S_ST( 'm', 3, 581, 573 ), /* 576 no */ + S_ST( 'o', 3, 578, 0 ), /* 577 nom */ + S_ST( 'd', 3, 579, 0 ), /* 578 nomo */ + S_ST( 'i', 3, 580, 0 ), /* 579 nomod */ + S_ST( 'f', 3, 365, 0 ), /* 580 nomodi */ + S_ST( 'r', 3, 582, 577 ), /* 581 nom */ + S_ST( 'u', 3, 583, 0 ), /* 582 nomr */ + S_ST( 'l', 3, 584, 0 ), /* 583 nomru */ + S_ST( 'i', 3, 585, 0 ), /* 584 nomrul */ + S_ST( 's', 3, 366, 0 ), /* 585 nomruli */ + S_ST( 'n', 3, 587, 576 ), /* 586 no */ + S_ST( 'v', 3, 588, 367 ), /* 587 non */ + S_ST( 'o', 3, 589, 0 ), /* 588 nonv */ + S_ST( 'l', 3, 590, 0 ), /* 589 nonvo */ + S_ST( 'a', 3, 591, 0 ), /* 590 nonvol */ + S_ST( 't', 3, 592, 0 ), /* 591 nonvola */ + S_ST( 'i', 3, 593, 0 ), /* 592 nonvolat */ + S_ST( 'l', 3, 368, 0 ), /* 593 nonvolati */ + S_ST( 'p', 3, 595, 586 ), /* 594 no */ + S_ST( 'e', 3, 596, 0 ), /* 595 nop */ + S_ST( 'e', 3, 369, 0 ), /* 596 nope */ + S_ST( 'q', 3, 598, 594 ), /* 597 no */ + S_ST( 'u', 3, 599, 0 ), /* 598 noq */ + S_ST( 'e', 3, 600, 0 ), /* 599 noqu */ + S_ST( 'r', 3, 370, 0 ), /* 600 noque */ + S_ST( 's', 3, 602, 597 ), /* 601 no */ + S_ST( 'e', 3, 606, 0 ), /* 602 nos */ + S_ST( 'l', 3, 604, 0 ), /* 603 nose */ + S_ST( 'e', 3, 605, 0 ), /* 604 nosel */ + S_ST( 'c', 3, 371, 0 ), /* 605 nosele */ + S_ST( 'r', 3, 607, 603 ), /* 606 nose */ + S_ST( 'v', 3, 372, 0 ), /* 607 noser */ + S_ST( 't', 3, 609, 601 ), /* 608 no */ + S_ST( 'r', 3, 611, 0 ), /* 609 not */ + S_ST( 'a', 3, 373, 0 ), /* 610 notr */ + S_ST( 'u', 3, 612, 610 ), /* 611 notr */ + S_ST( 's', 3, 374, 0 ), /* 612 notru */ + S_ST( 't', 3, 375, 572 ), /* 613 n */ + S_ST( 'p', 3, 615, 0 ), /* 614 ntp */ + S_ST( 'o', 3, 616, 0 ), /* 615 ntpp */ + S_ST( 'r', 3, 376, 0 ), /* 616 ntppo */ + S_ST( 's', 3, 618, 614 ), /* 617 ntp */ + S_ST( 'i', 3, 619, 0 ), /* 618 ntps */ + S_ST( 'g', 3, 620, 0 ), /* 619 ntpsi */ + S_ST( 'n', 3, 621, 0 ), /* 620 ntpsig */ + S_ST( 'd', 3, 622, 0 ), /* 621 ntpsign */ + S_ST( 's', 3, 623, 0 ), /* 622 ntpsignd */ + S_ST( 'o', 3, 624, 0 ), /* 623 ntpsignds */ + S_ST( 'c', 3, 625, 0 ), /* 624 ntpsigndso */ + S_ST( 'k', 3, 626, 0 ), /* 625 ntpsigndsoc */ + S_ST( 'e', 3, 377, 0 ), /* 626 ntpsigndsock */ + S_ST( 'o', 3, 628, 570 ), /* 627 */ + S_ST( 'r', 3, 629, 0 ), /* 628 o */ + S_ST( 'p', 3, 630, 0 ), /* 629 or */ + S_ST( 'h', 3, 631, 0 ), /* 630 orp */ + S_ST( 'a', 3, 378, 0 ), /* 631 orph */ + S_ST( 'w', 3, 633, 0 ), /* 632 orphan */ + S_ST( 'a', 3, 634, 0 ), /* 633 orphanw */ + S_ST( 'i', 3, 379, 0 ), /* 634 orphanwa */ + S_ST( 'p', 3, 391, 627 ), /* 635 */ + S_ST( 'a', 3, 637, 0 ), /* 636 p */ + S_ST( 'n', 3, 638, 0 ), /* 637 pa */ + S_ST( 'i', 3, 380, 0 ), /* 638 pan */ + S_ST( 'e', 3, 640, 636 ), /* 639 p */ + S_ST( 'e', 3, 381, 0 ), /* 640 pe */ + S_ST( 's', 3, 642, 0 ), /* 641 peer */ + S_ST( 't', 3, 643, 0 ), /* 642 peers */ + S_ST( 'a', 3, 644, 0 ), /* 643 peerst */ + S_ST( 't', 3, 382, 0 ), /* 644 peersta */ + S_ST( 'h', 3, 646, 639 ), /* 645 p */ + S_ST( 'o', 3, 647, 0 ), /* 646 ph */ + S_ST( 'n', 3, 383, 0 ), /* 647 pho */ + S_ST( 'i', 3, 384, 645 ), /* 648 p */ + S_ST( 'f', 3, 650, 0 ), /* 649 pid */ + S_ST( 'i', 3, 651, 0 ), /* 650 pidf */ + S_ST( 'l', 3, 385, 0 ), /* 651 pidfi */ + S_ST( 'o', 3, 654, 648 ), /* 652 p */ + S_ST( 'o', 3, 386, 0 ), /* 653 po */ + S_ST( 'r', 3, 387, 653 ), /* 654 po */ + S_ST( 'r', 3, 662, 652 ), /* 655 p */ + S_ST( 'e', 3, 660, 0 ), /* 656 pr */ + S_ST( 'e', 3, 658, 0 ), /* 657 pre */ + S_ST( 'm', 3, 659, 0 ), /* 658 pree */ + S_ST( 'p', 3, 388, 0 ), /* 659 preem */ + S_ST( 'f', 3, 661, 657 ), /* 660 pre */ + S_ST( 'e', 3, 389, 0 ), /* 661 pref */ + S_ST( 'o', 3, 675, 656 ), /* 662 pr */ + S_ST( 'c', 3, 664, 0 ), /* 663 pro */ + S_ST( '_', 3, 665, 0 ), /* 664 proc */ + S_ST( 'd', 3, 666, 0 ), /* 665 proc_ */ + S_ST( 'e', 3, 667, 0 ), /* 666 proc_d */ + S_ST( 'l', 3, 668, 0 ), /* 667 proc_de */ + S_ST( 'a', 3, 451, 0 ), /* 668 proc_del */ + S_ST( 'p', 3, 670, 663 ), /* 669 pro */ + S_ST( '_', 3, 671, 0 ), /* 670 prop */ + S_ST( 'd', 3, 672, 0 ), /* 671 prop_ */ + S_ST( 'e', 3, 673, 0 ), /* 672 prop_d */ + S_ST( 'l', 3, 674, 0 ), /* 673 prop_de */ + S_ST( 'a', 3, 450, 0 ), /* 674 prop_del */ + S_ST( 't', 3, 676, 669 ), /* 675 pro */ + S_ST( 'o', 3, 677, 0 ), /* 676 prot */ + S_ST( 's', 3, 678, 0 ), /* 677 proto */ + S_ST( 't', 3, 679, 0 ), /* 678 protos */ + S_ST( 'a', 3, 680, 0 ), /* 679 protost */ + S_ST( 't', 3, 390, 0 ), /* 680 protosta */ + S_ST( 'r', 3, 712, 635 ), /* 681 */ + S_ST( 'a', 3, 688, 0 ), /* 682 r */ + S_ST( 'n', 3, 684, 0 ), /* 683 ra */ + S_ST( 'd', 3, 685, 0 ), /* 684 ran */ + S_ST( 'f', 3, 686, 0 ), /* 685 rand */ + S_ST( 'i', 3, 687, 0 ), /* 686 randf */ + S_ST( 'l', 3, 392, 0 ), /* 687 randfi */ + S_ST( 'w', 3, 689, 683 ), /* 688 ra */ + S_ST( 's', 3, 690, 0 ), /* 689 raw */ + S_ST( 't', 3, 691, 0 ), /* 690 raws */ + S_ST( 'a', 3, 692, 0 ), /* 691 rawst */ + S_ST( 't', 3, 393, 0 ), /* 692 rawsta */ + S_ST( 'e', 3, 709, 682 ), /* 693 r */ + S_ST( 'f', 3, 695, 0 ), /* 694 re */ + S_ST( 'i', 3, 394, 0 ), /* 695 ref */ + S_ST( 'q', 3, 697, 694 ), /* 696 re */ + S_ST( 'u', 3, 698, 0 ), /* 697 req */ + S_ST( 'e', 3, 699, 0 ), /* 698 requ */ + S_ST( 's', 3, 700, 0 ), /* 699 reque */ + S_ST( 't', 3, 701, 0 ), /* 700 reques */ + S_ST( 'k', 3, 702, 0 ), /* 701 request */ + S_ST( 'e', 3, 395, 0 ), /* 702 requestk */ + S_ST( 's', 3, 705, 696 ), /* 703 re */ + S_ST( 'e', 3, 396, 0 ), /* 704 res */ + S_ST( 't', 3, 706, 704 ), /* 705 res */ + S_ST( 'r', 3, 707, 0 ), /* 706 rest */ + S_ST( 'i', 3, 708, 0 ), /* 707 restr */ + S_ST( 'c', 3, 397, 0 ), /* 708 restri */ + S_ST( 'v', 3, 710, 703 ), /* 709 re */ + S_ST( 'o', 3, 711, 0 ), /* 710 rev */ + S_ST( 'k', 3, 398, 0 ), /* 711 revo */ + S_ST( 'l', 3, 713, 693 ), /* 712 r */ + S_ST( 'i', 3, 714, 0 ), /* 713 rl */ + S_ST( 'm', 3, 715, 0 ), /* 714 rli */ + S_ST( 'i', 3, 399, 0 ), /* 715 rlim */ + S_ST( 's', 3, 789, 681 ), /* 716 */ + S_ST( 'a', 3, 718, 0 ), /* 717 s */ + S_ST( 'v', 3, 719, 0 ), /* 718 sa */ + S_ST( 'e', 3, 720, 0 ), /* 719 sav */ + S_ST( 'c', 3, 721, 0 ), /* 720 save */ + S_ST( 'o', 3, 722, 0 ), /* 721 savec */ + S_ST( 'n', 3, 723, 0 ), /* 722 saveco */ + S_ST( 'f', 3, 724, 0 ), /* 723 savecon */ + S_ST( 'i', 3, 725, 0 ), /* 724 saveconf */ + S_ST( 'g', 3, 726, 0 ), /* 725 saveconfi */ + S_ST( 'd', 3, 727, 0 ), /* 726 saveconfig */ + S_ST( 'i', 3, 400, 0 ), /* 727 saveconfigd */ + S_ST( 'e', 3, 738, 717 ), /* 728 s */ + S_ST( 'r', 3, 730, 0 ), /* 729 se */ + S_ST( 'v', 3, 731, 0 ), /* 730 ser */ + S_ST( 'e', 3, 401, 0 ), /* 731 serv */ + S_ST( '_', 3, 733, 0 ), /* 732 server */ + S_ST( 'o', 3, 734, 0 ), /* 733 server_ */ + S_ST( 'f', 3, 735, 0 ), /* 734 server_o */ + S_ST( 'f', 3, 736, 0 ), /* 735 server_of */ + S_ST( 's', 3, 737, 0 ), /* 736 server_off */ + S_ST( 'e', 3, 445, 0 ), /* 737 server_offs */ + S_ST( 't', 3, 739, 729 ), /* 738 se */ + S_ST( 'v', 3, 740, 0 ), /* 739 set */ + S_ST( 'a', 3, 402, 0 ), /* 740 setv */ + S_ST( 'i', 3, 742, 728 ), /* 741 s */ + S_ST( 'm', 3, 743, 0 ), /* 742 si */ + S_ST( 'u', 3, 744, 0 ), /* 743 sim */ + S_ST( 'l', 3, 745, 0 ), /* 744 simu */ + S_ST( 'a', 3, 746, 0 ), /* 745 simul */ + S_ST( 't', 3, 747, 0 ), /* 746 simula */ + S_ST( 'i', 3, 748, 442 ), /* 747 simulat */ + S_ST( 'o', 3, 749, 0 ), /* 748 simulati */ + S_ST( 'n', 3, 750, 0 ), /* 749 simulatio */ + S_ST( '_', 3, 751, 0 ), /* 750 simulation */ + S_ST( 'd', 3, 752, 0 ), /* 751 simulation_ */ + S_ST( 'u', 3, 753, 0 ), /* 752 simulation_d */ + S_ST( 'r', 3, 754, 0 ), /* 753 simulation_du */ + S_ST( 'a', 3, 755, 0 ), /* 754 simulation_dur */ + S_ST( 't', 3, 756, 0 ), /* 755 simulation_dura */ + S_ST( 'i', 3, 757, 0 ), /* 756 simulation_durat */ + S_ST( 'o', 3, 444, 0 ), /* 757 simulation_durati */ + S_ST( 'o', 3, 759, 741 ), /* 758 s */ + S_ST( 'u', 3, 760, 0 ), /* 759 so */ + S_ST( 'r', 3, 761, 0 ), /* 760 sou */ + S_ST( 'c', 3, 403, 0 ), /* 761 sour */ + S_ST( 't', 3, 785, 758 ), /* 762 s */ + S_ST( 'a', 3, 769, 0 ), /* 763 st */ + S_ST( 'c', 3, 765, 0 ), /* 764 sta */ + S_ST( 'k', 3, 766, 0 ), /* 765 stac */ + S_ST( 's', 3, 767, 0 ), /* 766 stack */ + S_ST( 'i', 3, 768, 0 ), /* 767 stacks */ + S_ST( 'z', 3, 404, 0 ), /* 768 stacksi */ + S_ST( 't', 3, 406, 764 ), /* 769 sta */ + S_ST( 'i', 3, 771, 0 ), /* 770 stat */ + S_ST( 's', 3, 772, 0 ), /* 771 stati */ + S_ST( 't', 3, 773, 0 ), /* 772 statis */ + S_ST( 'i', 3, 774, 0 ), /* 773 statist */ + S_ST( 'c', 3, 405, 0 ), /* 774 statisti */ + S_ST( 'd', 3, 776, 0 ), /* 775 stats */ + S_ST( 'i', 3, 407, 0 ), /* 776 statsd */ + S_ST( 'e', 3, 408, 763 ), /* 777 st */ + S_ST( 'b', 3, 779, 0 ), /* 778 step */ + S_ST( 'a', 3, 780, 0 ), /* 779 stepb */ + S_ST( 'c', 3, 409, 0 ), /* 780 stepba */ + S_ST( 'f', 3, 782, 778 ), /* 781 step */ + S_ST( 'w', 3, 410, 0 ), /* 782 stepf */ + S_ST( 'o', 3, 784, 781 ), /* 783 step */ + S_ST( 'u', 3, 411, 0 ), /* 784 stepo */ + S_ST( 'r', 3, 786, 777 ), /* 785 st */ + S_ST( 'a', 3, 787, 0 ), /* 786 str */ + S_ST( 't', 3, 788, 0 ), /* 787 stra */ + S_ST( 'u', 3, 412, 0 ), /* 788 strat */ + S_ST( 'y', 3, 414, 762 ), /* 789 s */ + S_ST( 's', 3, 791, 0 ), /* 790 sys */ + S_ST( 't', 3, 792, 0 ), /* 791 syss */ + S_ST( 'a', 3, 793, 0 ), /* 792 sysst */ + S_ST( 't', 3, 415, 0 ), /* 793 syssta */ + S_ST( 't', 3, 820, 716 ), /* 794 */ + S_ST( 'i', 3, 806, 0 ), /* 795 t */ + S_ST( 'c', 3, 416, 0 ), /* 796 ti */ + S_ST( 'm', 3, 799, 796 ), /* 797 ti */ + S_ST( 'e', 3, 419, 0 ), /* 798 tim */ + S_ST( 'i', 3, 800, 798 ), /* 799 tim */ + S_ST( 'n', 3, 801, 0 ), /* 800 timi */ + S_ST( 'g', 3, 802, 0 ), /* 801 timin */ + S_ST( 's', 3, 803, 0 ), /* 802 timing */ + S_ST( 't', 3, 804, 0 ), /* 803 timings */ + S_ST( 'a', 3, 805, 0 ), /* 804 timingst */ + S_ST( 't', 3, 420, 0 ), /* 805 timingsta */ + S_ST( 'n', 3, 807, 797 ), /* 806 ti */ + S_ST( 'k', 3, 808, 0 ), /* 807 tin */ + S_ST( 'e', 3, 421, 0 ), /* 808 tink */ + S_ST( 'o', 3, 422, 795 ), /* 809 t */ + S_ST( 'r', 3, 812, 809 ), /* 810 t */ + S_ST( 'a', 3, 423, 0 ), /* 811 tr */ + S_ST( 'u', 3, 813, 811 ), /* 812 tr */ + S_ST( 's', 3, 814, 424 ), /* 813 tru */ + S_ST( 't', 3, 815, 0 ), /* 814 trus */ + S_ST( 'e', 3, 816, 0 ), /* 815 trust */ + S_ST( 'd', 3, 817, 0 ), /* 816 truste */ + S_ST( 'k', 3, 818, 0 ), /* 817 trusted */ + S_ST( 'e', 3, 425, 0 ), /* 818 trustedk */ + S_ST( 't', 3, 426, 810 ), /* 819 t */ + S_ST( 'y', 3, 821, 819 ), /* 820 t */ + S_ST( 'p', 3, 427, 0 ), /* 821 ty */ + S_ST( 'u', 3, 823, 794 ), /* 822 */ + S_ST( 'n', 3, 829, 0 ), /* 823 u */ + S_ST( 'c', 3, 825, 0 ), /* 824 un */ + S_ST( 'o', 3, 826, 0 ), /* 825 unc */ + S_ST( 'n', 3, 827, 0 ), /* 826 unco */ + S_ST( 'f', 3, 828, 0 ), /* 827 uncon */ + S_ST( 'i', 3, 432, 0 ), /* 828 unconf */ + S_ST( 'p', 3, 830, 824 ), /* 829 un */ + S_ST( 'e', 3, 831, 0 ), /* 830 unp */ + S_ST( 'e', 3, 433, 0 ), /* 831 unpe */ + S_ST( '_', 3, 852, 0 ), /* 832 unpeer */ + S_ST( 'c', 3, 834, 0 ), /* 833 unpeer_ */ + S_ST( 'r', 3, 835, 0 ), /* 834 unpeer_c */ + S_ST( 'y', 3, 836, 0 ), /* 835 unpeer_cr */ + S_ST( 'p', 3, 837, 0 ), /* 836 unpeer_cry */ + S_ST( 't', 3, 838, 0 ), /* 837 unpeer_cryp */ + S_ST( 'o', 3, 839, 0 ), /* 838 unpeer_crypt */ + S_ST( '_', 3, 844, 0 ), /* 839 unpeer_crypto */ + S_ST( 'e', 3, 841, 0 ), /* 840 unpeer_crypto_ */ + S_ST( 'a', 3, 842, 0 ), /* 841 unpeer_crypto_e */ + S_ST( 'r', 3, 843, 0 ), /* 842 unpeer_crypto_ea */ + S_ST( 'l', 3, 429, 0 ), /* 843 unpeer_crypto_ear */ + S_ST( 'n', 3, 845, 840 ), /* 844 unpeer_crypto_ */ + S_ST( 'a', 3, 846, 0 ), /* 845 unpeer_crypto_n */ + S_ST( 'k', 3, 847, 0 ), /* 846 unpeer_crypto_na */ + S_ST( '_', 3, 848, 0 ), /* 847 unpeer_crypto_nak */ + S_ST( 'e', 3, 849, 0 ), /* 848 unpeer_crypto_nak_ */ + S_ST( 'a', 3, 850, 0 ), /* 849 unpeer_crypto_nak_e */ + S_ST( 'r', 3, 851, 0 ), /* 850 unpeer_crypto_nak_ea */ + S_ST( 'l', 3, 430, 0 ), /* 851 unpeer_crypto_nak_ear */ + S_ST( 'd', 3, 853, 833 ), /* 852 unpeer_ */ + S_ST( 'i', 3, 854, 0 ), /* 853 unpeer_d */ + S_ST( 'g', 3, 855, 0 ), /* 854 unpeer_di */ + S_ST( 'e', 3, 856, 0 ), /* 855 unpeer_dig */ + S_ST( 's', 3, 857, 0 ), /* 856 unpeer_dige */ + S_ST( 't', 3, 858, 0 ), /* 857 unpeer_diges */ + S_ST( '_', 3, 859, 0 ), /* 858 unpeer_digest */ + S_ST( 'e', 3, 860, 0 ), /* 859 unpeer_digest_ */ + S_ST( 'a', 3, 861, 0 ), /* 860 unpeer_digest_e */ + S_ST( 'r', 3, 862, 0 ), /* 861 unpeer_digest_ea */ + S_ST( 'l', 3, 431, 0 ), /* 862 unpeer_digest_ear */ + S_ST( 'v', 3, 864, 822 ), /* 863 */ + S_ST( 'e', 3, 865, 0 ), /* 864 v */ + S_ST( 'r', 3, 866, 0 ), /* 865 ve */ + S_ST( 's', 3, 867, 0 ), /* 866 ver */ + S_ST( 'i', 3, 868, 0 ), /* 867 vers */ + S_ST( 'o', 3, 434, 0 ), /* 868 versi */ + S_ST( 'w', 3, 876, 863 ), /* 869 */ + S_ST( 'a', 3, 871, 0 ), /* 870 w */ + S_ST( 'n', 3, 872, 0 ), /* 871 wa */ + S_ST( 'd', 3, 873, 0 ), /* 872 wan */ + S_ST( 'e', 3, 448, 0 ), /* 873 wand */ + S_ST( 'e', 3, 875, 870 ), /* 874 w */ + S_ST( 'e', 3, 436, 0 ), /* 875 we */ + S_ST( 'i', 3, 877, 874 ), /* 876 w */ + S_ST( 'l', 3, 878, 0 ), /* 877 wi */ + S_ST( 'd', 3, 879, 0 ), /* 878 wil */ + S_ST( 'c', 3, 880, 0 ), /* 879 wild */ + S_ST( 'a', 3, 881, 0 ), /* 880 wildc */ + S_ST( 'r', 3, 437, 0 ), /* 881 wildca */ + S_ST( 'x', 3, 883, 869 ), /* 882 */ + S_ST( 'l', 3, 884, 0 ), /* 883 x */ + S_ST( 'e', 3, 885, 0 ), /* 884 xl */ + S_ST( 'a', 3, 886, 0 ), /* 885 xle */ + S_ST( 'v', 3, 438, 0 ), /* 886 xlea */ + S_ST( 'y', 3, 888, 882 ), /* 887 [initial state] */ + S_ST( 'e', 3, 889, 0 ), /* 888 y */ + S_ST( 'a', 3, 439, 0 ) /* 889 ye */ }; diff --git a/ntpd/ntp_parser.c b/ntpd/ntp_parser.c index cc179502c1e..31596692e9b 100644 --- a/ntpd/ntp_parser.c +++ b/ntpd/ntp_parser.c @@ -1,19 +1,19 @@ -/* A Bison parser, made by GNU Bison 3.0.2. */ +/* A Bison parser, made by GNU Bison 2.7.12-4996. */ /* Bison implementation for Yacc-like parsers in C - - Copyright (C) 1984, 1989-1990, 2000-2013 Free Software Foundation, Inc. - + + Copyright (C) 1984, 1989-1990, 2000-2013 Free Software Foundation, Inc. + This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see . */ @@ -26,7 +26,7 @@ special exception, which will cause the skeleton and the resulting Bison output files to be licensed under the GNU General Public License without this special exception. - + This special exception was added by the Free Software Foundation in version 2.2 of Bison. */ @@ -44,7 +44,7 @@ #define YYBISON 1 /* Bison version. */ -#define YYBISON_VERSION "3.0.2" +#define YYBISON_VERSION "2.7.12-4996" /* Skeleton name. */ #define YYSKELETON_NAME "yacc.c" @@ -62,7 +62,8 @@ /* Copy the first part of user declarations. */ -#line 11 "../../ntpd/ntp_parser.y" /* yacc.c:339 */ +/* Line 371 of yacc.c */ +#line 11 "../../ntpd/ntp_parser.y" #ifdef HAVE_CONFIG_H # include @@ -96,13 +97,14 @@ # define ONLY_SIM(a) NULL #endif -#line 100 "../../ntpd/ntp_parser.c" /* yacc.c:339 */ +/* Line 371 of yacc.c */ +#line 102 "ntp_parser.c" -# ifndef YY_NULLPTR +# ifndef YY_NULL # if defined __cplusplus && 201103L <= __cplusplus -# define YY_NULLPTR nullptr +# define YY_NULL nullptr # else -# define YY_NULLPTR 0 +# define YY_NULL 0 # endif # endif @@ -116,9 +118,9 @@ /* In a future release of Bison, this section will be replaced by #include "y.tab.h". */ -#ifndef YY_YY__NTPD_NTP_PARSER_H_INCLUDED -# define YY_YY__NTPD_NTP_PARSER_H_INCLUDED -/* Debug traces. */ +#ifndef YY_YY_NTP_PARSER_H_INCLUDED +# define YY_YY_NTP_PARSER_H_INCLUDED +/* Enabling traces. */ #ifndef YYDEBUG # define YYDEBUG 1 #endif @@ -126,203 +128,207 @@ extern int yydebug; #endif -/* Token type. */ +/* Tokens. */ #ifndef YYTOKENTYPE # define YYTOKENTYPE - enum yytokentype - { - T_Abbrev = 258, - T_Age = 259, - T_All = 260, - T_Allan = 261, - T_Allpeers = 262, - T_Auth = 263, - T_Autokey = 264, - T_Automax = 265, - T_Average = 266, - T_Bclient = 267, - T_Beacon = 268, - T_Broadcast = 269, - T_Broadcastclient = 270, - T_Broadcastdelay = 271, - T_Burst = 272, - T_Calibrate = 273, - T_Ceiling = 274, - T_Clockstats = 275, - T_Cohort = 276, - T_ControlKey = 277, - T_Crypto = 278, - T_Cryptostats = 279, - T_Ctl = 280, - T_Day = 281, - T_Default = 282, - T_Digest = 283, - T_Disable = 284, - T_Discard = 285, - T_Dispersion = 286, - T_Double = 287, - T_Driftfile = 288, - T_Drop = 289, - T_Dscp = 290, - T_Ellipsis = 291, - T_Enable = 292, - T_End = 293, - T_False = 294, - T_File = 295, - T_Filegen = 296, - T_Filenum = 297, - T_Flag1 = 298, - T_Flag2 = 299, - T_Flag3 = 300, - T_Flag4 = 301, - T_Flake = 302, - T_Floor = 303, - T_Freq = 304, - T_Fudge = 305, - T_Host = 306, - T_Huffpuff = 307, - T_Iburst = 308, - T_Ident = 309, - T_Ignore = 310, - T_Incalloc = 311, - T_Incmem = 312, - T_Initalloc = 313, - T_Initmem = 314, - T_Includefile = 315, - T_Integer = 316, - T_Interface = 317, - T_Intrange = 318, - T_Io = 319, - T_Ipv4 = 320, - T_Ipv4_flag = 321, - T_Ipv6 = 322, - T_Ipv6_flag = 323, - T_Kernel = 324, - T_Key = 325, - T_Keys = 326, - T_Keysdir = 327, - T_Kod = 328, - T_Mssntp = 329, - T_Leapfile = 330, - T_Leapsmearinterval = 331, - T_Limited = 332, - T_Link = 333, - T_Listen = 334, - T_Logconfig = 335, - T_Logfile = 336, - T_Loopstats = 337, - T_Lowpriotrap = 338, - T_Manycastclient = 339, - T_Manycastserver = 340, - T_Mask = 341, - T_Maxage = 342, - T_Maxclock = 343, - T_Maxdepth = 344, - T_Maxdist = 345, - T_Maxmem = 346, - T_Maxpoll = 347, - T_Mdnstries = 348, - T_Mem = 349, - T_Memlock = 350, - T_Minclock = 351, - T_Mindepth = 352, - T_Mindist = 353, - T_Minimum = 354, - T_Minpoll = 355, - T_Minsane = 356, - T_Mode = 357, - T_Mode7 = 358, - T_Monitor = 359, - T_Month = 360, - T_Mru = 361, - T_Multicastclient = 362, - T_Nic = 363, - T_Nolink = 364, - T_Nomodify = 365, - T_Nomrulist = 366, - T_None = 367, - T_Nonvolatile = 368, - T_Nopeer = 369, - T_Noquery = 370, - T_Noselect = 371, - T_Noserve = 372, - T_Notrap = 373, - T_Notrust = 374, - T_Ntp = 375, - T_Ntpport = 376, - T_NtpSignDsocket = 377, - T_Orphan = 378, - T_Orphanwait = 379, - T_Panic = 380, - T_Peer = 381, - T_Peerstats = 382, - T_Phone = 383, - T_Pid = 384, - T_Pidfile = 385, - T_Pool = 386, - T_Port = 387, - T_Preempt = 388, - T_Prefer = 389, - T_Protostats = 390, - T_Pw = 391, - T_Randfile = 392, - T_Rawstats = 393, - T_Refid = 394, - T_Requestkey = 395, - T_Reset = 396, - T_Restrict = 397, - T_Revoke = 398, - T_Rlimit = 399, - T_Saveconfigdir = 400, - T_Server = 401, - T_Setvar = 402, - T_Source = 403, - T_Stacksize = 404, - T_Statistics = 405, - T_Stats = 406, - T_Statsdir = 407, - T_Step = 408, - T_Stepback = 409, - T_Stepfwd = 410, - T_Stepout = 411, - T_Stratum = 412, - T_String = 413, - T_Sys = 414, - T_Sysstats = 415, - T_Tick = 416, - T_Time1 = 417, - T_Time2 = 418, - T_Timer = 419, - T_Timingstats = 420, - T_Tinker = 421, - T_Tos = 422, - T_Trap = 423, - T_True = 424, - T_Trustedkey = 425, - T_Ttl = 426, - T_Type = 427, - T_U_int = 428, - T_Unconfig = 429, - T_Unpeer = 430, - T_Version = 431, - T_WanderThreshold = 432, - T_Week = 433, - T_Wildcard = 434, - T_Xleave = 435, - T_Year = 436, - T_Flag = 437, - T_EOC = 438, - T_Simulate = 439, - T_Beep_Delay = 440, - T_Sim_Duration = 441, - T_Server_Offset = 442, - T_Duration = 443, - T_Freq_Offset = 444, - T_Wander = 445, - T_Jitter = 446, - T_Prop_Delay = 447, - T_Proc_Delay = 448 - }; + /* Put the tokens into the symbol table, so that GDB and other debuggers + know about them. */ + enum yytokentype { + T_Abbrev = 258, + T_Age = 259, + T_All = 260, + T_Allan = 261, + T_Allpeers = 262, + T_Auth = 263, + T_Autokey = 264, + T_Automax = 265, + T_Average = 266, + T_Bclient = 267, + T_Beacon = 268, + T_Broadcast = 269, + T_Broadcastclient = 270, + T_Broadcastdelay = 271, + T_Burst = 272, + T_Calibrate = 273, + T_Ceiling = 274, + T_Clockstats = 275, + T_Cohort = 276, + T_ControlKey = 277, + T_Crypto = 278, + T_Cryptostats = 279, + T_Ctl = 280, + T_Day = 281, + T_Default = 282, + T_Digest = 283, + T_Disable = 284, + T_Discard = 285, + T_Dispersion = 286, + T_Double = 287, + T_Driftfile = 288, + T_Drop = 289, + T_Dscp = 290, + T_Ellipsis = 291, + T_Enable = 292, + T_End = 293, + T_False = 294, + T_File = 295, + T_Filegen = 296, + T_Filenum = 297, + T_Flag1 = 298, + T_Flag2 = 299, + T_Flag3 = 300, + T_Flag4 = 301, + T_Flake = 302, + T_Floor = 303, + T_Freq = 304, + T_Fudge = 305, + T_Host = 306, + T_Huffpuff = 307, + T_Iburst = 308, + T_Ident = 309, + T_Ignore = 310, + T_Incalloc = 311, + T_Incmem = 312, + T_Initalloc = 313, + T_Initmem = 314, + T_Includefile = 315, + T_Integer = 316, + T_Interface = 317, + T_Intrange = 318, + T_Io = 319, + T_Ipv4 = 320, + T_Ipv4_flag = 321, + T_Ipv6 = 322, + T_Ipv6_flag = 323, + T_Kernel = 324, + T_Key = 325, + T_Keys = 326, + T_Keysdir = 327, + T_Kod = 328, + T_Mssntp = 329, + T_Leapfile = 330, + T_Leapsmearinterval = 331, + T_Limited = 332, + T_Link = 333, + T_Listen = 334, + T_Logconfig = 335, + T_Logfile = 336, + T_Loopstats = 337, + T_Lowpriotrap = 338, + T_Manycastclient = 339, + T_Manycastserver = 340, + T_Mask = 341, + T_Maxage = 342, + T_Maxclock = 343, + T_Maxdepth = 344, + T_Maxdist = 345, + T_Maxmem = 346, + T_Maxpoll = 347, + T_Mdnstries = 348, + T_Mem = 349, + T_Memlock = 350, + T_Minclock = 351, + T_Mindepth = 352, + T_Mindist = 353, + T_Minimum = 354, + T_Minpoll = 355, + T_Minsane = 356, + T_Mode = 357, + T_Mode7 = 358, + T_Monitor = 359, + T_Month = 360, + T_Mru = 361, + T_Multicastclient = 362, + T_Nic = 363, + T_Nolink = 364, + T_Nomodify = 365, + T_Nomrulist = 366, + T_None = 367, + T_Nonvolatile = 368, + T_Nopeer = 369, + T_Noquery = 370, + T_Noselect = 371, + T_Noserve = 372, + T_Notrap = 373, + T_Notrust = 374, + T_Ntp = 375, + T_Ntpport = 376, + T_NtpSignDsocket = 377, + T_Orphan = 378, + T_Orphanwait = 379, + T_Panic = 380, + T_Peer = 381, + T_Peerstats = 382, + T_Phone = 383, + T_Pid = 384, + T_Pidfile = 385, + T_Pool = 386, + T_Port = 387, + T_Preempt = 388, + T_Prefer = 389, + T_Protostats = 390, + T_Pw = 391, + T_Randfile = 392, + T_Rawstats = 393, + T_Refid = 394, + T_Requestkey = 395, + T_Reset = 396, + T_Restrict = 397, + T_Revoke = 398, + T_Rlimit = 399, + T_Saveconfigdir = 400, + T_Server = 401, + T_Setvar = 402, + T_Source = 403, + T_Stacksize = 404, + T_Statistics = 405, + T_Stats = 406, + T_Statsdir = 407, + T_Step = 408, + T_Stepback = 409, + T_Stepfwd = 410, + T_Stepout = 411, + T_Stratum = 412, + T_String = 413, + T_Sys = 414, + T_Sysstats = 415, + T_Tick = 416, + T_Time1 = 417, + T_Time2 = 418, + T_Timer = 419, + T_Timingstats = 420, + T_Tinker = 421, + T_Tos = 422, + T_Trap = 423, + T_True = 424, + T_Trustedkey = 425, + T_Ttl = 426, + T_Type = 427, + T_U_int = 428, + T_UEcrypto = 429, + T_UEcryptonak = 430, + T_UEdigest = 431, + T_Unconfig = 432, + T_Unpeer = 433, + T_Version = 434, + T_WanderThreshold = 435, + T_Week = 436, + T_Wildcard = 437, + T_Xleave = 438, + T_Year = 439, + T_Flag = 440, + T_EOC = 441, + T_Simulate = 442, + T_Beep_Delay = 443, + T_Sim_Duration = 444, + T_Server_Offset = 445, + T_Duration = 446, + T_Freq_Offset = 447, + T_Wander = 448, + T_Jitter = 449, + T_Prop_Delay = 450, + T_Proc_Delay = 451 + }; #endif /* Tokens. */ #define T_Abbrev 258 @@ -496,33 +502,37 @@ extern int yydebug; #define T_Ttl 426 #define T_Type 427 #define T_U_int 428 -#define T_Unconfig 429 -#define T_Unpeer 430 -#define T_Version 431 -#define T_WanderThreshold 432 -#define T_Week 433 -#define T_Wildcard 434 -#define T_Xleave 435 -#define T_Year 436 -#define T_Flag 437 -#define T_EOC 438 -#define T_Simulate 439 -#define T_Beep_Delay 440 -#define T_Sim_Duration 441 -#define T_Server_Offset 442 -#define T_Duration 443 -#define T_Freq_Offset 444 -#define T_Wander 445 -#define T_Jitter 446 -#define T_Prop_Delay 447 -#define T_Proc_Delay 448 +#define T_UEcrypto 429 +#define T_UEcryptonak 430 +#define T_UEdigest 431 +#define T_Unconfig 432 +#define T_Unpeer 433 +#define T_Version 434 +#define T_WanderThreshold 435 +#define T_Week 436 +#define T_Wildcard 437 +#define T_Xleave 438 +#define T_Year 439 +#define T_Flag 440 +#define T_EOC 441 +#define T_Simulate 442 +#define T_Beep_Delay 443 +#define T_Sim_Duration 444 +#define T_Server_Offset 445 +#define T_Duration 446 +#define T_Freq_Offset 447 +#define T_Wander 448 +#define T_Jitter 449 +#define T_Prop_Delay 450 +#define T_Proc_Delay 451 + + -/* Value type. */ #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED -typedef union YYSTYPE YYSTYPE; -union YYSTYPE +typedef union YYSTYPE { -#line 51 "../../ntpd/ntp_parser.y" /* yacc.c:355 */ +/* Line 387 of yacc.c */ +#line 51 "../../ntpd/ntp_parser.y" char * String; double Double; @@ -541,22 +551,37 @@ union YYSTYPE script_info * Sim_script; script_info_fifo * Sim_script_fifo; -#line 545 "../../ntpd/ntp_parser.c" /* yacc.c:355 */ -}; + +/* Line 387 of yacc.c */ +#line 557 "ntp_parser.c" +} YYSTYPE; # define YYSTYPE_IS_TRIVIAL 1 +# define yystype YYSTYPE /* obsolescent; will be withdrawn */ # define YYSTYPE_IS_DECLARED 1 #endif - extern YYSTYPE yylval; +#ifdef YYPARSE_PARAM +#if defined __STDC__ || defined __cplusplus +int yyparse (void *YYPARSE_PARAM); +#else +int yyparse (); +#endif +#else /* ! YYPARSE_PARAM */ +#if defined __STDC__ || defined __cplusplus int yyparse (void); +#else +int yyparse (); +#endif +#endif /* ! YYPARSE_PARAM */ -#endif /* !YY_YY__NTPD_NTP_PARSER_H_INCLUDED */ +#endif /* !YY_YY_NTP_PARSER_H_INCLUDED */ /* Copy the second part of user declarations. */ -#line 560 "../../ntpd/ntp_parser.c" /* yacc.c:358 */ +/* Line 390 of yacc.c */ +#line 585 "ntp_parser.c" #ifdef short # undef short @@ -570,8 +595,11 @@ typedef unsigned char yytype_uint8; #ifdef YYTYPE_INT8 typedef YYTYPE_INT8 yytype_int8; -#else +#elif (defined __STDC__ || defined __C99__FUNC__ \ + || defined __cplusplus || defined _MSC_VER) typedef signed char yytype_int8; +#else +typedef short int yytype_int8; #endif #ifdef YYTYPE_UINT16 @@ -591,7 +619,8 @@ typedef short int yytype_int16; # define YYSIZE_T __SIZE_TYPE__ # elif defined size_t # define YYSIZE_T size_t -# elif ! defined YYSIZE_T +# elif ! defined YYSIZE_T && (defined __STDC__ || defined __C99__FUNC__ \ + || defined __cplusplus || defined _MSC_VER) # include /* INFRINGES ON USER NAME SPACE */ # define YYSIZE_T size_t # else @@ -613,30 +642,11 @@ typedef short int yytype_int16; # endif #endif -#ifndef YY_ATTRIBUTE -# if (defined __GNUC__ \ - && (2 < __GNUC__ || (__GNUC__ == 2 && 96 <= __GNUC_MINOR__))) \ - || defined __SUNPRO_C && 0x5110 <= __SUNPRO_C -# define YY_ATTRIBUTE(Spec) __attribute__(Spec) -# else -# define YY_ATTRIBUTE(Spec) /* empty */ -# endif -#endif - -#ifndef YY_ATTRIBUTE_PURE -# define YY_ATTRIBUTE_PURE YY_ATTRIBUTE ((__pure__)) -#endif - -#ifndef YY_ATTRIBUTE_UNUSED -# define YY_ATTRIBUTE_UNUSED YY_ATTRIBUTE ((__unused__)) -#endif - -#if !defined _Noreturn \ - && (!defined __STDC_VERSION__ || __STDC_VERSION__ < 201112) -# if defined _MSC_VER && 1200 <= _MSC_VER -# define _Noreturn __declspec (noreturn) -# else -# define _Noreturn YY_ATTRIBUTE ((__noreturn__)) +#ifndef __attribute__ +/* This feature is available in gcc versions 2.5 and later. */ +# if (! defined __GNUC__ || __GNUC__ < 2 \ + || (__GNUC__ == 2 && __GNUC_MINOR__ < 5)) +# define __attribute__(Spec) /* empty */ # endif #endif @@ -647,25 +657,24 @@ typedef short int yytype_int16; # define YYUSE(E) /* empty */ #endif -#if defined __GNUC__ && 407 <= __GNUC__ * 100 + __GNUC_MINOR__ -/* Suppress an incorrect diagnostic about yylval being uninitialized. */ -# define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN \ - _Pragma ("GCC diagnostic push") \ - _Pragma ("GCC diagnostic ignored \"-Wuninitialized\"")\ - _Pragma ("GCC diagnostic ignored \"-Wmaybe-uninitialized\"") -# define YY_IGNORE_MAYBE_UNINITIALIZED_END \ - _Pragma ("GCC diagnostic pop") -#else -# define YY_INITIAL_VALUE(Value) Value -#endif -#ifndef YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN -# define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN -# define YY_IGNORE_MAYBE_UNINITIALIZED_END -#endif -#ifndef YY_INITIAL_VALUE -# define YY_INITIAL_VALUE(Value) /* Nothing. */ -#endif +/* Identity function, used to suppress warnings about constant conditions. */ +#ifndef lint +# define YYID(N) (N) +#else +#if (defined __STDC__ || defined __C99__FUNC__ \ + || defined __cplusplus || defined _MSC_VER) +static int +YYID (int yyi) +#else +static int +YYID (yyi) + int yyi; +#endif +{ + return yyi; +} +#endif #if ! defined yyoverflow || YYERROR_VERBOSE @@ -684,7 +693,8 @@ typedef short int yytype_int16; # define alloca _alloca # else # define YYSTACK_ALLOC alloca -# if ! defined _ALLOCA_H && ! defined EXIT_SUCCESS +# if ! defined _ALLOCA_H && ! defined EXIT_SUCCESS && (defined __STDC__ || defined __C99__FUNC__ \ + || defined __cplusplus || defined _MSC_VER) # include /* INFRINGES ON USER NAME SPACE */ /* Use EXIT_SUCCESS as a witness for stdlib.h. */ # ifndef EXIT_SUCCESS @@ -696,8 +706,8 @@ typedef short int yytype_int16; # endif # ifdef YYSTACK_ALLOC - /* Pacify GCC's 'empty if-body' warning. */ -# define YYSTACK_FREE(Ptr) do { /* empty */; } while (0) + /* Pacify GCC's `empty if-body' warning. */ +# define YYSTACK_FREE(Ptr) do { /* empty */; } while (YYID (0)) # ifndef YYSTACK_ALLOC_MAXIMUM /* The OS might guarantee only one guard page at the bottom of the stack, and a page size can be as small as 4096 bytes. So we cannot safely @@ -713,7 +723,7 @@ typedef short int yytype_int16; # endif # if (defined __cplusplus && ! defined EXIT_SUCCESS \ && ! ((defined YYMALLOC || defined malloc) \ - && (defined YYFREE || defined free))) + && (defined YYFREE || defined free))) # include /* INFRINGES ON USER NAME SPACE */ # ifndef EXIT_SUCCESS # define EXIT_SUCCESS 0 @@ -721,13 +731,15 @@ typedef short int yytype_int16; # endif # ifndef YYMALLOC # define YYMALLOC malloc -# if ! defined malloc && ! defined EXIT_SUCCESS +# if ! defined malloc && ! defined EXIT_SUCCESS && (defined __STDC__ || defined __C99__FUNC__ \ + || defined __cplusplus || defined _MSC_VER) void *malloc (YYSIZE_T); /* INFRINGES ON USER NAME SPACE */ # endif # endif # ifndef YYFREE # define YYFREE free -# if ! defined free && ! defined EXIT_SUCCESS +# if ! defined free && ! defined EXIT_SUCCESS && (defined __STDC__ || defined __C99__FUNC__ \ + || defined __cplusplus || defined _MSC_VER) void free (void *); /* INFRINGES ON USER NAME SPACE */ # endif # endif @@ -737,7 +749,7 @@ void free (void *); /* INFRINGES ON USER NAME SPACE */ #if (! defined yyoverflow \ && (! defined __cplusplus \ - || (defined YYSTYPE_IS_TRIVIAL && YYSTYPE_IS_TRIVIAL))) + || (defined YYSTYPE_IS_TRIVIAL && YYSTYPE_IS_TRIVIAL))) /* A type that is properly aligned for any stack member. */ union yyalloc @@ -762,16 +774,16 @@ union yyalloc elements in the stack, and YYPTR gives the new location of the stack. Advance YYPTR to a properly aligned location for the next stack. */ -# define YYSTACK_RELOCATE(Stack_alloc, Stack) \ - do \ - { \ - YYSIZE_T yynewbytes; \ - YYCOPY (&yyptr->Stack_alloc, Stack, yysize); \ - Stack = &yyptr->Stack_alloc; \ - yynewbytes = yystacksize * sizeof (*Stack) + YYSTACK_GAP_MAXIMUM; \ - yyptr += yynewbytes / sizeof (*yyptr); \ - } \ - while (0) +# define YYSTACK_RELOCATE(Stack_alloc, Stack) \ + do \ + { \ + YYSIZE_T yynewbytes; \ + YYCOPY (&yyptr->Stack_alloc, Stack, yysize); \ + Stack = &yyptr->Stack_alloc; \ + yynewbytes = yystacksize * sizeof (*Stack) + YYSTACK_GAP_MAXIMUM; \ + yyptr += yynewbytes / sizeof (*yyptr); \ + } \ + while (YYID (0)) #endif @@ -790,50 +802,48 @@ union yyalloc for (yyi = 0; yyi < (Count); yyi++) \ (Dst)[yyi] = (Src)[yyi]; \ } \ - while (0) + while (YYID (0)) # endif # endif #endif /* !YYCOPY_NEEDED */ /* YYFINAL -- State number of the termination state. */ -#define YYFINAL 210 +#define YYFINAL 213 /* YYLAST -- Last index in YYTABLE. */ -#define YYLAST 647 +#define YYLAST 624 /* YYNTOKENS -- Number of terminals. */ -#define YYNTOKENS 199 +#define YYNTOKENS 202 /* YYNNTS -- Number of nonterminals. */ #define YYNNTS 105 /* YYNRULES -- Number of rules. */ -#define YYNRULES 313 -/* YYNSTATES -- Number of states. */ -#define YYNSTATES 419 +#define YYNRULES 316 +/* YYNRULES -- Number of states. */ +#define YYNSTATES 422 -/* YYTRANSLATE[YYX] -- Symbol number corresponding to YYX as returned - by yylex, with out-of-bounds checking. */ +/* YYTRANSLATE(YYLEX) -- Bison symbol number corresponding to YYLEX. */ #define YYUNDEFTOK 2 -#define YYMAXUTOK 448 +#define YYMAXUTOK 451 -#define YYTRANSLATE(YYX) \ +#define YYTRANSLATE(YYX) \ ((unsigned int) (YYX) <= YYMAXUTOK ? yytranslate[YYX] : YYUNDEFTOK) -/* YYTRANSLATE[TOKEN-NUM] -- Symbol number corresponding to TOKEN-NUM - as returned by yylex, without out-of-bounds checking. */ +/* YYTRANSLATE[YYLEX] -- Bison symbol number corresponding to YYLEX. */ static const yytype_uint8 yytranslate[] = { 0, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 195, 196, 2, 2, 2, 2, 2, 2, 2, 2, + 198, 199, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 194, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 197, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 197, 2, 198, 2, 2, 2, 2, + 2, 2, 2, 200, 2, 201, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, @@ -865,45 +875,166 @@ static const yytype_uint8 yytranslate[] = 155, 156, 157, 158, 159, 160, 161, 162, 163, 164, 165, 166, 167, 168, 169, 170, 171, 172, 173, 174, 175, 176, 177, 178, 179, 180, 181, 182, 183, 184, - 185, 186, 187, 188, 189, 190, 191, 192, 193 + 185, 186, 187, 188, 189, 190, 191, 192, 193, 194, + 195, 196 }; #if YYDEBUG - /* YYRLINE[YYN] -- Source line where rule number YYN was defined. */ +/* YYPRHS[YYN] -- Index of the first RHS symbol of rule number YYN in + YYRHS. */ +static const yytype_uint16 yyprhs[] = +{ + 0, 0, 3, 5, 9, 12, 15, 16, 18, 20, + 22, 24, 26, 28, 30, 32, 34, 36, 38, 40, + 42, 46, 48, 50, 52, 54, 56, 58, 61, 63, + 65, 67, 68, 71, 73, 75, 77, 79, 81, 83, + 85, 87, 89, 91, 93, 95, 98, 101, 103, 105, + 107, 109, 111, 113, 116, 118, 121, 123, 125, 127, + 130, 133, 136, 139, 142, 145, 148, 151, 154, 157, + 160, 163, 164, 167, 170, 173, 175, 177, 179, 181, + 183, 186, 189, 191, 194, 197, 200, 202, 204, 206, + 208, 210, 212, 214, 216, 218, 220, 223, 226, 230, + 233, 235, 237, 239, 241, 243, 245, 247, 249, 251, + 252, 255, 258, 261, 263, 265, 267, 269, 271, 273, + 275, 277, 279, 281, 283, 285, 287, 290, 293, 297, + 303, 307, 312, 317, 321, 322, 325, 327, 329, 331, + 333, 335, 337, 339, 341, 343, 345, 347, 349, 351, + 353, 355, 358, 360, 363, 365, 367, 369, 372, 374, + 377, 379, 381, 383, 385, 387, 389, 391, 393, 397, + 400, 402, 405, 408, 411, 414, 417, 419, 421, 423, + 425, 427, 429, 432, 435, 437, 440, 442, 444, 446, + 449, 452, 455, 457, 459, 461, 463, 465, 467, 469, + 471, 473, 475, 477, 479, 481, 483, 486, 489, 491, + 494, 496, 498, 500, 502, 504, 506, 508, 510, 512, + 514, 516, 518, 521, 524, 527, 530, 534, 536, 539, + 542, 545, 548, 552, 555, 557, 559, 561, 563, 565, + 567, 569, 571, 573, 575, 577, 580, 581, 586, 588, + 589, 590, 593, 596, 599, 602, 604, 606, 610, 614, + 616, 618, 620, 622, 624, 626, 628, 630, 632, 635, + 638, 640, 642, 644, 646, 648, 650, 652, 654, 657, + 659, 662, 664, 666, 668, 674, 677, 679, 682, 684, + 686, 688, 690, 692, 694, 700, 702, 706, 709, 713, + 715, 717, 720, 722, 728, 733, 737, 740, 742, 749, + 753, 756, 760, 762, 764, 766, 768 +}; + +/* YYRHS -- A `-1'-separated list of the rules' RHS. */ +static const yytype_int16 yyrhs[] = +{ + 203, 0, -1, 204, -1, 204, 205, 186, -1, 205, + 186, -1, 1, 186, -1, -1, 206, -1, 219, -1, + 221, -1, 222, -1, 231, -1, 239, -1, 226, -1, + 248, -1, 253, -1, 257, -1, 262, -1, 266, -1, + 293, -1, 207, 208, 211, -1, 146, -1, 131, -1, + 126, -1, 14, -1, 84, -1, 209, -1, 210, 158, + -1, 158, -1, 66, -1, 68, -1, -1, 211, 212, + -1, 213, -1, 215, -1, 217, -1, 214, -1, 9, + -1, 17, -1, 53, -1, 116, -1, 133, -1, 134, + -1, 169, -1, 183, -1, 216, 61, -1, 216, 173, + -1, 70, -1, 100, -1, 92, -1, 171, -1, 102, + -1, 179, -1, 218, 158, -1, 54, -1, 220, 208, + -1, 177, -1, 178, -1, 15, -1, 85, 290, -1, + 107, 290, -1, 93, 61, -1, 10, 61, -1, 22, + 61, -1, 23, 223, -1, 71, 158, -1, 72, 158, + -1, 140, 61, -1, 143, 61, -1, 170, 286, -1, + 122, 158, -1, -1, 223, 224, -1, 225, 158, -1, + 143, 61, -1, 51, -1, 54, -1, 136, -1, 137, + -1, 28, -1, 167, 227, -1, 227, 228, -1, 228, + -1, 229, 61, -1, 230, 292, -1, 21, 291, -1, + 19, -1, 48, -1, 123, -1, 124, -1, 101, -1, + 13, -1, 98, -1, 90, -1, 96, -1, 88, -1, + 150, 232, -1, 152, 158, -1, 41, 233, 234, -1, + 232, 233, -1, 233, -1, 20, -1, 24, -1, 82, + -1, 127, -1, 138, -1, 160, -1, 165, -1, 135, + -1, -1, 234, 235, -1, 40, 158, -1, 172, 238, + -1, 236, -1, 237, -1, 78, -1, 109, -1, 37, + -1, 29, -1, 112, -1, 129, -1, 26, -1, 181, + -1, 105, -1, 184, -1, 4, -1, 30, 242, -1, + 106, 245, -1, 142, 208, 240, -1, 142, 209, 86, + 209, 240, -1, 142, 27, 240, -1, 142, 66, 27, + 240, -1, 142, 68, 27, 240, -1, 142, 148, 240, + -1, -1, 240, 241, -1, 47, -1, 55, -1, 73, + -1, 74, -1, 77, -1, 83, -1, 110, -1, 111, + -1, 114, -1, 115, -1, 117, -1, 118, -1, 119, + -1, 121, -1, 179, -1, 242, 243, -1, 243, -1, + 244, 61, -1, 11, -1, 99, -1, 104, -1, 245, + 246, -1, 246, -1, 247, 61, -1, 56, -1, 57, + -1, 58, -1, 59, -1, 87, -1, 89, -1, 91, + -1, 97, -1, 50, 208, 249, -1, 249, 250, -1, + 250, -1, 251, 292, -1, 252, 291, -1, 157, 61, + -1, 3, 158, -1, 139, 158, -1, 162, -1, 163, + -1, 43, -1, 44, -1, 45, -1, 46, -1, 144, + 254, -1, 254, 255, -1, 255, -1, 256, 61, -1, + 95, -1, 149, -1, 42, -1, 37, 258, -1, 29, + 258, -1, 258, 259, -1, 259, -1, 260, -1, 261, + -1, 8, -1, 12, -1, 18, -1, 69, -1, 104, + -1, 120, -1, 103, -1, 151, -1, 174, -1, 175, + -1, 176, -1, 166, 263, -1, 263, 264, -1, 264, + -1, 265, 292, -1, 6, -1, 31, -1, 49, -1, + 52, -1, 125, -1, 153, -1, 154, -1, 155, -1, + 156, -1, 161, -1, 278, -1, 282, -1, 267, 292, + -1, 268, 61, -1, 269, 158, -1, 270, 158, -1, + 60, 158, 205, -1, 38, -1, 33, 271, -1, 80, + 276, -1, 128, 289, -1, 147, 272, -1, 168, 209, + 274, -1, 171, 285, -1, 16, -1, 113, -1, 161, + -1, 35, -1, 76, -1, 54, -1, 75, -1, 81, + -1, 130, -1, 145, -1, 158, -1, 158, 32, -1, + -1, 158, 197, 158, 273, -1, 27, -1, -1, -1, + 274, 275, -1, 132, 61, -1, 62, 209, -1, 276, + 277, -1, 277, -1, 158, -1, 279, 281, 280, -1, + 279, 281, 158, -1, 62, -1, 108, -1, 5, -1, + 65, -1, 67, -1, 182, -1, 79, -1, 55, -1, + 34, -1, 141, 283, -1, 283, 284, -1, 284, -1, + 7, -1, 8, -1, 25, -1, 64, -1, 94, -1, + 159, -1, 164, -1, 285, 61, -1, 61, -1, 286, + 287, -1, 287, -1, 61, -1, 288, -1, 198, 61, + 36, 61, 199, -1, 289, 158, -1, 158, -1, 290, + 208, -1, 208, -1, 61, -1, 169, -1, 39, -1, + 61, -1, 32, -1, 294, 200, 295, 298, 201, -1, + 187, -1, 295, 296, 186, -1, 296, 186, -1, 297, + 197, 292, -1, 188, -1, 189, -1, 298, 299, -1, + 299, -1, 301, 200, 300, 302, 201, -1, 190, 197, + 292, 186, -1, 146, 197, 208, -1, 302, 303, -1, + 303, -1, 191, 197, 292, 200, 304, 201, -1, 304, + 305, 186, -1, 305, 186, -1, 306, 197, 292, -1, + 192, -1, 193, -1, 194, -1, 195, -1, 196, -1 +}; + +/* YYRLINE[YYN] -- source line where rule number YYN was defined. */ static const yytype_uint16 yyrline[] = { - 0, 366, 366, 370, 371, 372, 387, 388, 389, 390, - 391, 392, 393, 394, 395, 396, 397, 398, 399, 400, - 408, 418, 419, 420, 421, 422, 426, 427, 432, 437, - 439, 445, 446, 454, 455, 456, 460, 465, 466, 467, - 468, 469, 470, 471, 472, 476, 478, 483, 484, 485, - 486, 487, 488, 492, 497, 506, 516, 517, 527, 529, - 531, 533, 544, 551, 553, 558, 560, 562, 564, 566, - 575, 581, 582, 590, 592, 604, 605, 606, 607, 608, - 617, 622, 627, 635, 637, 639, 644, 645, 646, 647, - 648, 649, 653, 654, 655, 656, 665, 667, 676, 686, - 691, 699, 700, 701, 702, 703, 704, 705, 706, 711, - 712, 720, 730, 739, 754, 759, 760, 764, 765, 769, - 770, 771, 772, 773, 774, 775, 784, 788, 792, 800, - 808, 816, 831, 846, 859, 860, 868, 869, 870, 871, - 872, 873, 874, 875, 876, 877, 878, 879, 880, 881, - 882, 886, 891, 899, 904, 905, 906, 910, 915, 923, - 928, 929, 930, 931, 932, 933, 934, 935, 943, 953, - 958, 966, 968, 970, 979, 981, 986, 987, 991, 992, - 993, 994, 1002, 1007, 1012, 1020, 1025, 1026, 1027, 1036, - 1038, 1043, 1048, 1056, 1058, 1075, 1076, 1077, 1078, 1079, - 1080, 1084, 1085, 1093, 1098, 1103, 1111, 1116, 1117, 1118, - 1119, 1120, 1121, 1122, 1123, 1124, 1125, 1134, 1135, 1136, - 1143, 1150, 1157, 1173, 1192, 1194, 1196, 1198, 1200, 1202, - 1209, 1214, 1215, 1216, 1220, 1224, 1233, 1234, 1238, 1239, - 1240, 1244, 1255, 1269, 1281, 1286, 1288, 1293, 1294, 1302, - 1304, 1312, 1317, 1325, 1350, 1357, 1367, 1368, 1372, 1373, - 1374, 1375, 1379, 1380, 1381, 1385, 1390, 1395, 1403, 1404, - 1405, 1406, 1407, 1408, 1409, 1419, 1424, 1432, 1437, 1445, - 1447, 1451, 1456, 1461, 1469, 1474, 1482, 1491, 1492, 1496, - 1497, 1506, 1524, 1528, 1533, 1541, 1546, 1547, 1551, 1556, - 1564, 1569, 1574, 1579, 1584, 1592, 1597, 1602, 1610, 1615, - 1616, 1617, 1618, 1619 + 0, 369, 369, 373, 374, 375, 390, 391, 392, 393, + 394, 395, 396, 397, 398, 399, 400, 401, 402, 403, + 411, 421, 422, 423, 424, 425, 429, 430, 435, 440, + 442, 448, 449, 457, 458, 459, 463, 468, 469, 470, + 471, 472, 473, 474, 475, 479, 481, 486, 487, 488, + 489, 490, 491, 495, 500, 509, 519, 520, 530, 532, + 534, 536, 547, 554, 556, 561, 563, 565, 567, 569, + 578, 584, 585, 593, 595, 607, 608, 609, 610, 611, + 620, 625, 630, 638, 640, 642, 647, 648, 649, 650, + 651, 652, 656, 657, 658, 659, 668, 670, 679, 689, + 694, 702, 703, 704, 705, 706, 707, 708, 709, 714, + 715, 723, 733, 742, 757, 762, 763, 767, 768, 772, + 773, 774, 775, 776, 777, 778, 787, 791, 795, 803, + 811, 819, 834, 849, 862, 863, 871, 872, 873, 874, + 875, 876, 877, 878, 879, 880, 881, 882, 883, 884, + 885, 889, 894, 902, 907, 908, 909, 913, 918, 926, + 931, 932, 933, 934, 935, 936, 937, 938, 946, 956, + 961, 969, 971, 973, 982, 984, 989, 990, 994, 995, + 996, 997, 1005, 1010, 1015, 1023, 1028, 1029, 1030, 1039, + 1041, 1046, 1051, 1059, 1061, 1078, 1079, 1080, 1081, 1082, + 1083, 1087, 1088, 1089, 1090, 1091, 1099, 1104, 1109, 1117, + 1122, 1123, 1124, 1125, 1126, 1127, 1128, 1129, 1130, 1131, + 1140, 1141, 1142, 1149, 1156, 1163, 1179, 1198, 1200, 1202, + 1204, 1206, 1208, 1215, 1220, 1221, 1222, 1226, 1230, 1239, + 1240, 1244, 1245, 1246, 1250, 1261, 1275, 1287, 1292, 1294, + 1299, 1300, 1308, 1310, 1318, 1323, 1331, 1356, 1363, 1373, + 1374, 1378, 1379, 1380, 1381, 1385, 1386, 1387, 1391, 1396, + 1401, 1409, 1410, 1411, 1412, 1413, 1414, 1415, 1425, 1430, + 1438, 1443, 1451, 1453, 1457, 1462, 1467, 1475, 1480, 1488, + 1497, 1498, 1502, 1503, 1512, 1530, 1534, 1539, 1547, 1552, + 1553, 1557, 1562, 1570, 1575, 1580, 1585, 1590, 1598, 1603, + 1608, 1616, 1621, 1622, 1623, 1624, 1625 }; #endif @@ -944,29 +1075,29 @@ static const char *const yytname[] = "T_Step", "T_Stepback", "T_Stepfwd", "T_Stepout", "T_Stratum", "T_String", "T_Sys", "T_Sysstats", "T_Tick", "T_Time1", "T_Time2", "T_Timer", "T_Timingstats", "T_Tinker", "T_Tos", "T_Trap", "T_True", - "T_Trustedkey", "T_Ttl", "T_Type", "T_U_int", "T_Unconfig", "T_Unpeer", - "T_Version", "T_WanderThreshold", "T_Week", "T_Wildcard", "T_Xleave", - "T_Year", "T_Flag", "T_EOC", "T_Simulate", "T_Beep_Delay", - "T_Sim_Duration", "T_Server_Offset", "T_Duration", "T_Freq_Offset", - "T_Wander", "T_Jitter", "T_Prop_Delay", "T_Proc_Delay", "'='", "'('", - "')'", "'{'", "'}'", "$accept", "configuration", "command_list", - "command", "server_command", "client_type", "address", "ip_address", - "address_fam", "option_list", "option", "option_flag", - "option_flag_keyword", "option_int", "option_int_keyword", "option_str", - "option_str_keyword", "unpeer_command", "unpeer_keyword", - "other_mode_command", "authentication_command", "crypto_command_list", - "crypto_command", "crypto_str_keyword", "orphan_mode_command", - "tos_option_list", "tos_option", "tos_option_int_keyword", - "tos_option_dbl_keyword", "monitoring_command", "stats_list", "stat", - "filegen_option_list", "filegen_option", "link_nolink", "enable_disable", - "filegen_type", "access_control_command", "ac_flag_list", - "access_control_flag", "discard_option_list", "discard_option", - "discard_option_keyword", "mru_option_list", "mru_option", - "mru_option_keyword", "fudge_command", "fudge_factor_list", - "fudge_factor", "fudge_factor_dbl_keyword", "fudge_factor_bool_keyword", - "rlimit_command", "rlimit_option_list", "rlimit_option", - "rlimit_option_keyword", "system_option_command", "system_option_list", - "system_option", "system_option_flag_keyword", + "T_Trustedkey", "T_Ttl", "T_Type", "T_U_int", "T_UEcrypto", + "T_UEcryptonak", "T_UEdigest", "T_Unconfig", "T_Unpeer", "T_Version", + "T_WanderThreshold", "T_Week", "T_Wildcard", "T_Xleave", "T_Year", + "T_Flag", "T_EOC", "T_Simulate", "T_Beep_Delay", "T_Sim_Duration", + "T_Server_Offset", "T_Duration", "T_Freq_Offset", "T_Wander", "T_Jitter", + "T_Prop_Delay", "T_Proc_Delay", "'='", "'('", "')'", "'{'", "'}'", + "$accept", "configuration", "command_list", "command", "server_command", + "client_type", "address", "ip_address", "address_fam", "option_list", + "option", "option_flag", "option_flag_keyword", "option_int", + "option_int_keyword", "option_str", "option_str_keyword", + "unpeer_command", "unpeer_keyword", "other_mode_command", + "authentication_command", "crypto_command_list", "crypto_command", + "crypto_str_keyword", "orphan_mode_command", "tos_option_list", + "tos_option", "tos_option_int_keyword", "tos_option_dbl_keyword", + "monitoring_command", "stats_list", "stat", "filegen_option_list", + "filegen_option", "link_nolink", "enable_disable", "filegen_type", + "access_control_command", "ac_flag_list", "access_control_flag", + "discard_option_list", "discard_option", "discard_option_keyword", + "mru_option_list", "mru_option", "mru_option_keyword", "fudge_command", + "fudge_factor_list", "fudge_factor", "fudge_factor_dbl_keyword", + "fudge_factor_bool_keyword", "rlimit_command", "rlimit_option_list", + "rlimit_option", "rlimit_option_keyword", "system_option_command", + "system_option_list", "system_option", "system_option_flag_keyword", "system_option_local_flag_keyword", "tinker_command", "tinker_option_list", "tinker_option", "tinker_option_keyword", "miscellaneous_command", "misc_cmd_dbl_keyword", "misc_cmd_int_keyword", @@ -981,13 +1112,13 @@ static const char *const yytname[] = "sim_init_statement_list", "sim_init_statement", "sim_init_keyword", "sim_server_list", "sim_server", "sim_server_offset", "sim_server_name", "sim_act_list", "sim_act", "sim_act_stmt_list", "sim_act_stmt", - "sim_act_keyword", YY_NULLPTR + "sim_act_keyword", YY_NULL }; #endif # ifdef YYPRINT -/* YYTOKNUM[NUM] -- (External) token number corresponding to the - (internal) symbol number NUM (which must be that of a token). */ +/* YYTOKNUM[YYLEX-NUM] -- Internal token number corresponding to + token YYLEX-NUM. */ static const yytype_uint16 yytoknum[] = { 0, 256, 257, 258, 259, 260, 261, 262, 263, 264, @@ -1009,376 +1140,49 @@ static const yytype_uint16 yytoknum[] = 415, 416, 417, 418, 419, 420, 421, 422, 423, 424, 425, 426, 427, 428, 429, 430, 431, 432, 433, 434, 435, 436, 437, 438, 439, 440, 441, 442, 443, 444, - 445, 446, 447, 448, 61, 40, 41, 123, 125 + 445, 446, 447, 448, 449, 450, 451, 61, 40, 41, + 123, 125 }; # endif -#define YYPACT_NINF -185 - -#define yypact_value_is_default(Yystate) \ - (!!((Yystate) == (-185))) - -#define YYTABLE_NINF -7 - -#define yytable_value_is_error(Yytable_value) \ - 0 - - /* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing - STATE-NUM. */ -static const yytype_int16 yypact[] = -{ - 78, -169, -34, -185, -185, -185, -29, -185, 17, 43, - -124, -185, 17, -185, -5, -27, -185, -121, -185, -112, - -110, -185, -185, -100, -185, -185, -27, 0, 116, -27, - -185, -185, -91, -185, -89, -185, -185, 11, 35, 30, - 13, 31, -185, -185, -83, -5, -78, -185, 186, 523, - -76, -56, 15, -185, -185, -185, 83, 244, -99, -185, - -27, -185, -27, -185, -185, -185, -185, -185, -185, -185, - -185, -185, -185, -12, 24, -71, -69, -185, -11, -185, - -185, -107, -185, -185, -185, 8, -185, -185, -185, -185, - -185, -185, -185, -185, 17, -185, -185, -185, -185, -185, - -185, 43, -185, 34, 59, -185, 17, -185, -185, -185, - -185, -185, -185, -185, -185, -185, -185, -185, -185, 7, - -185, -61, 407, -185, -185, -185, -100, -185, -185, -27, - -185, -185, -185, -185, -185, -185, -185, -185, -185, 116, - -185, 44, -27, -185, -185, -52, -185, -185, -185, -185, - -185, -185, -185, -185, 35, -185, -185, 85, 96, -185, - -185, 39, -185, -185, -185, -185, 31, -185, 75, -46, - -185, -5, -185, -185, -185, -185, -185, -185, -185, -185, - -185, -185, -185, -185, 186, -185, -12, -185, -185, -35, - -185, -185, -185, -185, -185, -185, -185, -185, 523, -185, - 82, -12, -185, -185, 91, -56, -185, -185, -185, 100, - -185, -26, -185, -185, -185, -185, -185, -185, -185, -185, - -185, -185, -185, -185, -2, -130, -185, -185, -185, -185, - -185, 105, -185, 9, -185, -185, -185, -185, -7, 18, - -185, -185, -185, -185, 25, 121, -185, -185, 7, -185, - -12, -35, -185, -185, -185, -185, -185, -185, -185, -185, - 391, -185, -185, 391, 391, -76, -185, -185, 29, -185, - -185, -185, -185, -185, -185, -185, -185, -185, -185, -51, - 153, -185, -185, -185, 464, -185, -185, -185, -185, -185, - -185, -185, -185, -82, 14, 1, -185, -185, -185, -185, - 38, -185, -185, 12, -185, -185, -185, -185, -185, -185, - -185, -185, -185, -185, -185, -185, -185, -185, -185, -185, - -185, -185, -185, -185, -185, -185, -185, -185, -185, 391, - 391, -185, 171, -76, 140, -185, 141, -185, -185, -185, - -185, -185, -185, -185, -185, -185, -185, -185, -185, -185, - -185, -185, -185, -185, -185, -185, -55, -185, 53, 20, - 33, -128, -185, 32, -185, -12, -185, -185, -185, -185, - -185, -185, -185, -185, -185, 391, -185, -185, -185, -185, - 16, -185, -185, -185, -27, -185, -185, -185, 46, -185, - -185, -185, 37, 48, -12, 40, -167, -185, 54, -12, - -185, -185, -185, 45, 79, -185, -185, -185, -185, -185, - 98, 57, 47, -185, 60, -185, -12, -185, -185 -}; - - /* YYDEFACT[STATE-NUM] -- Default reduction number in state STATE-NUM. - Performed when YYTABLE does not specify something else to do. Zero - means the default is an error. */ -static const yytype_uint16 yydefact[] = -{ - 0, 0, 0, 24, 58, 231, 0, 71, 0, 0, - 243, 234, 0, 224, 0, 0, 236, 0, 256, 0, - 0, 237, 235, 0, 238, 25, 0, 0, 0, 0, - 257, 232, 0, 23, 0, 239, 22, 0, 0, 0, - 0, 0, 240, 21, 0, 0, 0, 233, 0, 0, - 0, 0, 0, 56, 57, 292, 0, 2, 0, 7, - 0, 8, 0, 9, 10, 13, 11, 12, 14, 15, - 16, 17, 18, 0, 0, 0, 0, 217, 0, 218, - 19, 0, 5, 62, 63, 64, 195, 196, 197, 198, - 201, 199, 200, 202, 190, 192, 193, 194, 154, 155, - 156, 126, 152, 0, 241, 225, 189, 101, 102, 103, - 104, 108, 105, 106, 107, 109, 29, 30, 28, 0, - 26, 0, 6, 65, 66, 253, 226, 252, 285, 59, - 61, 160, 161, 162, 163, 164, 165, 166, 167, 127, - 158, 0, 60, 70, 283, 227, 67, 268, 269, 270, - 271, 272, 273, 274, 265, 267, 134, 29, 30, 134, - 134, 26, 68, 188, 186, 187, 182, 184, 0, 0, - 228, 96, 100, 97, 207, 208, 209, 210, 211, 212, - 213, 214, 215, 216, 203, 205, 0, 91, 86, 0, - 87, 95, 93, 94, 92, 90, 88, 89, 80, 82, - 0, 0, 247, 279, 0, 69, 278, 280, 276, 230, - 1, 0, 4, 31, 55, 290, 289, 219, 220, 221, - 222, 264, 263, 262, 0, 0, 79, 75, 76, 77, - 78, 0, 72, 0, 191, 151, 153, 242, 98, 0, - 178, 179, 180, 181, 0, 0, 176, 177, 168, 170, - 0, 0, 27, 223, 251, 284, 157, 159, 282, 266, - 130, 134, 134, 133, 128, 0, 183, 185, 0, 99, - 204, 206, 288, 286, 287, 85, 81, 83, 84, 229, - 0, 277, 275, 3, 20, 258, 259, 260, 255, 261, - 254, 296, 297, 0, 0, 0, 74, 73, 118, 117, - 0, 115, 116, 0, 110, 113, 114, 174, 175, 173, - 169, 171, 172, 136, 137, 138, 139, 140, 141, 142, - 143, 144, 145, 146, 147, 148, 149, 150, 135, 131, - 132, 134, 246, 0, 0, 248, 0, 37, 38, 39, - 54, 47, 49, 48, 51, 40, 41, 42, 43, 50, - 52, 44, 32, 33, 36, 34, 0, 35, 0, 0, - 0, 0, 299, 0, 294, 0, 111, 125, 121, 123, - 119, 120, 122, 124, 112, 129, 245, 244, 250, 249, - 0, 45, 46, 53, 0, 293, 291, 298, 0, 295, - 281, 302, 0, 0, 0, 0, 0, 304, 0, 0, - 300, 303, 301, 0, 0, 309, 310, 311, 312, 313, - 0, 0, 0, 305, 0, 307, 0, 306, 308 -}; - - /* YYPGOTO[NTERM-NUM]. */ -static const yytype_int16 yypgoto[] = -{ - -185, -185, -185, -44, -185, -185, -15, -38, -185, -185, - -185, -185, -185, -185, -185, -185, -185, -185, -185, -185, - -185, -185, -185, -185, -185, -185, 28, -185, -185, -185, - -185, -36, -185, -185, -185, -185, -185, -185, -152, -185, - -185, 146, -185, -185, 111, -185, -185, -185, 3, -185, - -185, -185, -185, 89, -185, -185, 245, -66, -185, -185, - -185, -185, 72, -185, -185, -185, -185, -185, -185, -185, - -185, -185, -185, -185, -185, 137, -185, -185, -185, -185, - -185, -185, 110, -185, -185, 70, -185, -185, 236, 27, - -184, -185, -185, -185, -17, -185, -185, -81, -185, -185, - -185, -113, -185, -126, -185 -}; - - /* YYDEFGOTO[NTERM-NUM]. */ -static const yytype_int16 yydefgoto[] = -{ - -1, 56, 57, 58, 59, 60, 128, 120, 121, 284, - 352, 353, 354, 355, 356, 357, 358, 61, 62, 63, - 64, 85, 232, 233, 65, 198, 199, 200, 201, 66, - 171, 115, 238, 304, 305, 306, 374, 67, 260, 328, - 101, 102, 103, 139, 140, 141, 68, 248, 249, 250, - 251, 69, 166, 167, 168, 70, 94, 95, 96, 97, - 71, 184, 185, 186, 72, 73, 74, 75, 76, 105, - 170, 377, 279, 335, 126, 127, 77, 78, 290, 224, - 79, 154, 155, 209, 205, 206, 207, 145, 129, 275, - 217, 80, 81, 293, 294, 295, 361, 362, 393, 363, - 396, 397, 410, 411, 412 -}; - - /* YYTABLE[YYPACT[STATE-NUM]] -- What to do in state STATE-NUM. If - positive, shift that token. If negative, reduce the rule whose - number is the opposite. If YYTABLE_NINF, syntax error. */ -static const yytype_int16 yytable[] = -{ - 119, 161, 271, 285, 272, 203, 381, 263, 264, 172, - 239, 333, 202, 211, 82, 107, 367, 278, 359, 108, - 215, 395, 298, 221, 160, 86, 273, 83, 234, 87, - 299, 400, 84, 300, 104, 88, 226, 122, 368, 116, - 234, 117, 147, 148, 222, 213, 123, 214, 124, 216, - 240, 241, 242, 243, 98, 291, 292, 156, 125, 227, - 149, 130, 228, 286, 359, 287, 311, 143, 223, 144, - 386, 301, 146, 163, 162, 169, 208, 109, 253, 1, - 173, 334, 118, 210, 212, 218, 89, 219, 2, 220, - 225, 237, 3, 4, 5, 236, 157, 252, 158, 150, - 6, 7, 302, 291, 292, 257, 258, 8, 9, 329, - 330, 10, 261, 11, 255, 12, 13, 369, 382, 14, - 90, 91, 110, 262, 370, 265, 164, 255, 15, 151, - 111, 118, 16, 112, 274, 269, 267, 92, 17, 204, - 18, 371, 99, 277, 229, 230, 244, 100, 268, 19, - 20, 231, 280, 21, 22, 113, 288, 283, 23, 24, - 114, 282, 25, 26, 245, 303, 296, 297, 93, 246, - 247, 27, 131, 132, 133, 134, 307, 289, 159, 375, - 165, 389, 309, 308, 28, 29, 30, 332, 118, 336, - 372, 31, 174, 373, 152, 365, 366, 364, 376, 153, - 32, 379, 380, 135, 33, 136, 34, 137, 35, 36, - 398, 383, 390, 138, 384, 403, 385, 175, 37, 38, - 39, 40, 41, 42, 43, 44, 276, 331, 45, 388, - 46, 394, 418, 392, 399, 176, 395, 402, 177, 47, - 415, 416, 404, 417, 48, 49, 50, 235, 51, 52, - 256, 310, 53, 54, 2, 266, 270, 106, 3, 4, - 5, -6, 55, 254, 259, 142, 6, 7, 405, 406, - 407, 408, 409, 8, 9, 281, 360, 10, 312, 11, - 387, 12, 13, 401, 414, 14, 0, 405, 406, 407, - 408, 409, 0, 0, 15, 378, 413, 0, 16, 0, - 0, 0, 0, 0, 17, 0, 18, 0, 0, 0, - 0, 178, 0, 0, 0, 19, 20, 0, 0, 21, - 22, 0, 0, 0, 23, 24, 0, 0, 25, 26, - 0, 0, 0, 0, 0, 0, 0, 27, 0, 179, - 180, 181, 182, 0, 0, 0, 0, 183, 0, 0, - 28, 29, 30, 0, 0, 0, 0, 31, 0, 0, - 0, 0, 0, 0, 0, 0, 32, 0, 0, 391, - 33, 0, 34, 0, 35, 36, 0, 0, 0, 0, - 0, 0, 0, 0, 37, 38, 39, 40, 41, 42, - 43, 44, 0, 0, 45, 0, 46, 0, 0, 0, - 0, 0, 0, 0, 0, 47, 0, 0, 0, 0, - 48, 49, 50, 0, 51, 52, 0, 2, 53, 54, - 0, 3, 4, 5, 0, 0, 0, -6, 55, 6, - 7, 0, 0, 0, 0, 0, 8, 9, 313, 0, - 10, 0, 11, 0, 12, 13, 314, 0, 14, 0, - 0, 0, 0, 0, 0, 0, 0, 15, 0, 0, - 0, 16, 0, 0, 315, 316, 0, 17, 317, 18, - 0, 0, 0, 337, 318, 0, 0, 0, 19, 20, - 0, 338, 21, 22, 0, 0, 0, 23, 24, 0, - 0, 25, 26, 0, 0, 0, 0, 0, 0, 0, - 27, 319, 320, 0, 0, 321, 322, 0, 323, 324, - 325, 0, 326, 28, 29, 30, 0, 339, 340, 0, - 31, 0, 0, 0, 0, 0, 0, 0, 0, 32, - 0, 0, 0, 33, 341, 34, 187, 35, 36, 0, - 0, 0, 188, 0, 189, 0, 0, 37, 38, 39, - 40, 41, 42, 43, 44, 0, 342, 45, 0, 46, - 0, 0, 0, 0, 343, 0, 344, 327, 47, 0, - 0, 190, 0, 48, 49, 50, 0, 51, 52, 0, - 345, 53, 54, 0, 0, 0, 0, 0, 0, 0, - 0, 55, 0, 0, 0, 0, 0, 346, 347, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 191, 0, 192, 0, 0, 0, 0, 0, 193, - 0, 194, 0, 0, 195, 0, 0, 0, 0, 0, - 0, 0, 0, 348, 0, 349, 0, 0, 0, 0, - 350, 0, 0, 0, 351, 0, 196, 197 -}; - -static const yytype_int16 yycheck[] = -{ - 15, 39, 186, 5, 39, 61, 61, 159, 160, 45, - 3, 62, 50, 57, 183, 20, 4, 201, 146, 24, - 32, 188, 29, 34, 39, 8, 61, 61, 94, 12, - 37, 198, 61, 40, 158, 18, 28, 158, 26, 66, - 106, 68, 7, 8, 55, 60, 158, 62, 158, 61, - 43, 44, 45, 46, 11, 185, 186, 27, 158, 51, - 25, 61, 54, 65, 146, 67, 250, 158, 79, 158, - 198, 78, 61, 42, 61, 158, 61, 82, 122, 1, - 158, 132, 158, 0, 183, 61, 69, 158, 10, 158, - 197, 32, 14, 15, 16, 61, 66, 158, 68, 64, - 22, 23, 109, 185, 186, 61, 158, 29, 30, 261, - 262, 33, 27, 35, 129, 37, 38, 105, 173, 41, - 103, 104, 127, 27, 112, 86, 95, 142, 50, 94, - 135, 158, 54, 138, 169, 171, 61, 120, 60, 195, - 62, 129, 99, 61, 136, 137, 139, 104, 194, 71, - 72, 143, 61, 75, 76, 160, 158, 183, 80, 81, - 165, 61, 84, 85, 157, 172, 61, 158, 151, 162, - 163, 93, 56, 57, 58, 59, 158, 179, 148, 331, - 149, 365, 61, 158, 106, 107, 108, 158, 158, 36, - 178, 113, 6, 181, 159, 194, 158, 183, 27, 164, - 122, 61, 61, 87, 126, 89, 128, 91, 130, 131, - 394, 158, 196, 97, 194, 399, 183, 31, 140, 141, - 142, 143, 144, 145, 146, 147, 198, 265, 150, 197, - 152, 194, 416, 187, 194, 49, 188, 183, 52, 161, - 183, 194, 197, 183, 166, 167, 168, 101, 170, 171, - 139, 248, 174, 175, 10, 166, 184, 12, 14, 15, - 16, 183, 184, 126, 154, 29, 22, 23, 189, 190, - 191, 192, 193, 29, 30, 205, 293, 33, 251, 35, - 361, 37, 38, 396, 410, 41, -1, 189, 190, 191, - 192, 193, -1, -1, 50, 333, 198, -1, 54, -1, - -1, -1, -1, -1, 60, -1, 62, -1, -1, -1, - -1, 125, -1, -1, -1, 71, 72, -1, -1, 75, - 76, -1, -1, -1, 80, 81, -1, -1, 84, 85, - -1, -1, -1, -1, -1, -1, -1, 93, -1, 153, - 154, 155, 156, -1, -1, -1, -1, 161, -1, -1, - 106, 107, 108, -1, -1, -1, -1, 113, -1, -1, - -1, -1, -1, -1, -1, -1, 122, -1, -1, 384, - 126, -1, 128, -1, 130, 131, -1, -1, -1, -1, - -1, -1, -1, -1, 140, 141, 142, 143, 144, 145, - 146, 147, -1, -1, 150, -1, 152, -1, -1, -1, - -1, -1, -1, -1, -1, 161, -1, -1, -1, -1, - 166, 167, 168, -1, 170, 171, -1, 10, 174, 175, - -1, 14, 15, 16, -1, -1, -1, 183, 184, 22, - 23, -1, -1, -1, -1, -1, 29, 30, 47, -1, - 33, -1, 35, -1, 37, 38, 55, -1, 41, -1, - -1, -1, -1, -1, -1, -1, -1, 50, -1, -1, - -1, 54, -1, -1, 73, 74, -1, 60, 77, 62, - -1, -1, -1, 9, 83, -1, -1, -1, 71, 72, - -1, 17, 75, 76, -1, -1, -1, 80, 81, -1, - -1, 84, 85, -1, -1, -1, -1, -1, -1, -1, - 93, 110, 111, -1, -1, 114, 115, -1, 117, 118, - 119, -1, 121, 106, 107, 108, -1, 53, 54, -1, - 113, -1, -1, -1, -1, -1, -1, -1, -1, 122, - -1, -1, -1, 126, 70, 128, 13, 130, 131, -1, - -1, -1, 19, -1, 21, -1, -1, 140, 141, 142, - 143, 144, 145, 146, 147, -1, 92, 150, -1, 152, - -1, -1, -1, -1, 100, -1, 102, 176, 161, -1, - -1, 48, -1, 166, 167, 168, -1, 170, 171, -1, - 116, 174, 175, -1, -1, -1, -1, -1, -1, -1, - -1, 184, -1, -1, -1, -1, -1, 133, 134, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, 88, -1, 90, -1, -1, -1, -1, -1, 96, - -1, 98, -1, -1, 101, -1, -1, -1, -1, -1, - -1, -1, -1, 169, -1, 171, -1, -1, -1, -1, - 176, -1, -1, -1, 180, -1, 123, 124 -}; - - /* YYSTOS[STATE-NUM] -- The (internal number of the) accessing - symbol of state STATE-NUM. */ -static const yytype_uint16 yystos[] = -{ - 0, 1, 10, 14, 15, 16, 22, 23, 29, 30, - 33, 35, 37, 38, 41, 50, 54, 60, 62, 71, - 72, 75, 76, 80, 81, 84, 85, 93, 106, 107, - 108, 113, 122, 126, 128, 130, 131, 140, 141, 142, - 143, 144, 145, 146, 147, 150, 152, 161, 166, 167, - 168, 170, 171, 174, 175, 184, 200, 201, 202, 203, - 204, 216, 217, 218, 219, 223, 228, 236, 245, 250, - 254, 259, 263, 264, 265, 266, 267, 275, 276, 279, - 290, 291, 183, 61, 61, 220, 8, 12, 18, 69, - 103, 104, 120, 151, 255, 256, 257, 258, 11, 99, - 104, 239, 240, 241, 158, 268, 255, 20, 24, 82, - 127, 135, 138, 160, 165, 230, 66, 68, 158, 205, - 206, 207, 158, 158, 158, 158, 273, 274, 205, 287, - 61, 56, 57, 58, 59, 87, 89, 91, 97, 242, - 243, 244, 287, 158, 158, 286, 61, 7, 8, 25, - 64, 94, 159, 164, 280, 281, 27, 66, 68, 148, - 205, 206, 61, 42, 95, 149, 251, 252, 253, 158, - 269, 229, 230, 158, 6, 31, 49, 52, 125, 153, - 154, 155, 156, 161, 260, 261, 262, 13, 19, 21, - 48, 88, 90, 96, 98, 101, 123, 124, 224, 225, - 226, 227, 206, 61, 195, 283, 284, 285, 61, 282, - 0, 202, 183, 205, 205, 32, 61, 289, 61, 158, - 158, 34, 55, 79, 278, 197, 28, 51, 54, 136, - 137, 143, 221, 222, 256, 240, 61, 32, 231, 3, - 43, 44, 45, 46, 139, 157, 162, 163, 246, 247, - 248, 249, 158, 202, 274, 205, 243, 61, 158, 281, - 237, 27, 27, 237, 237, 86, 252, 61, 194, 230, - 261, 289, 39, 61, 169, 288, 225, 61, 289, 271, - 61, 284, 61, 183, 208, 5, 65, 67, 158, 179, - 277, 185, 186, 292, 293, 294, 61, 158, 29, 37, - 40, 78, 109, 172, 232, 233, 234, 158, 158, 61, - 247, 289, 288, 47, 55, 73, 74, 77, 83, 110, - 111, 114, 115, 117, 118, 119, 121, 176, 238, 237, - 237, 206, 158, 62, 132, 272, 36, 9, 17, 53, - 54, 70, 92, 100, 102, 116, 133, 134, 169, 171, - 176, 180, 209, 210, 211, 212, 213, 214, 215, 146, - 293, 295, 296, 298, 183, 194, 158, 4, 26, 105, - 112, 129, 178, 181, 235, 237, 27, 270, 206, 61, - 61, 61, 173, 158, 194, 183, 198, 296, 197, 289, - 196, 205, 187, 297, 194, 188, 299, 300, 289, 194, - 198, 300, 183, 289, 197, 189, 190, 191, 192, 193, - 301, 302, 303, 198, 302, 183, 194, 183, 289 -}; - - /* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */ +/* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */ static const yytype_uint16 yyr1[] = { - 0, 199, 200, 201, 201, 201, 202, 202, 202, 202, - 202, 202, 202, 202, 202, 202, 202, 202, 202, 202, - 203, 204, 204, 204, 204, 204, 205, 205, 206, 207, - 207, 208, 208, 209, 209, 209, 210, 211, 211, 211, - 211, 211, 211, 211, 211, 212, 212, 213, 213, 213, - 213, 213, 213, 214, 215, 216, 217, 217, 218, 218, - 218, 218, 219, 219, 219, 219, 219, 219, 219, 219, - 219, 220, 220, 221, 221, 222, 222, 222, 222, 222, - 223, 224, 224, 225, 225, 225, 226, 226, 226, 226, - 226, 226, 227, 227, 227, 227, 228, 228, 228, 229, - 229, 230, 230, 230, 230, 230, 230, 230, 230, 231, - 231, 232, 232, 232, 232, 233, 233, 234, 234, 235, - 235, 235, 235, 235, 235, 235, 236, 236, 236, 236, - 236, 236, 236, 236, 237, 237, 238, 238, 238, 238, - 238, 238, 238, 238, 238, 238, 238, 238, 238, 238, - 238, 239, 239, 240, 241, 241, 241, 242, 242, 243, - 244, 244, 244, 244, 244, 244, 244, 244, 245, 246, - 246, 247, 247, 247, 247, 247, 248, 248, 249, 249, - 249, 249, 250, 251, 251, 252, 253, 253, 253, 254, - 254, 255, 255, 256, 256, 257, 257, 257, 257, 257, - 257, 258, 258, 259, 260, 260, 261, 262, 262, 262, - 262, 262, 262, 262, 262, 262, 262, 263, 263, 263, - 263, 263, 263, 263, 263, 263, 263, 263, 263, 263, - 263, 264, 264, 264, 265, 265, 266, 266, 267, 267, - 267, 268, 268, 268, 269, 270, 270, 271, 271, 272, - 272, 273, 273, 274, 275, 275, 276, 276, 277, 277, - 277, 277, 278, 278, 278, 279, 280, 280, 281, 281, - 281, 281, 281, 281, 281, 282, 282, 283, 283, 284, - 284, 285, 286, 286, 287, 287, 288, 288, 288, 289, - 289, 290, 291, 292, 292, 293, 294, 294, 295, 295, - 296, 297, 298, 299, 299, 300, 301, 301, 302, 303, - 303, 303, 303, 303 + 0, 202, 203, 204, 204, 204, 205, 205, 205, 205, + 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, + 206, 207, 207, 207, 207, 207, 208, 208, 209, 210, + 210, 211, 211, 212, 212, 212, 213, 214, 214, 214, + 214, 214, 214, 214, 214, 215, 215, 216, 216, 216, + 216, 216, 216, 217, 218, 219, 220, 220, 221, 221, + 221, 221, 222, 222, 222, 222, 222, 222, 222, 222, + 222, 223, 223, 224, 224, 225, 225, 225, 225, 225, + 226, 227, 227, 228, 228, 228, 229, 229, 229, 229, + 229, 229, 230, 230, 230, 230, 231, 231, 231, 232, + 232, 233, 233, 233, 233, 233, 233, 233, 233, 234, + 234, 235, 235, 235, 235, 236, 236, 237, 237, 238, + 238, 238, 238, 238, 238, 238, 239, 239, 239, 239, + 239, 239, 239, 239, 240, 240, 241, 241, 241, 241, + 241, 241, 241, 241, 241, 241, 241, 241, 241, 241, + 241, 242, 242, 243, 244, 244, 244, 245, 245, 246, + 247, 247, 247, 247, 247, 247, 247, 247, 248, 249, + 249, 250, 250, 250, 250, 250, 251, 251, 252, 252, + 252, 252, 253, 254, 254, 255, 256, 256, 256, 257, + 257, 258, 258, 259, 259, 260, 260, 260, 260, 260, + 260, 261, 261, 261, 261, 261, 262, 263, 263, 264, + 265, 265, 265, 265, 265, 265, 265, 265, 265, 265, + 266, 266, 266, 266, 266, 266, 266, 266, 266, 266, + 266, 266, 266, 266, 267, 267, 267, 268, 268, 269, + 269, 270, 270, 270, 271, 271, 271, 272, 273, 273, + 274, 274, 275, 275, 276, 276, 277, 278, 278, 279, + 279, 280, 280, 280, 280, 281, 281, 281, 282, 283, + 283, 284, 284, 284, 284, 284, 284, 284, 285, 285, + 286, 286, 287, 287, 288, 289, 289, 290, 290, 291, + 291, 291, 292, 292, 293, 294, 295, 295, 296, 297, + 297, 298, 298, 299, 300, 301, 302, 302, 303, 304, + 304, 305, 306, 306, 306, 306, 306 }; - /* YYR2[YYN] -- Number of symbols on the right hand side of rule YYN. */ +/* YYR2[YYN] -- Number of symbols composing right hand side of rule YYN. */ static const yytype_uint8 yyr2[] = { 0, 2, 1, 3, 2, 2, 0, 1, 1, 1, @@ -1401,30 +1205,369 @@ static const yytype_uint8 yyr2[] = 1, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 2, 2, 1, 2, 1, 1, 1, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 2, 2, 1, 2, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 2, - 2, 2, 2, 3, 1, 2, 2, 2, 2, 3, - 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 2, 0, 4, 1, 0, 0, 2, 2, - 2, 2, 1, 1, 3, 3, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 2, 2, 1, 1, 1, - 1, 1, 1, 1, 1, 2, 1, 2, 1, 1, - 1, 5, 2, 1, 2, 1, 1, 1, 1, 1, - 1, 5, 1, 3, 2, 3, 1, 1, 2, 1, - 5, 4, 3, 2, 1, 6, 3, 2, 3, 1, - 1, 1, 1, 1 + 1, 1, 1, 1, 1, 1, 2, 2, 1, 2, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 2, 2, 2, 2, 3, 1, 2, 2, + 2, 2, 3, 2, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 2, 0, 4, 1, 0, + 0, 2, 2, 2, 2, 1, 1, 3, 3, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 2, 2, + 1, 1, 1, 1, 1, 1, 1, 1, 2, 1, + 2, 1, 1, 1, 5, 2, 1, 2, 1, 1, + 1, 1, 1, 1, 5, 1, 3, 2, 3, 1, + 1, 2, 1, 5, 4, 3, 2, 1, 6, 3, + 2, 3, 1, 1, 1, 1, 1 }; +/* YYDEFACT[STATE-NAME] -- Default reduction number in state STATE-NUM. + Performed when YYTABLE doesn't specify something else to do. Zero + means the default is an error. */ +static const yytype_uint16 yydefact[] = +{ + 0, 0, 0, 24, 58, 234, 0, 71, 0, 0, + 246, 237, 0, 227, 0, 0, 239, 0, 259, 0, + 0, 240, 238, 0, 241, 25, 0, 0, 0, 0, + 260, 235, 0, 23, 0, 242, 22, 0, 0, 0, + 0, 0, 243, 21, 0, 0, 0, 236, 0, 0, + 0, 0, 0, 56, 57, 295, 0, 2, 0, 7, + 0, 8, 0, 9, 10, 13, 11, 12, 14, 15, + 16, 17, 18, 0, 0, 0, 0, 220, 0, 221, + 19, 0, 5, 62, 63, 64, 195, 196, 197, 198, + 201, 199, 200, 202, 203, 204, 205, 190, 192, 193, + 194, 154, 155, 156, 126, 152, 0, 244, 228, 189, + 101, 102, 103, 104, 108, 105, 106, 107, 109, 29, + 30, 28, 0, 26, 0, 6, 65, 66, 256, 229, + 255, 288, 59, 61, 160, 161, 162, 163, 164, 165, + 166, 167, 127, 158, 0, 60, 70, 286, 230, 67, + 271, 272, 273, 274, 275, 276, 277, 268, 270, 134, + 29, 30, 134, 134, 26, 68, 188, 186, 187, 182, + 184, 0, 0, 231, 96, 100, 97, 210, 211, 212, + 213, 214, 215, 216, 217, 218, 219, 206, 208, 0, + 91, 86, 0, 87, 95, 93, 94, 92, 90, 88, + 89, 80, 82, 0, 0, 250, 282, 0, 69, 281, + 283, 279, 233, 1, 0, 4, 31, 55, 293, 292, + 222, 223, 224, 225, 267, 266, 265, 0, 0, 79, + 75, 76, 77, 78, 0, 72, 0, 191, 151, 153, + 245, 98, 0, 178, 179, 180, 181, 0, 0, 176, + 177, 168, 170, 0, 0, 27, 226, 254, 287, 157, + 159, 285, 269, 130, 134, 134, 133, 128, 0, 183, + 185, 0, 99, 207, 209, 291, 289, 290, 85, 81, + 83, 84, 232, 0, 280, 278, 3, 20, 261, 262, + 263, 258, 264, 257, 299, 300, 0, 0, 0, 74, + 73, 118, 117, 0, 115, 116, 0, 110, 113, 114, + 174, 175, 173, 169, 171, 172, 136, 137, 138, 139, + 140, 141, 142, 143, 144, 145, 146, 147, 148, 149, + 150, 135, 131, 132, 134, 249, 0, 0, 251, 0, + 37, 38, 39, 54, 47, 49, 48, 51, 40, 41, + 42, 43, 50, 52, 44, 32, 33, 36, 34, 0, + 35, 0, 0, 0, 0, 302, 0, 297, 0, 111, + 125, 121, 123, 119, 120, 122, 124, 112, 129, 248, + 247, 253, 252, 0, 45, 46, 53, 0, 296, 294, + 301, 0, 298, 284, 305, 0, 0, 0, 0, 0, + 307, 0, 0, 303, 306, 304, 0, 0, 312, 313, + 314, 315, 316, 0, 0, 0, 308, 0, 310, 0, + 309, 311 +}; -#define yyerrok (yyerrstatus = 0) -#define yyclearin (yychar = YYEMPTY) -#define YYEMPTY (-2) -#define YYEOF 0 +/* YYDEFGOTO[NTERM-NUM]. */ +static const yytype_int16 yydefgoto[] = +{ + -1, 56, 57, 58, 59, 60, 131, 123, 124, 287, + 355, 356, 357, 358, 359, 360, 361, 61, 62, 63, + 64, 85, 235, 236, 65, 201, 202, 203, 204, 66, + 174, 118, 241, 307, 308, 309, 377, 67, 263, 331, + 104, 105, 106, 142, 143, 144, 68, 251, 252, 253, + 254, 69, 169, 170, 171, 70, 97, 98, 99, 100, + 71, 187, 188, 189, 72, 73, 74, 75, 76, 108, + 173, 380, 282, 338, 129, 130, 77, 78, 293, 227, + 79, 157, 158, 212, 208, 209, 210, 148, 132, 278, + 220, 80, 81, 296, 297, 298, 364, 365, 396, 366, + 399, 400, 413, 414, 415 +}; -#define YYACCEPT goto yyacceptlab -#define YYABORT goto yyabortlab -#define YYERROR goto yyerrorlab +/* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing + STATE-NUM. */ +#define YYPACT_NINF -188 +static const yytype_int16 yypact[] = +{ + 5, -160, -28, -188, -188, -188, -24, -188, 60, 0, + -119, -188, 60, -188, 118, 7, -188, -117, -188, -110, + -108, -188, -188, -101, -188, -188, 7, -1, 345, 7, + -188, -188, -96, -188, -95, -188, -188, 21, -3, 73, + 33, 11, -188, -188, -94, 118, -61, -188, 43, 446, + -57, -58, 41, -188, -188, -188, 105, 179, -79, -188, + 7, -188, 7, -188, -188, -188, -188, -188, -188, -188, + -188, -188, -188, -7, 48, -48, -39, -188, 24, -188, + -188, -86, -188, -188, -188, 42, -188, -188, -188, -188, + -188, -188, -188, -188, -188, -188, -188, 60, -188, -188, + -188, -188, -188, -188, 0, -188, 59, 89, -188, 60, + -188, -188, -188, -188, -188, -188, -188, -188, -188, -188, + -188, -188, 80, -188, 9, 338, -188, -188, -188, -101, + -188, -188, 7, -188, -188, -188, -188, -188, -188, -188, + -188, -188, 345, -188, 67, 7, -188, -188, 12, -188, + -188, -188, -188, -188, -188, -188, -188, -3, -188, -188, + 107, 116, -188, -188, 83, -188, -188, -188, -188, 11, + -188, 113, -20, -188, 118, -188, -188, -188, -188, -188, + -188, -188, -188, -188, -188, -188, -188, 43, -188, -7, + -188, -188, -25, -188, -188, -188, -188, -188, -188, -188, + -188, 446, -188, 127, -7, -188, -188, 129, -58, -188, + -188, -188, 142, -188, 19, -188, -188, -188, -188, -188, + -188, -188, -188, -188, -188, -188, -188, 4, -158, -188, + -188, -188, -188, -188, 145, -188, 49, -188, -188, -188, + -188, 233, 55, -188, -188, -188, -188, 64, 157, -188, + -188, 80, -188, -7, -25, -188, -188, -188, -188, -188, + -188, -188, -188, 445, -188, -188, 445, 445, -57, -188, + -188, 82, -188, -188, -188, -188, -188, -188, -188, -188, + -188, -188, -44, 202, -188, -188, -188, 324, -188, -188, + -188, -188, -188, -188, -188, -188, -30, 58, 50, -188, + -188, -188, -188, 88, -188, -188, 3, -188, -188, -188, + -188, -188, -188, -188, -188, -188, -188, -188, -188, -188, + -188, -188, -188, -188, -188, -188, -188, -188, -188, -188, + -188, -188, 445, 445, -188, 221, -57, 188, -188, 191, + -188, -188, -188, -188, -188, -188, -188, -188, -188, -188, + -188, -188, -188, -188, -188, -188, -188, -188, -188, -51, + -188, 99, 61, 75, -114, -188, 65, -188, -7, -188, + -188, -188, -188, -188, -188, -188, -188, -188, 445, -188, + -188, -188, -188, 68, -188, -188, -188, 7, -188, -188, + -188, 76, -188, -188, -188, 71, 78, -7, 74, -178, + -188, 90, -7, -188, -188, -188, 77, 32, -188, -188, + -188, -188, -188, 101, 93, 84, -188, 94, -188, -7, + -188, -188 +}; +/* YYPGOTO[NTERM-NUM]. */ +static const yytype_int16 yypgoto[] = +{ + -188, -188, -188, -41, -188, -188, -15, -38, -188, -188, + -188, -188, -188, -188, -188, -188, -188, -188, -188, -188, + -188, -188, -188, -188, -188, -188, 81, -188, -188, -188, + -188, -37, -188, -188, -188, -188, -188, -188, -111, -188, + -188, 170, -188, -188, 133, -188, -188, -188, 37, -188, + -188, -188, -188, 115, -188, -188, 277, -53, -188, -188, + -188, -188, 103, -188, -188, -188, -188, -188, -188, -188, + -188, -188, -188, -188, -188, 162, -188, -188, -188, -188, + -188, -188, 143, -188, -188, 91, -188, -188, 274, 52, + -187, -188, -188, -188, 8, -188, -188, -56, -188, -188, + -188, -87, -188, -100, -188 +}; + +/* YYTABLE[YYPACT[STATE-NUM]]. What to do in state STATE-NUM. If + positive, shift that token. If negative, reduce the rule which + number is the opposite. If YYTABLE_NINF, syntax error. */ +#define YYTABLE_NINF -7 +static const yytype_int16 yytable[] = +{ + 122, 164, 274, 206, 150, 151, 1, 370, 175, 288, + 384, 101, 205, 398, 275, 2, 214, 281, 336, 3, + 4, 5, 152, 403, 163, 218, 82, 6, 7, 371, + 294, 295, 362, 83, 8, 9, 276, 84, 10, 107, + 11, 125, 12, 13, 237, 216, 14, 217, 126, 177, + 127, 266, 267, 166, 219, 15, 237, 128, 224, 16, + 133, 153, 146, 147, 172, 17, 314, 18, 86, 289, + 229, 290, 87, 119, 178, 120, 19, 20, 88, 225, + 21, 22, 149, 242, 256, 23, 24, 389, 337, 25, + 26, 154, 179, 230, 165, 180, 231, 176, 27, 102, + 159, 121, 211, 226, 103, 213, 167, 215, 372, 221, + 222, 28, 29, 30, 228, 373, 362, 258, 31, 223, + 239, 240, 385, 243, 244, 245, 246, 32, 260, 89, + 258, 33, 374, 34, 264, 35, 36, 272, 110, 160, + 207, 161, 111, 265, 277, 37, 38, 39, 40, 41, + 42, 43, 44, 332, 333, 45, 155, 46, 294, 295, + 168, 156, 291, 90, 91, 121, 47, 255, 181, 268, + 261, 48, 49, 50, 270, 51, 52, 271, 232, 233, + 92, 392, 53, 54, 375, 234, 292, 376, 280, 2, + 283, -6, 55, 3, 4, 5, 182, 183, 184, 185, + 112, 6, 7, 285, 186, 286, 299, 300, 8, 9, + 401, 93, 10, 310, 11, 406, 12, 13, 312, 247, + 14, 162, 311, 378, 408, 409, 410, 411, 412, 15, + 334, 121, 421, 16, 94, 95, 96, 248, 339, 17, + 335, 18, 249, 250, 367, 113, 369, 368, 379, 382, + 19, 20, 383, 114, 21, 22, 115, 386, 387, 23, + 24, 388, 301, 25, 26, 391, 395, 393, 397, 398, + 302, 402, 27, 303, 238, 259, 405, 407, 116, 418, + 420, 419, 279, 117, 269, 28, 29, 30, 313, 109, + 273, 257, 31, 408, 409, 410, 411, 412, 381, 284, + 262, 32, 416, 145, 363, 33, 315, 34, 390, 35, + 36, 304, 404, 417, 0, 0, 0, 0, 0, 37, + 38, 39, 40, 41, 42, 43, 44, 0, 0, 45, + 0, 46, 0, 340, 0, 0, 0, 0, 0, 0, + 47, 341, 305, 0, 0, 48, 49, 50, 2, 51, + 52, 0, 3, 4, 5, 0, 53, 54, 0, 0, + 6, 7, 0, 0, 0, -6, 55, 8, 9, 0, + 0, 10, 394, 11, 0, 12, 13, 342, 343, 14, + 0, 0, 0, 0, 0, 0, 0, 0, 15, 0, + 0, 0, 16, 0, 344, 0, 0, 0, 17, 0, + 18, 134, 135, 136, 137, 306, 0, 0, 0, 19, + 20, 0, 0, 21, 22, 0, 345, 0, 23, 24, + 0, 0, 25, 26, 346, 0, 347, 0, 0, 0, + 0, 27, 138, 0, 139, 0, 140, 0, 0, 0, + 348, 0, 141, 0, 28, 29, 30, 0, 0, 0, + 0, 31, 0, 0, 0, 0, 0, 349, 350, 190, + 32, 0, 0, 0, 33, 191, 34, 192, 35, 36, + 0, 0, 0, 0, 0, 0, 0, 0, 37, 38, + 39, 40, 41, 42, 43, 44, 0, 0, 45, 0, + 46, 0, 316, 351, 193, 352, 0, 0, 0, 47, + 317, 0, 0, 353, 48, 49, 50, 354, 51, 52, + 0, 0, 0, 0, 0, 53, 54, 0, 318, 319, + 0, 0, 320, 0, 0, 55, 0, 0, 321, 0, + 0, 0, 0, 0, 194, 0, 195, 0, 0, 0, + 0, 0, 196, 0, 197, 0, 0, 198, 0, 0, + 0, 0, 0, 0, 0, 322, 323, 0, 0, 324, + 325, 0, 326, 327, 328, 0, 329, 0, 0, 199, + 200, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 330 +}; + +#define yypact_value_is_default(Yystate) \ + (!!((Yystate) == (-188))) + +#define yytable_value_is_error(Yytable_value) \ + YYID (0) + +static const yytype_int16 yycheck[] = +{ + 15, 39, 189, 61, 7, 8, 1, 4, 45, 5, + 61, 11, 50, 191, 39, 10, 57, 204, 62, 14, + 15, 16, 25, 201, 39, 32, 186, 22, 23, 26, + 188, 189, 146, 61, 29, 30, 61, 61, 33, 158, + 35, 158, 37, 38, 97, 60, 41, 62, 158, 6, + 158, 162, 163, 42, 61, 50, 109, 158, 34, 54, + 61, 64, 158, 158, 158, 60, 253, 62, 8, 65, + 28, 67, 12, 66, 31, 68, 71, 72, 18, 55, + 75, 76, 61, 3, 125, 80, 81, 201, 132, 84, + 85, 94, 49, 51, 61, 52, 54, 158, 93, 99, + 27, 158, 61, 79, 104, 0, 95, 186, 105, 61, + 158, 106, 107, 108, 200, 112, 146, 132, 113, 158, + 61, 32, 173, 43, 44, 45, 46, 122, 61, 69, + 145, 126, 129, 128, 27, 130, 131, 174, 20, 66, + 198, 68, 24, 27, 169, 140, 141, 142, 143, 144, + 145, 146, 147, 264, 265, 150, 159, 152, 188, 189, + 149, 164, 158, 103, 104, 158, 161, 158, 125, 86, + 158, 166, 167, 168, 61, 170, 171, 197, 136, 137, + 120, 368, 177, 178, 181, 143, 182, 184, 61, 10, + 61, 186, 187, 14, 15, 16, 153, 154, 155, 156, + 82, 22, 23, 61, 161, 186, 61, 158, 29, 30, + 397, 151, 33, 158, 35, 402, 37, 38, 61, 139, + 41, 148, 158, 334, 192, 193, 194, 195, 196, 50, + 268, 158, 419, 54, 174, 175, 176, 157, 36, 60, + 158, 62, 162, 163, 186, 127, 158, 197, 27, 61, + 71, 72, 61, 135, 75, 76, 138, 158, 197, 80, + 81, 186, 29, 84, 85, 200, 190, 199, 197, 191, + 37, 197, 93, 40, 104, 142, 186, 200, 160, 186, + 186, 197, 201, 165, 169, 106, 107, 108, 251, 12, + 187, 129, 113, 192, 193, 194, 195, 196, 336, 208, + 157, 122, 201, 29, 296, 126, 254, 128, 364, 130, + 131, 78, 399, 413, -1, -1, -1, -1, -1, 140, + 141, 142, 143, 144, 145, 146, 147, -1, -1, 150, + -1, 152, -1, 9, -1, -1, -1, -1, -1, -1, + 161, 17, 109, -1, -1, 166, 167, 168, 10, 170, + 171, -1, 14, 15, 16, -1, 177, 178, -1, -1, + 22, 23, -1, -1, -1, 186, 187, 29, 30, -1, + -1, 33, 387, 35, -1, 37, 38, 53, 54, 41, + -1, -1, -1, -1, -1, -1, -1, -1, 50, -1, + -1, -1, 54, -1, 70, -1, -1, -1, 60, -1, + 62, 56, 57, 58, 59, 172, -1, -1, -1, 71, + 72, -1, -1, 75, 76, -1, 92, -1, 80, 81, + -1, -1, 84, 85, 100, -1, 102, -1, -1, -1, + -1, 93, 87, -1, 89, -1, 91, -1, -1, -1, + 116, -1, 97, -1, 106, 107, 108, -1, -1, -1, + -1, 113, -1, -1, -1, -1, -1, 133, 134, 13, + 122, -1, -1, -1, 126, 19, 128, 21, 130, 131, + -1, -1, -1, -1, -1, -1, -1, -1, 140, 141, + 142, 143, 144, 145, 146, 147, -1, -1, 150, -1, + 152, -1, 47, 169, 48, 171, -1, -1, -1, 161, + 55, -1, -1, 179, 166, 167, 168, 183, 170, 171, + -1, -1, -1, -1, -1, 177, 178, -1, 73, 74, + -1, -1, 77, -1, -1, 187, -1, -1, 83, -1, + -1, -1, -1, -1, 88, -1, 90, -1, -1, -1, + -1, -1, 96, -1, 98, -1, -1, 101, -1, -1, + -1, -1, -1, -1, -1, 110, 111, -1, -1, 114, + 115, -1, 117, 118, 119, -1, 121, -1, -1, 123, + 124, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, 179 +}; + +/* YYSTOS[STATE-NUM] -- The (internal number of the) accessing + symbol of state STATE-NUM. */ +static const yytype_uint16 yystos[] = +{ + 0, 1, 10, 14, 15, 16, 22, 23, 29, 30, + 33, 35, 37, 38, 41, 50, 54, 60, 62, 71, + 72, 75, 76, 80, 81, 84, 85, 93, 106, 107, + 108, 113, 122, 126, 128, 130, 131, 140, 141, 142, + 143, 144, 145, 146, 147, 150, 152, 161, 166, 167, + 168, 170, 171, 177, 178, 187, 203, 204, 205, 206, + 207, 219, 220, 221, 222, 226, 231, 239, 248, 253, + 257, 262, 266, 267, 268, 269, 270, 278, 279, 282, + 293, 294, 186, 61, 61, 223, 8, 12, 18, 69, + 103, 104, 120, 151, 174, 175, 176, 258, 259, 260, + 261, 11, 99, 104, 242, 243, 244, 158, 271, 258, + 20, 24, 82, 127, 135, 138, 160, 165, 233, 66, + 68, 158, 208, 209, 210, 158, 158, 158, 158, 276, + 277, 208, 290, 61, 56, 57, 58, 59, 87, 89, + 91, 97, 245, 246, 247, 290, 158, 158, 289, 61, + 7, 8, 25, 64, 94, 159, 164, 283, 284, 27, + 66, 68, 148, 208, 209, 61, 42, 95, 149, 254, + 255, 256, 158, 272, 232, 233, 158, 6, 31, 49, + 52, 125, 153, 154, 155, 156, 161, 263, 264, 265, + 13, 19, 21, 48, 88, 90, 96, 98, 101, 123, + 124, 227, 228, 229, 230, 209, 61, 198, 286, 287, + 288, 61, 285, 0, 205, 186, 208, 208, 32, 61, + 292, 61, 158, 158, 34, 55, 79, 281, 200, 28, + 51, 54, 136, 137, 143, 224, 225, 259, 243, 61, + 32, 234, 3, 43, 44, 45, 46, 139, 157, 162, + 163, 249, 250, 251, 252, 158, 205, 277, 208, 246, + 61, 158, 284, 240, 27, 27, 240, 240, 86, 255, + 61, 197, 233, 264, 292, 39, 61, 169, 291, 228, + 61, 292, 274, 61, 287, 61, 186, 211, 5, 65, + 67, 158, 182, 280, 188, 189, 295, 296, 297, 61, + 158, 29, 37, 40, 78, 109, 172, 235, 236, 237, + 158, 158, 61, 250, 292, 291, 47, 55, 73, 74, + 77, 83, 110, 111, 114, 115, 117, 118, 119, 121, + 179, 241, 240, 240, 209, 158, 62, 132, 275, 36, + 9, 17, 53, 54, 70, 92, 100, 102, 116, 133, + 134, 169, 171, 179, 183, 212, 213, 214, 215, 216, + 217, 218, 146, 296, 298, 299, 301, 186, 197, 158, + 4, 26, 105, 112, 129, 181, 184, 238, 240, 27, + 273, 209, 61, 61, 61, 173, 158, 197, 186, 201, + 299, 200, 292, 199, 208, 190, 300, 197, 191, 302, + 303, 292, 197, 201, 303, 186, 292, 200, 192, 193, + 194, 195, 196, 304, 305, 306, 201, 305, 186, 197, + 186, 292 +}; + +#define yyerrok (yyerrstatus = 0) +#define yyclearin (yychar = YYEMPTY) +#define YYEMPTY (-2) +#define YYEOF 0 + +#define YYACCEPT goto yyacceptlab +#define YYABORT goto yyabortlab +#define YYERROR goto yyerrorlab + + +/* Like YYERROR except do call yyerror. This remains here temporarily + to ease the transition to the new meaning of YYERROR, for GCC. + Once GCC version 2 has supplanted version 1, this can go. However, + YYFAIL appears to be in use. Nevertheless, it is formally deprecated + in Bison 2.4.2's NEWS entry, where a plan to phase it out is + discussed. */ + +#define YYFAIL goto yyerrlab +#if defined YYFAIL + /* This is here to suppress warnings from the GCC cpp's + -Wunused-macros. Normally we don't worry about that warning, but + some users do, and we want to make it easy for users to remove + YYFAIL uses, which will produce warnings from Bison 2.5. */ +#endif #define YYRECOVERING() (!!yyerrstatus) @@ -1441,15 +1584,27 @@ do \ else \ { \ yyerror (YY_("syntax error: cannot back up")); \ - YYERROR; \ - } \ -while (0) + YYERROR; \ + } \ +while (YYID (0)) /* Error token number */ -#define YYTERROR 1 -#define YYERRCODE 256 +#define YYTERROR 1 +#define YYERRCODE 256 +/* This macro is provided for backward compatibility. */ +#ifndef YY_LOCATION_PRINT +# define YY_LOCATION_PRINT(File, Loc) ((void) 0) +#endif + + +/* YYLEX -- calling `yylex' with the right arguments. */ +#ifdef YYLEX_PARAM +# define YYLEX yylex (YYLEX_PARAM) +#else +# define YYLEX yylex () +#endif /* Enable debugging if requested. */ #if YYDEBUG @@ -1459,36 +1614,40 @@ while (0) # define YYFPRINTF fprintf # endif -# define YYDPRINTF(Args) \ -do { \ - if (yydebug) \ - YYFPRINTF Args; \ -} while (0) +# define YYDPRINTF(Args) \ +do { \ + if (yydebug) \ + YYFPRINTF Args; \ +} while (YYID (0)) -/* This macro is provided for backward compatibility. */ -#ifndef YY_LOCATION_PRINT -# define YY_LOCATION_PRINT(File, Loc) ((void) 0) -#endif +# define YY_SYMBOL_PRINT(Title, Type, Value, Location) \ +do { \ + if (yydebug) \ + { \ + YYFPRINTF (stderr, "%s ", Title); \ + yy_symbol_print (stderr, \ + Type, Value); \ + YYFPRINTF (stderr, "\n"); \ + } \ +} while (YYID (0)) -# define YY_SYMBOL_PRINT(Title, Type, Value, Location) \ -do { \ - if (yydebug) \ - { \ - YYFPRINTF (stderr, "%s ", Title); \ - yy_symbol_print (stderr, \ - Type, Value); \ - YYFPRINTF (stderr, "\n"); \ - } \ -} while (0) - - -/*----------------------------------------. -| Print this symbol's value on YYOUTPUT. | -`----------------------------------------*/ +/*--------------------------------. +| Print this symbol on YYOUTPUT. | +`--------------------------------*/ +/*ARGSUSED*/ +#if (defined __STDC__ || defined __C99__FUNC__ \ + || defined __cplusplus || defined _MSC_VER) static void yy_symbol_value_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep) +#else +static void +yy_symbol_value_print (yyoutput, yytype, yyvaluep) + FILE *yyoutput; + int yytype; + YYSTYPE const * const yyvaluep; +#endif { FILE *yyo = yyoutput; YYUSE (yyo); @@ -1497,6 +1656,8 @@ yy_symbol_value_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvalue # ifdef YYPRINT if (yytype < YYNTOKENS) YYPRINT (yyoutput, yytoknum[yytype], *yyvaluep); +# else + YYUSE (yyoutput); # endif YYUSE (yytype); } @@ -1506,11 +1667,22 @@ yy_symbol_value_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvalue | Print this symbol on YYOUTPUT. | `--------------------------------*/ +#if (defined __STDC__ || defined __C99__FUNC__ \ + || defined __cplusplus || defined _MSC_VER) static void yy_symbol_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep) +#else +static void +yy_symbol_print (yyoutput, yytype, yyvaluep) + FILE *yyoutput; + int yytype; + YYSTYPE const * const yyvaluep; +#endif { - YYFPRINTF (yyoutput, "%s %s (", - yytype < YYNTOKENS ? "token" : "nterm", yytname[yytype]); + if (yytype < YYNTOKENS) + YYFPRINTF (yyoutput, "token %s (", yytname[yytype]); + else + YYFPRINTF (yyoutput, "nterm %s (", yytname[yytype]); yy_symbol_value_print (yyoutput, yytype, yyvaluep); YYFPRINTF (yyoutput, ")"); @@ -1521,8 +1693,16 @@ yy_symbol_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep) | TOP (included). | `------------------------------------------------------------------*/ +#if (defined __STDC__ || defined __C99__FUNC__ \ + || defined __cplusplus || defined _MSC_VER) static void yy_stack_print (yytype_int16 *yybottom, yytype_int16 *yytop) +#else +static void +yy_stack_print (yybottom, yytop) + yytype_int16 *yybottom; + yytype_int16 *yytop; +#endif { YYFPRINTF (stderr, "Stack now"); for (; yybottom <= yytop; yybottom++) @@ -1533,42 +1713,49 @@ yy_stack_print (yytype_int16 *yybottom, yytype_int16 *yytop) YYFPRINTF (stderr, "\n"); } -# define YY_STACK_PRINT(Bottom, Top) \ -do { \ - if (yydebug) \ - yy_stack_print ((Bottom), (Top)); \ -} while (0) +# define YY_STACK_PRINT(Bottom, Top) \ +do { \ + if (yydebug) \ + yy_stack_print ((Bottom), (Top)); \ +} while (YYID (0)) /*------------------------------------------------. | Report that the YYRULE is going to be reduced. | `------------------------------------------------*/ +#if (defined __STDC__ || defined __C99__FUNC__ \ + || defined __cplusplus || defined _MSC_VER) static void -yy_reduce_print (yytype_int16 *yyssp, YYSTYPE *yyvsp, int yyrule) +yy_reduce_print (YYSTYPE *yyvsp, int yyrule) +#else +static void +yy_reduce_print (yyvsp, yyrule) + YYSTYPE *yyvsp; + int yyrule; +#endif { - unsigned long int yylno = yyrline[yyrule]; int yynrhs = yyr2[yyrule]; int yyi; + unsigned long int yylno = yyrline[yyrule]; YYFPRINTF (stderr, "Reducing stack by rule %d (line %lu):\n", - yyrule - 1, yylno); + yyrule - 1, yylno); /* The symbols being reduced. */ for (yyi = 0; yyi < yynrhs; yyi++) { YYFPRINTF (stderr, " $%d = ", yyi + 1); - yy_symbol_print (stderr, - yystos[yyssp[yyi + 1 - yynrhs]], - &(yyvsp[(yyi + 1) - (yynrhs)]) - ); + yy_symbol_print (stderr, yyrhs[yyprhs[yyrule] + yyi], + &(yyvsp[(yyi + 1) - (yynrhs)]) + ); YYFPRINTF (stderr, "\n"); } } -# define YY_REDUCE_PRINT(Rule) \ -do { \ - if (yydebug) \ - yy_reduce_print (yyssp, yyvsp, Rule); \ -} while (0) +# define YY_REDUCE_PRINT(Rule) \ +do { \ + if (yydebug) \ + yy_reduce_print (yyvsp, Rule); \ +} while (YYID (0)) /* Nonzero means print parse trace. It is left uninitialized so that multiple parsers can coexist. */ @@ -1582,7 +1769,7 @@ int yydebug; /* YYINITDEPTH -- initial size of the parser's stacks. */ -#ifndef YYINITDEPTH +#ifndef YYINITDEPTH # define YYINITDEPTH 200 #endif @@ -1605,8 +1792,15 @@ int yydebug; # define yystrlen strlen # else /* Return the length of YYSTR. */ +#if (defined __STDC__ || defined __C99__FUNC__ \ + || defined __cplusplus || defined _MSC_VER) static YYSIZE_T yystrlen (const char *yystr) +#else +static YYSIZE_T +yystrlen (yystr) + const char *yystr; +#endif { YYSIZE_T yylen; for (yylen = 0; yystr[yylen]; yylen++) @@ -1622,8 +1816,16 @@ yystrlen (const char *yystr) # else /* Copy YYSRC to YYDEST, returning the address of the terminating '\0' in YYDEST. */ +#if (defined __STDC__ || defined __C99__FUNC__ \ + || defined __cplusplus || defined _MSC_VER) static char * yystpcpy (char *yydest, const char *yysrc) +#else +static char * +yystpcpy (yydest, yysrc) + char *yydest; + const char *yysrc; +#endif { char *yyd = yydest; const char *yys = yysrc; @@ -1653,27 +1855,27 @@ yytnamerr (char *yyres, const char *yystr) char const *yyp = yystr; for (;;) - switch (*++yyp) - { - case '\'': - case ',': - goto do_not_strip_quotes; + switch (*++yyp) + { + case '\'': + case ',': + goto do_not_strip_quotes; - case '\\': - if (*++yyp != '\\') - goto do_not_strip_quotes; - /* Fall through. */ - default: - if (yyres) - yyres[yyn] = *yyp; - yyn++; - break; + case '\\': + if (*++yyp != '\\') + goto do_not_strip_quotes; + /* Fall through. */ + default: + if (yyres) + yyres[yyn] = *yyp; + yyn++; + break; - case '"': - if (yyres) - yyres[yyn] = '\0'; - return yyn; - } + case '"': + if (yyres) + yyres[yyn] = '\0'; + return yyn; + } do_not_strip_quotes: ; } @@ -1696,11 +1898,11 @@ static int yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg, yytype_int16 *yyssp, int yytoken) { - YYSIZE_T yysize0 = yytnamerr (YY_NULLPTR, yytname[yytoken]); + YYSIZE_T yysize0 = yytnamerr (YY_NULL, yytname[yytoken]); YYSIZE_T yysize = yysize0; enum { YYERROR_VERBOSE_ARGS_MAXIMUM = 5 }; /* Internationalized format string. */ - const char *yyformat = YY_NULLPTR; + const char *yyformat = YY_NULL; /* Arguments of yyformat. */ char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM]; /* Number of reported tokens (one for the "unexpected", one per @@ -1708,6 +1910,10 @@ yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg, int yycount = 0; /* There are many possibilities here to consider: + - Assume YYFAIL is not used. It's too flawed to consider. See + + for details. YYERROR is fine as it does not invoke this + function. - If this state is a consistent state with a default action, then the only way this function was invoked is if the default action is an error action. In that case, don't check for expected @@ -1757,7 +1963,7 @@ yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg, } yyarg[yycount++] = yytname[yyx]; { - YYSIZE_T yysize1 = yysize + yytnamerr (YY_NULLPTR, yytname[yyx]); + YYSIZE_T yysize1 = yysize + yytnamerr (YY_NULL, yytname[yyx]); if (! (yysize <= yysize1 && yysize1 <= YYSTACK_ALLOC_MAXIMUM)) return 2; @@ -1824,17 +2030,26 @@ yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg, | Release the memory associated to this symbol. | `-----------------------------------------------*/ +/*ARGSUSED*/ +#if (defined __STDC__ || defined __C99__FUNC__ \ + || defined __cplusplus || defined _MSC_VER) static void yydestruct (const char *yymsg, int yytype, YYSTYPE *yyvaluep) +#else +static void +yydestruct (yymsg, yytype, yyvaluep) + const char *yymsg; + int yytype; + YYSTYPE *yyvaluep; +#endif { YYUSE (yyvaluep); + if (!yymsg) yymsg = "Deleting"; YY_SYMBOL_PRINT (yymsg, yytype, yyvaluep, yylocationp); - YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN YYUSE (yytype); - YY_IGNORE_MAYBE_UNINITIALIZED_END } @@ -1843,8 +2058,18 @@ yydestruct (const char *yymsg, int yytype, YYSTYPE *yyvaluep) /* The lookahead symbol. */ int yychar; + +#ifndef YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN +# define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN +# define YY_IGNORE_MAYBE_UNINITIALIZED_END +#endif +#ifndef YY_INITIAL_VALUE +# define YY_INITIAL_VALUE(Value) /* Nothing. */ +#endif + /* The semantic value of the lookahead symbol. */ -YYSTYPE yylval; +YYSTYPE yylval YY_INITIAL_VALUE(yyval_default); + /* Number of syntax errors so far. */ int yynerrs; @@ -1853,16 +2078,35 @@ int yynerrs; | yyparse. | `----------*/ +#ifdef YYPARSE_PARAM +#if (defined __STDC__ || defined __C99__FUNC__ \ + || defined __cplusplus || defined _MSC_VER) +int +yyparse (void *YYPARSE_PARAM) +#else +int +yyparse (YYPARSE_PARAM) + void *YYPARSE_PARAM; +#endif +#else /* ! YYPARSE_PARAM */ +#if (defined __STDC__ || defined __C99__FUNC__ \ + || defined __cplusplus || defined _MSC_VER) int yyparse (void) +#else +int +yyparse () + +#endif +#endif { int yystate; /* Number of tokens to shift before error messages enabled. */ int yyerrstatus; /* The stacks and their tools: - 'yyss': related to states. - 'yyvs': related to semantic values. + `yyss': related to states. + `yyvs': related to semantic values. Refer to the stacks through separate pointers, to allow yyoverflow to reallocate them elsewhere. */ @@ -1930,23 +2174,23 @@ yyparse (void) #ifdef yyoverflow { - /* Give user a chance to reallocate the stack. Use copies of - these so that the &'s don't force the real ones into - memory. */ - YYSTYPE *yyvs1 = yyvs; - yytype_int16 *yyss1 = yyss; + /* Give user a chance to reallocate the stack. Use copies of + these so that the &'s don't force the real ones into + memory. */ + YYSTYPE *yyvs1 = yyvs; + yytype_int16 *yyss1 = yyss; - /* Each stack pointer address is followed by the size of the - data in use in that stack, in bytes. This used to be a - conditional around just the two extra args, but that might - be undefined if yyoverflow is a macro. */ - yyoverflow (YY_("memory exhausted"), - &yyss1, yysize * sizeof (*yyssp), - &yyvs1, yysize * sizeof (*yyvsp), - &yystacksize); + /* Each stack pointer address is followed by the size of the + data in use in that stack, in bytes. This used to be a + conditional around just the two extra args, but that might + be undefined if yyoverflow is a macro. */ + yyoverflow (YY_("memory exhausted"), + &yyss1, yysize * sizeof (*yyssp), + &yyvs1, yysize * sizeof (*yyvsp), + &yystacksize); - yyss = yyss1; - yyvs = yyvs1; + yyss = yyss1; + yyvs = yyvs1; } #else /* no yyoverflow */ # ifndef YYSTACK_RELOCATE @@ -1954,22 +2198,22 @@ yyparse (void) # else /* Extend the stack our own way. */ if (YYMAXDEPTH <= yystacksize) - goto yyexhaustedlab; + goto yyexhaustedlab; yystacksize *= 2; if (YYMAXDEPTH < yystacksize) - yystacksize = YYMAXDEPTH; + yystacksize = YYMAXDEPTH; { - yytype_int16 *yyss1 = yyss; - union yyalloc *yyptr = - (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize)); - if (! yyptr) - goto yyexhaustedlab; - YYSTACK_RELOCATE (yyss_alloc, yyss); - YYSTACK_RELOCATE (yyvs_alloc, yyvs); + yytype_int16 *yyss1 = yyss; + union yyalloc *yyptr = + (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize)); + if (! yyptr) + goto yyexhaustedlab; + YYSTACK_RELOCATE (yyss_alloc, yyss); + YYSTACK_RELOCATE (yyvs_alloc, yyvs); # undef YYSTACK_RELOCATE - if (yyss1 != yyssa) - YYSTACK_FREE (yyss1); + if (yyss1 != yyssa) + YYSTACK_FREE (yyss1); } # endif #endif /* no yyoverflow */ @@ -1978,10 +2222,10 @@ yyparse (void) yyvsp = yyvs + yysize - 1; YYDPRINTF ((stderr, "Stack size increased to %lu\n", - (unsigned long int) yystacksize)); + (unsigned long int) yystacksize)); if (yyss + yystacksize - 1 <= yyssp) - YYABORT; + YYABORT; } YYDPRINTF ((stderr, "Entering state %d\n", yystate)); @@ -2010,7 +2254,7 @@ yyparse (void) if (yychar == YYEMPTY) { YYDPRINTF ((stderr, "Reading a token: ")); - yychar = yylex (); + yychar = YYLEX; } if (yychar <= YYEOF) @@ -2075,7 +2319,7 @@ yyparse (void) yylen = yyr2[yyn]; /* If YYLEN is nonzero, implement the default value of the action: - '$$ = $1'. + `$$ = $1'. Otherwise, the following line sets YYVAL to garbage. This behavior is undocumented and Bison @@ -2089,7 +2333,8 @@ yyparse (void) switch (yyn) { case 5: -#line 373 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 376 "../../ntpd/ntp_parser.y" { /* I will need to incorporate much more fine grained * error messages. The following should suffice for @@ -2102,433 +2347,433 @@ yyparse (void) ip_ctx->errpos.nline, ip_ctx->errpos.ncol); } -#line 2106 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 20: -#line 409 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 412 "../../ntpd/ntp_parser.y" { peer_node *my_node; - my_node = create_peer_node((yyvsp[-2].Integer), (yyvsp[-1].Address_node), (yyvsp[0].Attr_val_fifo)); + my_node = create_peer_node((yyvsp[(1) - (3)].Integer), (yyvsp[(2) - (3)].Address_node), (yyvsp[(3) - (3)].Attr_val_fifo)); APPEND_G_FIFO(cfgt.peers, my_node); } -#line 2117 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 27: -#line 428 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Address_node) = create_address_node((yyvsp[0].String), (yyvsp[-1].Integer)); } -#line 2123 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 431 "../../ntpd/ntp_parser.y" + { (yyval.Address_node) = create_address_node((yyvsp[(2) - (2)].String), (yyvsp[(1) - (2)].Integer)); } break; case 28: -#line 433 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Address_node) = create_address_node((yyvsp[0].String), AF_UNSPEC); } -#line 2129 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 436 "../../ntpd/ntp_parser.y" + { (yyval.Address_node) = create_address_node((yyvsp[(1) - (1)].String), AF_UNSPEC); } break; case 29: -#line 438 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 441 "../../ntpd/ntp_parser.y" { (yyval.Integer) = AF_INET; } -#line 2135 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 30: -#line 440 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 443 "../../ntpd/ntp_parser.y" { (yyval.Integer) = AF_INET6; } -#line 2141 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 31: -#line 445 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 448 "../../ntpd/ntp_parser.y" { (yyval.Attr_val_fifo) = NULL; } -#line 2147 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 32: -#line 447 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 450 "../../ntpd/ntp_parser.y" { - (yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo); - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); + (yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val)); } -#line 2156 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 36: -#line 461 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[0].Integer)); } -#line 2162 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 464 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[(1) - (1)].Integer)); } break; case 45: -#line 477 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer)); } -#line 2168 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 480 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer)); } break; case 46: -#line 479 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_uval((yyvsp[-1].Integer), (yyvsp[0].Integer)); } -#line 2174 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 482 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_uval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer)); } break; case 53: -#line 493 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_sval((yyvsp[-1].Integer), (yyvsp[0].String)); } -#line 2180 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 496 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_sval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].String)); } break; case 55: -#line 507 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 510 "../../ntpd/ntp_parser.y" { unpeer_node *my_node; - my_node = create_unpeer_node((yyvsp[0].Address_node)); + my_node = create_unpeer_node((yyvsp[(2) - (2)].Address_node)); if (my_node) APPEND_G_FIFO(cfgt.unpeers, my_node); } -#line 2192 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 58: -#line 528 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 531 "../../ntpd/ntp_parser.y" { cfgt.broadcastclient = 1; } -#line 2198 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 59: -#line 530 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { CONCAT_G_FIFOS(cfgt.manycastserver, (yyvsp[0].Address_fifo)); } -#line 2204 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 533 "../../ntpd/ntp_parser.y" + { CONCAT_G_FIFOS(cfgt.manycastserver, (yyvsp[(2) - (2)].Address_fifo)); } break; case 60: -#line 532 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { CONCAT_G_FIFOS(cfgt.multicastclient, (yyvsp[0].Address_fifo)); } -#line 2210 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 535 "../../ntpd/ntp_parser.y" + { CONCAT_G_FIFOS(cfgt.multicastclient, (yyvsp[(2) - (2)].Address_fifo)); } break; case 61: -#line 534 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { cfgt.mdnstries = (yyvsp[0].Integer); } -#line 2216 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 537 "../../ntpd/ntp_parser.y" + { cfgt.mdnstries = (yyvsp[(2) - (2)].Integer); } break; case 62: -#line 545 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 548 "../../ntpd/ntp_parser.y" { attr_val *atrv; - atrv = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer)); + atrv = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer)); APPEND_G_FIFO(cfgt.vars, atrv); } -#line 2227 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 63: -#line 552 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { cfgt.auth.control_key = (yyvsp[0].Integer); } -#line 2233 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 555 "../../ntpd/ntp_parser.y" + { cfgt.auth.control_key = (yyvsp[(2) - (2)].Integer); } break; case 64: -#line 554 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 557 "../../ntpd/ntp_parser.y" { cfgt.auth.cryptosw++; - CONCAT_G_FIFOS(cfgt.auth.crypto_cmd_list, (yyvsp[0].Attr_val_fifo)); + CONCAT_G_FIFOS(cfgt.auth.crypto_cmd_list, (yyvsp[(2) - (2)].Attr_val_fifo)); } -#line 2242 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 65: -#line 559 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { cfgt.auth.keys = (yyvsp[0].String); } -#line 2248 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 562 "../../ntpd/ntp_parser.y" + { cfgt.auth.keys = (yyvsp[(2) - (2)].String); } break; case 66: -#line 561 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { cfgt.auth.keysdir = (yyvsp[0].String); } -#line 2254 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 564 "../../ntpd/ntp_parser.y" + { cfgt.auth.keysdir = (yyvsp[(2) - (2)].String); } break; case 67: -#line 563 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { cfgt.auth.request_key = (yyvsp[0].Integer); } -#line 2260 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 566 "../../ntpd/ntp_parser.y" + { cfgt.auth.request_key = (yyvsp[(2) - (2)].Integer); } break; case 68: -#line 565 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { cfgt.auth.revoke = (yyvsp[0].Integer); } -#line 2266 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 568 "../../ntpd/ntp_parser.y" + { cfgt.auth.revoke = (yyvsp[(2) - (2)].Integer); } break; case 69: -#line 567 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 570 "../../ntpd/ntp_parser.y" { - cfgt.auth.trusted_key_list = (yyvsp[0].Attr_val_fifo); + cfgt.auth.trusted_key_list = (yyvsp[(2) - (2)].Attr_val_fifo); // if (!cfgt.auth.trusted_key_list) // cfgt.auth.trusted_key_list = $2; // else // LINK_SLIST(cfgt.auth.trusted_key_list, $2, link); } -#line 2279 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 70: -#line 576 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { cfgt.auth.ntp_signd_socket = (yyvsp[0].String); } -#line 2285 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 579 "../../ntpd/ntp_parser.y" + { cfgt.auth.ntp_signd_socket = (yyvsp[(2) - (2)].String); } break; case 71: -#line 581 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 584 "../../ntpd/ntp_parser.y" { (yyval.Attr_val_fifo) = NULL; } -#line 2291 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 72: -#line 583 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 586 "../../ntpd/ntp_parser.y" { - (yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo); - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); + (yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val)); } -#line 2300 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 73: -#line 591 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_sval((yyvsp[-1].Integer), (yyvsp[0].String)); } -#line 2306 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 594 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_sval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].String)); } break; case 74: -#line 593 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 596 "../../ntpd/ntp_parser.y" { (yyval.Attr_val) = NULL; - cfgt.auth.revoke = (yyvsp[0].Integer); + cfgt.auth.revoke = (yyvsp[(2) - (2)].Integer); msyslog(LOG_WARNING, "'crypto revoke %d' is deprecated, " "please use 'revoke %d' instead.", cfgt.auth.revoke, cfgt.auth.revoke); } -#line 2319 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 80: -#line 618 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { CONCAT_G_FIFOS(cfgt.orphan_cmds, (yyvsp[0].Attr_val_fifo)); } -#line 2325 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 621 "../../ntpd/ntp_parser.y" + { CONCAT_G_FIFOS(cfgt.orphan_cmds, (yyvsp[(2) - (2)].Attr_val_fifo)); } break; case 81: -#line 623 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 626 "../../ntpd/ntp_parser.y" { - (yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo); - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); + (yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val)); } -#line 2334 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 82: -#line 628 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 631 "../../ntpd/ntp_parser.y" { (yyval.Attr_val_fifo) = NULL; - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (1)].Attr_val)); } -#line 2343 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 83: -#line 636 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_dval((yyvsp[-1].Integer), (double)(yyvsp[0].Integer)); } -#line 2349 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 639 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_dval((yyvsp[(1) - (2)].Integer), (double)(yyvsp[(2) - (2)].Integer)); } break; case 84: -#line 638 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_dval((yyvsp[-1].Integer), (yyvsp[0].Double)); } -#line 2355 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 641 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_dval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Double)); } break; case 85: -#line 640 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_dval((yyvsp[-1].Integer), (double)(yyvsp[0].Integer)); } -#line 2361 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 643 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_dval((yyvsp[(1) - (2)].Integer), (double)(yyvsp[(2) - (2)].Integer)); } break; case 96: -#line 666 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { CONCAT_G_FIFOS(cfgt.stats_list, (yyvsp[0].Int_fifo)); } -#line 2367 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 669 "../../ntpd/ntp_parser.y" + { CONCAT_G_FIFOS(cfgt.stats_list, (yyvsp[(2) - (2)].Int_fifo)); } break; case 97: -#line 668 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 671 "../../ntpd/ntp_parser.y" { if (lex_from_file()) { - cfgt.stats_dir = (yyvsp[0].String); + cfgt.stats_dir = (yyvsp[(2) - (2)].String); } else { - YYFREE((yyvsp[0].String)); + YYFREE((yyvsp[(2) - (2)].String)); yyerror("statsdir remote configuration ignored"); } } -#line 2380 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 98: -#line 677 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 680 "../../ntpd/ntp_parser.y" { filegen_node *fgn; - fgn = create_filegen_node((yyvsp[-1].Integer), (yyvsp[0].Attr_val_fifo)); + fgn = create_filegen_node((yyvsp[(2) - (3)].Integer), (yyvsp[(3) - (3)].Attr_val_fifo)); APPEND_G_FIFO(cfgt.filegen_opts, fgn); } -#line 2391 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 99: -#line 687 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 690 "../../ntpd/ntp_parser.y" { - (yyval.Int_fifo) = (yyvsp[-1].Int_fifo); - APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[0].Integer))); + (yyval.Int_fifo) = (yyvsp[(1) - (2)].Int_fifo); + APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[(2) - (2)].Integer))); } -#line 2400 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 100: -#line 692 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 695 "../../ntpd/ntp_parser.y" { (yyval.Int_fifo) = NULL; - APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[0].Integer))); + APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[(1) - (1)].Integer))); } -#line 2409 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 109: -#line 711 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 714 "../../ntpd/ntp_parser.y" { (yyval.Attr_val_fifo) = NULL; } -#line 2415 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 110: -#line 713 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 716 "../../ntpd/ntp_parser.y" { - (yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo); - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); + (yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val)); } -#line 2424 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 111: -#line 721 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 724 "../../ntpd/ntp_parser.y" { if (lex_from_file()) { - (yyval.Attr_val) = create_attr_sval((yyvsp[-1].Integer), (yyvsp[0].String)); + (yyval.Attr_val) = create_attr_sval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].String)); } else { (yyval.Attr_val) = NULL; - YYFREE((yyvsp[0].String)); + YYFREE((yyvsp[(2) - (2)].String)); yyerror("filegen file remote config ignored"); } } -#line 2438 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 112: -#line 731 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 734 "../../ntpd/ntp_parser.y" { if (lex_from_file()) { - (yyval.Attr_val) = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer)); + (yyval.Attr_val) = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer)); } else { (yyval.Attr_val) = NULL; yyerror("filegen type remote config ignored"); } } -#line 2451 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 113: -#line 740 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 743 "../../ntpd/ntp_parser.y" { const char *err; if (lex_from_file()) { - (yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[0].Integer)); + (yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[(1) - (1)].Integer)); } else { (yyval.Attr_val) = NULL; - if (T_Link == (yyvsp[0].Integer)) + if (T_Link == (yyvsp[(1) - (1)].Integer)) err = "filegen link remote config ignored"; else err = "filegen nolink remote config ignored"; yyerror(err); } } -#line 2470 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 114: -#line 755 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[0].Integer)); } -#line 2476 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 758 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[(1) - (1)].Integer)); } break; case 126: -#line 785 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 788 "../../ntpd/ntp_parser.y" { - CONCAT_G_FIFOS(cfgt.discard_opts, (yyvsp[0].Attr_val_fifo)); + CONCAT_G_FIFOS(cfgt.discard_opts, (yyvsp[(2) - (2)].Attr_val_fifo)); } -#line 2484 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 127: -#line 789 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 792 "../../ntpd/ntp_parser.y" { - CONCAT_G_FIFOS(cfgt.mru_opts, (yyvsp[0].Attr_val_fifo)); + CONCAT_G_FIFOS(cfgt.mru_opts, (yyvsp[(2) - (2)].Attr_val_fifo)); } -#line 2492 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 128: -#line 793 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 796 "../../ntpd/ntp_parser.y" { restrict_node *rn; - rn = create_restrict_node((yyvsp[-1].Address_node), NULL, (yyvsp[0].Int_fifo), + rn = create_restrict_node((yyvsp[(2) - (3)].Address_node), NULL, (yyvsp[(3) - (3)].Int_fifo), lex_current()->curpos.nline); APPEND_G_FIFO(cfgt.restrict_opts, rn); } -#line 2504 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 129: -#line 801 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 804 "../../ntpd/ntp_parser.y" { restrict_node *rn; - rn = create_restrict_node((yyvsp[-3].Address_node), (yyvsp[-1].Address_node), (yyvsp[0].Int_fifo), + rn = create_restrict_node((yyvsp[(2) - (5)].Address_node), (yyvsp[(4) - (5)].Address_node), (yyvsp[(5) - (5)].Int_fifo), lex_current()->curpos.nline); APPEND_G_FIFO(cfgt.restrict_opts, rn); } -#line 2516 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 130: -#line 809 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 812 "../../ntpd/ntp_parser.y" { restrict_node *rn; - rn = create_restrict_node(NULL, NULL, (yyvsp[0].Int_fifo), + rn = create_restrict_node(NULL, NULL, (yyvsp[(3) - (3)].Int_fifo), lex_current()->curpos.nline); APPEND_G_FIFO(cfgt.restrict_opts, rn); } -#line 2528 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 131: -#line 817 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 820 "../../ntpd/ntp_parser.y" { restrict_node *rn; @@ -2539,15 +2784,15 @@ yyparse (void) create_address_node( estrdup("0.0.0.0"), AF_INET), - (yyvsp[0].Int_fifo), + (yyvsp[(4) - (4)].Int_fifo), lex_current()->curpos.nline); APPEND_G_FIFO(cfgt.restrict_opts, rn); } -#line 2547 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 132: -#line 832 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 835 "../../ntpd/ntp_parser.y" { restrict_node *rn; @@ -2558,327 +2803,327 @@ yyparse (void) create_address_node( estrdup("::"), AF_INET6), - (yyvsp[0].Int_fifo), + (yyvsp[(4) - (4)].Int_fifo), lex_current()->curpos.nline); APPEND_G_FIFO(cfgt.restrict_opts, rn); } -#line 2566 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 133: -#line 847 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 850 "../../ntpd/ntp_parser.y" { restrict_node * rn; - APPEND_G_FIFO((yyvsp[0].Int_fifo), create_int_node((yyvsp[-1].Integer))); + APPEND_G_FIFO((yyvsp[(3) - (3)].Int_fifo), create_int_node((yyvsp[(2) - (3)].Integer))); rn = create_restrict_node( - NULL, NULL, (yyvsp[0].Int_fifo), lex_current()->curpos.nline); + NULL, NULL, (yyvsp[(3) - (3)].Int_fifo), lex_current()->curpos.nline); APPEND_G_FIFO(cfgt.restrict_opts, rn); } -#line 2579 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 134: -#line 859 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 862 "../../ntpd/ntp_parser.y" { (yyval.Int_fifo) = NULL; } -#line 2585 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 135: -#line 861 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 864 "../../ntpd/ntp_parser.y" { - (yyval.Int_fifo) = (yyvsp[-1].Int_fifo); - APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[0].Integer))); + (yyval.Int_fifo) = (yyvsp[(1) - (2)].Int_fifo); + APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[(2) - (2)].Integer))); } -#line 2594 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 151: -#line 887 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 890 "../../ntpd/ntp_parser.y" { - (yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo); - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); + (yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val)); } -#line 2603 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 152: -#line 892 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 895 "../../ntpd/ntp_parser.y" { (yyval.Attr_val_fifo) = NULL; - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (1)].Attr_val)); } -#line 2612 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 153: -#line 900 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer)); } -#line 2618 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 903 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer)); } break; case 157: -#line 911 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 914 "../../ntpd/ntp_parser.y" { - (yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo); - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); + (yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val)); } -#line 2627 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 158: -#line 916 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 919 "../../ntpd/ntp_parser.y" { (yyval.Attr_val_fifo) = NULL; - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (1)].Attr_val)); } -#line 2636 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 159: -#line 924 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer)); } -#line 2642 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 927 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer)); } break; case 168: -#line 944 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 947 "../../ntpd/ntp_parser.y" { addr_opts_node *aon; - aon = create_addr_opts_node((yyvsp[-1].Address_node), (yyvsp[0].Attr_val_fifo)); + aon = create_addr_opts_node((yyvsp[(2) - (3)].Address_node), (yyvsp[(3) - (3)].Attr_val_fifo)); APPEND_G_FIFO(cfgt.fudge, aon); } -#line 2653 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 169: -#line 954 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 957 "../../ntpd/ntp_parser.y" { - (yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo); - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); + (yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val)); } -#line 2662 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 170: -#line 959 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 962 "../../ntpd/ntp_parser.y" { (yyval.Attr_val_fifo) = NULL; - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (1)].Attr_val)); } -#line 2671 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 171: -#line 967 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_dval((yyvsp[-1].Integer), (yyvsp[0].Double)); } -#line 2677 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 970 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_dval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Double)); } break; case 172: -#line 969 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer)); } -#line 2683 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 972 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer)); } break; case 173: -#line 971 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 974 "../../ntpd/ntp_parser.y" { - if ((yyvsp[0].Integer) >= 0 && (yyvsp[0].Integer) <= 16) { - (yyval.Attr_val) = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer)); + if ((yyvsp[(2) - (2)].Integer) >= 0 && (yyvsp[(2) - (2)].Integer) <= 16) { + (yyval.Attr_val) = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer)); } else { (yyval.Attr_val) = NULL; yyerror("fudge factor: stratum value not in [0..16], ignored"); } } -#line 2696 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 174: -#line 980 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_sval((yyvsp[-1].Integer), (yyvsp[0].String)); } -#line 2702 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 983 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_sval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].String)); } break; case 175: -#line 982 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_sval((yyvsp[-1].Integer), (yyvsp[0].String)); } -#line 2708 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 985 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_sval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].String)); } break; case 182: -#line 1003 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { CONCAT_G_FIFOS(cfgt.rlimit, (yyvsp[0].Attr_val_fifo)); } -#line 2714 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1006 "../../ntpd/ntp_parser.y" + { CONCAT_G_FIFOS(cfgt.rlimit, (yyvsp[(2) - (2)].Attr_val_fifo)); } break; case 183: -#line 1008 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1011 "../../ntpd/ntp_parser.y" { - (yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo); - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); + (yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val)); } -#line 2723 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 184: -#line 1013 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1016 "../../ntpd/ntp_parser.y" { (yyval.Attr_val_fifo) = NULL; - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (1)].Attr_val)); } -#line 2732 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 185: -#line 1021 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer)); } -#line 2738 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1024 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer)); } break; case 189: -#line 1037 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { CONCAT_G_FIFOS(cfgt.enable_opts, (yyvsp[0].Attr_val_fifo)); } -#line 2744 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1040 "../../ntpd/ntp_parser.y" + { CONCAT_G_FIFOS(cfgt.enable_opts, (yyvsp[(2) - (2)].Attr_val_fifo)); } break; case 190: -#line 1039 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { CONCAT_G_FIFOS(cfgt.disable_opts, (yyvsp[0].Attr_val_fifo)); } -#line 2750 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1042 "../../ntpd/ntp_parser.y" + { CONCAT_G_FIFOS(cfgt.disable_opts, (yyvsp[(2) - (2)].Attr_val_fifo)); } break; case 191: -#line 1044 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1047 "../../ntpd/ntp_parser.y" { - (yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo); - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); + (yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val)); } -#line 2759 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 192: -#line 1049 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1052 "../../ntpd/ntp_parser.y" { (yyval.Attr_val_fifo) = NULL; - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (1)].Attr_val)); } -#line 2768 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 193: -#line 1057 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[0].Integer)); } -#line 2774 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1060 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[(1) - (1)].Integer)); } break; case 194: -#line 1059 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1062 "../../ntpd/ntp_parser.y" { if (lex_from_file()) { - (yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[0].Integer)); + (yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[(1) - (1)].Integer)); } else { char err_str[128]; (yyval.Attr_val) = NULL; snprintf(err_str, sizeof(err_str), "enable/disable %s remote configuration ignored", - keyword((yyvsp[0].Integer))); + keyword((yyvsp[(1) - (1)].Integer))); yyerror(err_str); } } -#line 2792 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ - break; - - case 203: -#line 1094 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { CONCAT_G_FIFOS(cfgt.tinker, (yyvsp[0].Attr_val_fifo)); } -#line 2798 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ - break; - - case 204: -#line 1099 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { - (yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo); - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); - } -#line 2807 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ - break; - - case 205: -#line 1104 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { - (yyval.Attr_val_fifo) = NULL; - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); - } -#line 2816 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 206: -#line 1112 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_dval((yyvsp[-1].Integer), (yyvsp[0].Double)); } -#line 2822 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1100 "../../ntpd/ntp_parser.y" + { CONCAT_G_FIFOS(cfgt.tinker, (yyvsp[(2) - (2)].Attr_val_fifo)); } break; - case 219: -#line 1137 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ + case 207: +/* Line 1787 of yacc.c */ +#line 1105 "../../ntpd/ntp_parser.y" { - attr_val *av; - - av = create_attr_dval((yyvsp[-1].Integer), (yyvsp[0].Double)); - APPEND_G_FIFO(cfgt.vars, av); + (yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val)); } -#line 2833 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; - case 220: -#line 1144 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ + case 208: +/* Line 1787 of yacc.c */ +#line 1110 "../../ntpd/ntp_parser.y" { - attr_val *av; - - av = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer)); - APPEND_G_FIFO(cfgt.vars, av); + (yyval.Attr_val_fifo) = NULL; + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (1)].Attr_val)); } -#line 2844 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; - case 221: -#line 1151 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { - attr_val *av; - - av = create_attr_sval((yyvsp[-1].Integer), (yyvsp[0].String)); - APPEND_G_FIFO(cfgt.vars, av); - } -#line 2855 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ + case 209: +/* Line 1787 of yacc.c */ +#line 1118 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_dval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Double)); } break; case 222: -#line 1158 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1143 "../../ntpd/ntp_parser.y" + { + attr_val *av; + + av = create_attr_dval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Double)); + APPEND_G_FIFO(cfgt.vars, av); + } + break; + + case 223: +/* Line 1787 of yacc.c */ +#line 1150 "../../ntpd/ntp_parser.y" + { + attr_val *av; + + av = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer)); + APPEND_G_FIFO(cfgt.vars, av); + } + break; + + case 224: +/* Line 1787 of yacc.c */ +#line 1157 "../../ntpd/ntp_parser.y" + { + attr_val *av; + + av = create_attr_sval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].String)); + APPEND_G_FIFO(cfgt.vars, av); + } + break; + + case 225: +/* Line 1787 of yacc.c */ +#line 1164 "../../ntpd/ntp_parser.y" { char error_text[64]; attr_val *av; if (lex_from_file()) { - av = create_attr_sval((yyvsp[-1].Integer), (yyvsp[0].String)); + av = create_attr_sval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].String)); APPEND_G_FIFO(cfgt.vars, av); } else { - YYFREE((yyvsp[0].String)); + YYFREE((yyvsp[(2) - (2)].String)); snprintf(error_text, sizeof(error_text), "%s remote config ignored", - keyword((yyvsp[-1].Integer))); + keyword((yyvsp[(1) - (2)].Integer))); yyerror(error_text); } } -#line 2875 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; - case 223: -#line 1174 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ + case 226: +/* Line 1787 of yacc.c */ +#line 1180 "../../ntpd/ntp_parser.y" { if (!lex_from_file()) { - YYFREE((yyvsp[-1].String)); /* avoid leak */ + YYFREE((yyvsp[(2) - (3)].String)); /* avoid leak */ yyerror("remote includefile ignored"); break; } @@ -2886,108 +3131,108 @@ yyparse (void) fprintf(stderr, "getconfig: Maximum include file level exceeded.\n"); msyslog(LOG_ERR, "getconfig: Maximum include file level exceeded."); } else { - const char * path = FindConfig((yyvsp[-1].String)); /* might return $2! */ + const char * path = FindConfig((yyvsp[(2) - (3)].String)); /* might return $2! */ if (!lex_push_file(path, "r")) { fprintf(stderr, "getconfig: Couldn't open <%s>\n", path); msyslog(LOG_ERR, "getconfig: Couldn't open <%s>", path); } } - YYFREE((yyvsp[-1].String)); /* avoid leak */ + YYFREE((yyvsp[(2) - (3)].String)); /* avoid leak */ } -#line 2898 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ - break; - - case 224: -#line 1193 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { lex_flush_stack(); } -#line 2904 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ - break; - - case 225: -#line 1195 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { /* see drift_parm below for actions */ } -#line 2910 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ - break; - - case 226: -#line 1197 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { CONCAT_G_FIFOS(cfgt.logconfig, (yyvsp[0].Attr_val_fifo)); } -#line 2916 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 227: -#line 1199 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { CONCAT_G_FIFOS(cfgt.phone, (yyvsp[0].String_fifo)); } -#line 2922 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1199 "../../ntpd/ntp_parser.y" + { lex_flush_stack(); } break; case 228: -#line 1201 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { APPEND_G_FIFO(cfgt.setvar, (yyvsp[0].Set_var)); } -#line 2928 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1201 "../../ntpd/ntp_parser.y" + { /* see drift_parm below for actions */ } break; case 229: -#line 1203 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { - addr_opts_node *aon; - - aon = create_addr_opts_node((yyvsp[-1].Address_node), (yyvsp[0].Attr_val_fifo)); - APPEND_G_FIFO(cfgt.trap, aon); - } -#line 2939 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1203 "../../ntpd/ntp_parser.y" + { CONCAT_G_FIFOS(cfgt.logconfig, (yyvsp[(2) - (2)].Attr_val_fifo)); } break; case 230: -#line 1210 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { CONCAT_G_FIFOS(cfgt.ttl, (yyvsp[0].Attr_val_fifo)); } -#line 2945 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1205 "../../ntpd/ntp_parser.y" + { CONCAT_G_FIFOS(cfgt.phone, (yyvsp[(2) - (2)].String_fifo)); } break; - case 235: -#line 1225 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ + case 231: +/* Line 1787 of yacc.c */ +#line 1207 "../../ntpd/ntp_parser.y" + { APPEND_G_FIFO(cfgt.setvar, (yyvsp[(2) - (2)].Set_var)); } + break; + + case 232: +/* Line 1787 of yacc.c */ +#line 1209 "../../ntpd/ntp_parser.y" + { + addr_opts_node *aon; + + aon = create_addr_opts_node((yyvsp[(2) - (3)].Address_node), (yyvsp[(3) - (3)].Attr_val_fifo)); + APPEND_G_FIFO(cfgt.trap, aon); + } + break; + + case 233: +/* Line 1787 of yacc.c */ +#line 1216 "../../ntpd/ntp_parser.y" + { CONCAT_G_FIFOS(cfgt.ttl, (yyvsp[(2) - (2)].Attr_val_fifo)); } + break; + + case 238: +/* Line 1787 of yacc.c */ +#line 1231 "../../ntpd/ntp_parser.y" { #ifndef LEAP_SMEAR yyerror("Built without LEAP_SMEAR support."); #endif } -#line 2955 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; - case 241: -#line 1245 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ + case 244: +/* Line 1787 of yacc.c */ +#line 1251 "../../ntpd/ntp_parser.y" { if (lex_from_file()) { attr_val *av; - av = create_attr_sval(T_Driftfile, (yyvsp[0].String)); + av = create_attr_sval(T_Driftfile, (yyvsp[(1) - (1)].String)); APPEND_G_FIFO(cfgt.vars, av); } else { - YYFREE((yyvsp[0].String)); + YYFREE((yyvsp[(1) - (1)].String)); yyerror("driftfile remote configuration ignored"); } } -#line 2970 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; - case 242: -#line 1256 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ + case 245: +/* Line 1787 of yacc.c */ +#line 1262 "../../ntpd/ntp_parser.y" { if (lex_from_file()) { attr_val *av; - av = create_attr_sval(T_Driftfile, (yyvsp[-1].String)); + av = create_attr_sval(T_Driftfile, (yyvsp[(1) - (2)].String)); APPEND_G_FIFO(cfgt.vars, av); - av = create_attr_dval(T_WanderThreshold, (yyvsp[0].Double)); + av = create_attr_dval(T_WanderThreshold, (yyvsp[(2) - (2)].Double)); APPEND_G_FIFO(cfgt.vars, av); } else { - YYFREE((yyvsp[-1].String)); + YYFREE((yyvsp[(1) - (2)].String)); yyerror("driftfile remote configuration ignored"); } } -#line 2987 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; - case 243: -#line 1269 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ + case 246: +/* Line 1787 of yacc.c */ +#line 1275 "../../ntpd/ntp_parser.y" { if (lex_from_file()) { attr_val *av; @@ -2997,386 +3242,386 @@ yyparse (void) yyerror("driftfile remote configuration ignored"); } } -#line 3001 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ - break; - - case 244: -#line 1282 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Set_var) = create_setvar_node((yyvsp[-3].String), (yyvsp[-1].String), (yyvsp[0].Integer)); } -#line 3007 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ - break; - - case 246: -#line 1288 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Integer) = 0; } -#line 3013 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 247: -#line 1293 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val_fifo) = NULL; } -#line 3019 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ - break; - - case 248: -#line 1295 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { - (yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo); - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); - } -#line 3028 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1288 "../../ntpd/ntp_parser.y" + { (yyval.Set_var) = create_setvar_node((yyvsp[(1) - (4)].String), (yyvsp[(3) - (4)].String), (yyvsp[(4) - (4)].Integer)); } break; case 249: -#line 1303 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer)); } -#line 3034 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1294 "../../ntpd/ntp_parser.y" + { (yyval.Integer) = 0; } break; case 250: -#line 1305 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { - (yyval.Attr_val) = create_attr_sval((yyvsp[-1].Integer), estrdup((yyvsp[0].Address_node)->address)); - destroy_address_node((yyvsp[0].Address_node)); - } -#line 3043 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1299 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val_fifo) = NULL; } break; case 251: -#line 1313 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1301 "../../ntpd/ntp_parser.y" { - (yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo); - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); + (yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val)); } -#line 3052 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 252: -#line 1318 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { - (yyval.Attr_val_fifo) = NULL; - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); - } -#line 3061 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1309 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer)); } break; case 253: -#line 1326 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1311 "../../ntpd/ntp_parser.y" + { + (yyval.Attr_val) = create_attr_sval((yyvsp[(1) - (2)].Integer), estrdup((yyvsp[(2) - (2)].Address_node)->address)); + destroy_address_node((yyvsp[(2) - (2)].Address_node)); + } + break; + + case 254: +/* Line 1787 of yacc.c */ +#line 1319 "../../ntpd/ntp_parser.y" + { + (yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val)); + } + break; + + case 255: +/* Line 1787 of yacc.c */ +#line 1324 "../../ntpd/ntp_parser.y" + { + (yyval.Attr_val_fifo) = NULL; + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (1)].Attr_val)); + } + break; + + case 256: +/* Line 1787 of yacc.c */ +#line 1332 "../../ntpd/ntp_parser.y" { char prefix; char * type; - switch ((yyvsp[0].String)[0]) { + switch ((yyvsp[(1) - (1)].String)[0]) { case '+': case '-': case '=': - prefix = (yyvsp[0].String)[0]; - type = (yyvsp[0].String) + 1; + prefix = (yyvsp[(1) - (1)].String)[0]; + type = (yyvsp[(1) - (1)].String) + 1; break; default: prefix = '='; - type = (yyvsp[0].String); + type = (yyvsp[(1) - (1)].String); } (yyval.Attr_val) = create_attr_sval(prefix, estrdup(type)); - YYFREE((yyvsp[0].String)); + YYFREE((yyvsp[(1) - (1)].String)); } -#line 3087 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; - case 254: -#line 1351 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ + case 257: +/* Line 1787 of yacc.c */ +#line 1357 "../../ntpd/ntp_parser.y" { nic_rule_node *nrn; - nrn = create_nic_rule_node((yyvsp[0].Integer), NULL, (yyvsp[-1].Integer)); + nrn = create_nic_rule_node((yyvsp[(3) - (3)].Integer), NULL, (yyvsp[(2) - (3)].Integer)); APPEND_G_FIFO(cfgt.nic_rules, nrn); } -#line 3098 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; - case 255: -#line 1358 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ + case 258: +/* Line 1787 of yacc.c */ +#line 1364 "../../ntpd/ntp_parser.y" { nic_rule_node *nrn; - nrn = create_nic_rule_node(0, (yyvsp[0].String), (yyvsp[-1].Integer)); + nrn = create_nic_rule_node(0, (yyvsp[(3) - (3)].String), (yyvsp[(2) - (3)].Integer)); APPEND_G_FIFO(cfgt.nic_rules, nrn); } -#line 3109 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; - case 265: -#line 1386 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { CONCAT_G_FIFOS(cfgt.reset_counters, (yyvsp[0].Int_fifo)); } -#line 3115 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ + case 268: +/* Line 1787 of yacc.c */ +#line 1392 "../../ntpd/ntp_parser.y" + { CONCAT_G_FIFOS(cfgt.reset_counters, (yyvsp[(2) - (2)].Int_fifo)); } break; - case 266: -#line 1391 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ + case 269: +/* Line 1787 of yacc.c */ +#line 1397 "../../ntpd/ntp_parser.y" { - (yyval.Int_fifo) = (yyvsp[-1].Int_fifo); - APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[0].Integer))); + (yyval.Int_fifo) = (yyvsp[(1) - (2)].Int_fifo); + APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[(2) - (2)].Integer))); } -#line 3124 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; - case 267: -#line 1396 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ + case 270: +/* Line 1787 of yacc.c */ +#line 1402 "../../ntpd/ntp_parser.y" { (yyval.Int_fifo) = NULL; - APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[0].Integer))); + APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[(1) - (1)].Integer))); } -#line 3133 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ - break; - - case 275: -#line 1420 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { - (yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo); - APPEND_G_FIFO((yyval.Attr_val_fifo), create_int_node((yyvsp[0].Integer))); - } -#line 3142 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ - break; - - case 276: -#line 1425 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { - (yyval.Attr_val_fifo) = NULL; - APPEND_G_FIFO((yyval.Attr_val_fifo), create_int_node((yyvsp[0].Integer))); - } -#line 3151 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ - break; - - case 277: -#line 1433 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { - (yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo); - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); - } -#line 3160 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 278: -#line 1438 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1426 "../../ntpd/ntp_parser.y" { - (yyval.Attr_val_fifo) = NULL; - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val)); + (yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo); + APPEND_G_FIFO((yyval.Attr_val_fifo), create_int_node((yyvsp[(2) - (2)].Integer))); } -#line 3169 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 279: -#line 1446 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_ival('i', (yyvsp[0].Integer)); } -#line 3175 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1431 "../../ntpd/ntp_parser.y" + { + (yyval.Attr_val_fifo) = NULL; + APPEND_G_FIFO((yyval.Attr_val_fifo), create_int_node((yyvsp[(1) - (1)].Integer))); + } + break; + + case 280: +/* Line 1787 of yacc.c */ +#line 1439 "../../ntpd/ntp_parser.y" + { + (yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val)); + } break; case 281: -#line 1452 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_rangeval('-', (yyvsp[-3].Integer), (yyvsp[-1].Integer)); } -#line 3181 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1444 "../../ntpd/ntp_parser.y" + { + (yyval.Attr_val_fifo) = NULL; + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (1)].Attr_val)); + } break; case 282: -#line 1457 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { - (yyval.String_fifo) = (yyvsp[-1].String_fifo); - APPEND_G_FIFO((yyval.String_fifo), create_string_node((yyvsp[0].String))); - } -#line 3190 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ - break; - - case 283: -#line 1462 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { - (yyval.String_fifo) = NULL; - APPEND_G_FIFO((yyval.String_fifo), create_string_node((yyvsp[0].String))); - } -#line 3199 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1452 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_ival('i', (yyvsp[(1) - (1)].Integer)); } break; case 284: -#line 1470 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { - (yyval.Address_fifo) = (yyvsp[-1].Address_fifo); - APPEND_G_FIFO((yyval.Address_fifo), (yyvsp[0].Address_node)); - } -#line 3208 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1458 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_rangeval('-', (yyvsp[(2) - (5)].Integer), (yyvsp[(4) - (5)].Integer)); } break; case 285: -#line 1475 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1463 "../../ntpd/ntp_parser.y" { - (yyval.Address_fifo) = NULL; - APPEND_G_FIFO((yyval.Address_fifo), (yyvsp[0].Address_node)); + (yyval.String_fifo) = (yyvsp[(1) - (2)].String_fifo); + APPEND_G_FIFO((yyval.String_fifo), create_string_node((yyvsp[(2) - (2)].String))); } -#line 3217 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 286: -#line 1483 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1468 "../../ntpd/ntp_parser.y" { - if ((yyvsp[0].Integer) != 0 && (yyvsp[0].Integer) != 1) { - yyerror("Integer value is not boolean (0 or 1). Assuming 1"); - (yyval.Integer) = 1; - } else { - (yyval.Integer) = (yyvsp[0].Integer); - } + (yyval.String_fifo) = NULL; + APPEND_G_FIFO((yyval.String_fifo), create_string_node((yyvsp[(1) - (1)].String))); } -#line 3230 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 287: -#line 1491 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Integer) = 1; } -#line 3236 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1476 "../../ntpd/ntp_parser.y" + { + (yyval.Address_fifo) = (yyvsp[(1) - (2)].Address_fifo); + APPEND_G_FIFO((yyval.Address_fifo), (yyvsp[(2) - (2)].Address_node)); + } break; case 288: -#line 1492 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Integer) = 0; } -#line 3242 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1481 "../../ntpd/ntp_parser.y" + { + (yyval.Address_fifo) = NULL; + APPEND_G_FIFO((yyval.Address_fifo), (yyvsp[(1) - (1)].Address_node)); + } break; case 289: -#line 1496 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Double) = (double)(yyvsp[0].Integer); } -#line 3248 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1489 "../../ntpd/ntp_parser.y" + { + if ((yyvsp[(1) - (1)].Integer) != 0 && (yyvsp[(1) - (1)].Integer) != 1) { + yyerror("Integer value is not boolean (0 or 1). Assuming 1"); + (yyval.Integer) = 1; + } else { + (yyval.Integer) = (yyvsp[(1) - (1)].Integer); + } + } + break; + + case 290: +/* Line 1787 of yacc.c */ +#line 1497 "../../ntpd/ntp_parser.y" + { (yyval.Integer) = 1; } break; case 291: -#line 1507 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1498 "../../ntpd/ntp_parser.y" + { (yyval.Integer) = 0; } + break; + + case 292: +/* Line 1787 of yacc.c */ +#line 1502 "../../ntpd/ntp_parser.y" + { (yyval.Double) = (double)(yyvsp[(1) - (1)].Integer); } + break; + + case 294: +/* Line 1787 of yacc.c */ +#line 1513 "../../ntpd/ntp_parser.y" { sim_node *sn; - sn = create_sim_node((yyvsp[-2].Attr_val_fifo), (yyvsp[-1].Sim_server_fifo)); + sn = create_sim_node((yyvsp[(3) - (5)].Attr_val_fifo), (yyvsp[(4) - (5)].Sim_server_fifo)); APPEND_G_FIFO(cfgt.sim_details, sn); /* Revert from ; to \n for end-of-command */ old_config_style = 1; } -#line 3262 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ - break; - - case 292: -#line 1524 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { old_config_style = 0; } -#line 3268 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ - break; - - case 293: -#line 1529 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { - (yyval.Attr_val_fifo) = (yyvsp[-2].Attr_val_fifo); - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[-1].Attr_val)); - } -#line 3277 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ - break; - - case 294: -#line 1534 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { - (yyval.Attr_val_fifo) = NULL; - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[-1].Attr_val)); - } -#line 3286 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 295: -#line 1542 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_dval((yyvsp[-2].Integer), (yyvsp[0].Double)); } -#line 3292 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1530 "../../ntpd/ntp_parser.y" + { old_config_style = 0; } + break; + + case 296: +/* Line 1787 of yacc.c */ +#line 1535 "../../ntpd/ntp_parser.y" + { + (yyval.Attr_val_fifo) = (yyvsp[(1) - (3)].Attr_val_fifo); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (3)].Attr_val)); + } + break; + + case 297: +/* Line 1787 of yacc.c */ +#line 1540 "../../ntpd/ntp_parser.y" + { + (yyval.Attr_val_fifo) = NULL; + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (2)].Attr_val)); + } break; case 298: -#line 1552 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { - (yyval.Sim_server_fifo) = (yyvsp[-1].Sim_server_fifo); - APPEND_G_FIFO((yyval.Sim_server_fifo), (yyvsp[0].Sim_server)); - } -#line 3301 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ - break; - - case 299: -#line 1557 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { - (yyval.Sim_server_fifo) = NULL; - APPEND_G_FIFO((yyval.Sim_server_fifo), (yyvsp[0].Sim_server)); - } -#line 3310 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ - break; - - case 300: -#line 1565 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Sim_server) = ONLY_SIM(create_sim_server((yyvsp[-4].Address_node), (yyvsp[-2].Double), (yyvsp[-1].Sim_script_fifo))); } -#line 3316 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1548 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_dval((yyvsp[(1) - (3)].Integer), (yyvsp[(3) - (3)].Double)); } break; case 301: -#line 1570 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Double) = (yyvsp[-1].Double); } -#line 3322 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1558 "../../ntpd/ntp_parser.y" + { + (yyval.Sim_server_fifo) = (yyvsp[(1) - (2)].Sim_server_fifo); + APPEND_G_FIFO((yyval.Sim_server_fifo), (yyvsp[(2) - (2)].Sim_server)); + } break; case 302: -#line 1575 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Address_node) = (yyvsp[0].Address_node); } -#line 3328 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1563 "../../ntpd/ntp_parser.y" + { + (yyval.Sim_server_fifo) = NULL; + APPEND_G_FIFO((yyval.Sim_server_fifo), (yyvsp[(1) - (1)].Sim_server)); + } break; case 303: -#line 1580 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { - (yyval.Sim_script_fifo) = (yyvsp[-1].Sim_script_fifo); - APPEND_G_FIFO((yyval.Sim_script_fifo), (yyvsp[0].Sim_script)); - } -#line 3337 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1571 "../../ntpd/ntp_parser.y" + { (yyval.Sim_server) = ONLY_SIM(create_sim_server((yyvsp[(1) - (5)].Address_node), (yyvsp[(3) - (5)].Double), (yyvsp[(4) - (5)].Sim_script_fifo))); } break; case 304: -#line 1585 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { - (yyval.Sim_script_fifo) = NULL; - APPEND_G_FIFO((yyval.Sim_script_fifo), (yyvsp[0].Sim_script)); - } -#line 3346 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1576 "../../ntpd/ntp_parser.y" + { (yyval.Double) = (yyvsp[(3) - (4)].Double); } break; case 305: -#line 1593 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Sim_script) = ONLY_SIM(create_sim_script_info((yyvsp[-3].Double), (yyvsp[-1].Attr_val_fifo))); } -#line 3352 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1581 "../../ntpd/ntp_parser.y" + { (yyval.Address_node) = (yyvsp[(3) - (3)].Address_node); } break; case 306: -#line 1598 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1586 "../../ntpd/ntp_parser.y" { - (yyval.Attr_val_fifo) = (yyvsp[-2].Attr_val_fifo); - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[-1].Attr_val)); + (yyval.Sim_script_fifo) = (yyvsp[(1) - (2)].Sim_script_fifo); + APPEND_G_FIFO((yyval.Sim_script_fifo), (yyvsp[(2) - (2)].Sim_script)); } -#line 3361 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 307: -#line 1603 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1591 "../../ntpd/ntp_parser.y" { - (yyval.Attr_val_fifo) = NULL; - APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[-1].Attr_val)); + (yyval.Sim_script_fifo) = NULL; + APPEND_G_FIFO((yyval.Sim_script_fifo), (yyvsp[(1) - (1)].Sim_script)); } -#line 3370 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ break; case 308: -#line 1611 "../../ntpd/ntp_parser.y" /* yacc.c:1646 */ - { (yyval.Attr_val) = create_attr_dval((yyvsp[-2].Integer), (yyvsp[0].Double)); } -#line 3376 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 1599 "../../ntpd/ntp_parser.y" + { (yyval.Sim_script) = ONLY_SIM(create_sim_script_info((yyvsp[(3) - (6)].Double), (yyvsp[(5) - (6)].Attr_val_fifo))); } + break; + + case 309: +/* Line 1787 of yacc.c */ +#line 1604 "../../ntpd/ntp_parser.y" + { + (yyval.Attr_val_fifo) = (yyvsp[(1) - (3)].Attr_val_fifo); + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (3)].Attr_val)); + } + break; + + case 310: +/* Line 1787 of yacc.c */ +#line 1609 "../../ntpd/ntp_parser.y" + { + (yyval.Attr_val_fifo) = NULL; + APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (2)].Attr_val)); + } + break; + + case 311: +/* Line 1787 of yacc.c */ +#line 1617 "../../ntpd/ntp_parser.y" + { (yyval.Attr_val) = create_attr_dval((yyvsp[(1) - (3)].Integer), (yyvsp[(3) - (3)].Double)); } break; -#line 3380 "../../ntpd/ntp_parser.c" /* yacc.c:1646 */ +/* Line 1787 of yacc.c */ +#line 3625 "ntp_parser.c" default: break; } /* User semantic actions sometimes alter yychar, and that requires @@ -3398,7 +3643,7 @@ yyparse (void) *++yyvsp = yyval; - /* Now 'shift' the result of the reduction. Determine what state + /* Now `shift' the result of the reduction. Determine what state that goes to, based on the state we popped back to and the rule number reduced by. */ @@ -3413,9 +3658,9 @@ yyparse (void) goto yynewstate; -/*--------------------------------------. -| yyerrlab -- here on detecting error. | -`--------------------------------------*/ +/*------------------------------------. +| yyerrlab -- here on detecting error | +`------------------------------------*/ yyerrlab: /* Make sure we have latest lookahead translation. See comments at user semantic actions for why this is necessary. */ @@ -3466,20 +3711,20 @@ yyparse (void) if (yyerrstatus == 3) { /* If just tried and failed to reuse lookahead token after an - error, discard it. */ + error, discard it. */ if (yychar <= YYEOF) - { - /* Return failure if at end of input. */ - if (yychar == YYEOF) - YYABORT; - } + { + /* Return failure if at end of input. */ + if (yychar == YYEOF) + YYABORT; + } else - { - yydestruct ("Error: discarding", - yytoken, &yylval); - yychar = YYEMPTY; - } + { + yydestruct ("Error: discarding", + yytoken, &yylval); + yychar = YYEMPTY; + } } /* Else will try to reuse lookahead token after shifting the error @@ -3498,7 +3743,7 @@ yyparse (void) if (/*CONSTCOND*/ 0) goto yyerrorlab; - /* Do not reclaim the symbols of the rule whose action triggered + /* Do not reclaim the symbols of the rule which action triggered this YYERROR. */ YYPOPSTACK (yylen); yylen = 0; @@ -3511,29 +3756,29 @@ yyparse (void) | yyerrlab1 -- common code for both syntax error and YYERROR. | `-------------------------------------------------------------*/ yyerrlab1: - yyerrstatus = 3; /* Each real token shifted decrements this. */ + yyerrstatus = 3; /* Each real token shifted decrements this. */ for (;;) { yyn = yypact[yystate]; if (!yypact_value_is_default (yyn)) - { - yyn += YYTERROR; - if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYTERROR) - { - yyn = yytable[yyn]; - if (0 < yyn) - break; - } - } + { + yyn += YYTERROR; + if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYTERROR) + { + yyn = yytable[yyn]; + if (0 < yyn) + break; + } + } /* Pop the current state because it cannot handle the error token. */ if (yyssp == yyss) - YYABORT; + YYABORT; yydestruct ("Error: popping", - yystos[yystate], yyvsp); + yystos[yystate], yyvsp); YYPOPSTACK (1); yystate = *yyssp; YY_STACK_PRINT (yyss, yyssp); @@ -3584,14 +3829,14 @@ yyparse (void) yydestruct ("Cleanup: discarding lookahead", yytoken, &yylval); } - /* Do not reclaim the symbols of the rule whose action triggered + /* Do not reclaim the symbols of the rule which action triggered this YYABORT or YYACCEPT. */ YYPOPSTACK (yylen); YY_STACK_PRINT (yyss, yyssp); while (yyssp != yyss) { yydestruct ("Cleanup: popping", - yystos[*yyssp], yyvsp); + yystos[*yyssp], yyvsp); YYPOPSTACK (1); } #ifndef yyoverflow @@ -3602,9 +3847,13 @@ yyparse (void) if (yymsg != yymsgbuf) YYSTACK_FREE (yymsg); #endif - return yyresult; + /* Make sure YYID is used. */ + return YYID (yyresult); } -#line 1622 "../../ntpd/ntp_parser.y" /* yacc.c:1906 */ + + +/* Line 2050 of yacc.c */ +#line 1628 "../../ntpd/ntp_parser.y" void diff --git a/ntpd/ntp_parser.h b/ntpd/ntp_parser.h index 1ec7f8cc69a..ae729b5f83b 100644 --- a/ntpd/ntp_parser.h +++ b/ntpd/ntp_parser.h @@ -1,19 +1,19 @@ -/* A Bison parser, made by GNU Bison 3.0.2. */ +/* A Bison parser, made by GNU Bison 2.7.12-4996. */ /* Bison interface for Yacc-like parsers in C - - Copyright (C) 1984, 1989-1990, 2000-2013 Free Software Foundation, Inc. - + + Copyright (C) 1984, 1989-1990, 2000-2013 Free Software Foundation, Inc. + This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see . */ @@ -26,13 +26,13 @@ special exception, which will cause the skeleton and the resulting Bison output files to be licensed under the GNU General Public License without this special exception. - + This special exception was added by the Free Software Foundation in version 2.2 of Bison. */ -#ifndef YY_YY__NTPD_NTP_PARSER_H_INCLUDED -# define YY_YY__NTPD_NTP_PARSER_H_INCLUDED -/* Debug traces. */ +#ifndef YY_YY_NTP_PARSER_H_INCLUDED +# define YY_YY_NTP_PARSER_H_INCLUDED +/* Enabling traces. */ #ifndef YYDEBUG # define YYDEBUG 1 #endif @@ -40,203 +40,207 @@ extern int yydebug; #endif -/* Token type. */ +/* Tokens. */ #ifndef YYTOKENTYPE # define YYTOKENTYPE - enum yytokentype - { - T_Abbrev = 258, - T_Age = 259, - T_All = 260, - T_Allan = 261, - T_Allpeers = 262, - T_Auth = 263, - T_Autokey = 264, - T_Automax = 265, - T_Average = 266, - T_Bclient = 267, - T_Beacon = 268, - T_Broadcast = 269, - T_Broadcastclient = 270, - T_Broadcastdelay = 271, - T_Burst = 272, - T_Calibrate = 273, - T_Ceiling = 274, - T_Clockstats = 275, - T_Cohort = 276, - T_ControlKey = 277, - T_Crypto = 278, - T_Cryptostats = 279, - T_Ctl = 280, - T_Day = 281, - T_Default = 282, - T_Digest = 283, - T_Disable = 284, - T_Discard = 285, - T_Dispersion = 286, - T_Double = 287, - T_Driftfile = 288, - T_Drop = 289, - T_Dscp = 290, - T_Ellipsis = 291, - T_Enable = 292, - T_End = 293, - T_False = 294, - T_File = 295, - T_Filegen = 296, - T_Filenum = 297, - T_Flag1 = 298, - T_Flag2 = 299, - T_Flag3 = 300, - T_Flag4 = 301, - T_Flake = 302, - T_Floor = 303, - T_Freq = 304, - T_Fudge = 305, - T_Host = 306, - T_Huffpuff = 307, - T_Iburst = 308, - T_Ident = 309, - T_Ignore = 310, - T_Incalloc = 311, - T_Incmem = 312, - T_Initalloc = 313, - T_Initmem = 314, - T_Includefile = 315, - T_Integer = 316, - T_Interface = 317, - T_Intrange = 318, - T_Io = 319, - T_Ipv4 = 320, - T_Ipv4_flag = 321, - T_Ipv6 = 322, - T_Ipv6_flag = 323, - T_Kernel = 324, - T_Key = 325, - T_Keys = 326, - T_Keysdir = 327, - T_Kod = 328, - T_Mssntp = 329, - T_Leapfile = 330, - T_Leapsmearinterval = 331, - T_Limited = 332, - T_Link = 333, - T_Listen = 334, - T_Logconfig = 335, - T_Logfile = 336, - T_Loopstats = 337, - T_Lowpriotrap = 338, - T_Manycastclient = 339, - T_Manycastserver = 340, - T_Mask = 341, - T_Maxage = 342, - T_Maxclock = 343, - T_Maxdepth = 344, - T_Maxdist = 345, - T_Maxmem = 346, - T_Maxpoll = 347, - T_Mdnstries = 348, - T_Mem = 349, - T_Memlock = 350, - T_Minclock = 351, - T_Mindepth = 352, - T_Mindist = 353, - T_Minimum = 354, - T_Minpoll = 355, - T_Minsane = 356, - T_Mode = 357, - T_Mode7 = 358, - T_Monitor = 359, - T_Month = 360, - T_Mru = 361, - T_Multicastclient = 362, - T_Nic = 363, - T_Nolink = 364, - T_Nomodify = 365, - T_Nomrulist = 366, - T_None = 367, - T_Nonvolatile = 368, - T_Nopeer = 369, - T_Noquery = 370, - T_Noselect = 371, - T_Noserve = 372, - T_Notrap = 373, - T_Notrust = 374, - T_Ntp = 375, - T_Ntpport = 376, - T_NtpSignDsocket = 377, - T_Orphan = 378, - T_Orphanwait = 379, - T_Panic = 380, - T_Peer = 381, - T_Peerstats = 382, - T_Phone = 383, - T_Pid = 384, - T_Pidfile = 385, - T_Pool = 386, - T_Port = 387, - T_Preempt = 388, - T_Prefer = 389, - T_Protostats = 390, - T_Pw = 391, - T_Randfile = 392, - T_Rawstats = 393, - T_Refid = 394, - T_Requestkey = 395, - T_Reset = 396, - T_Restrict = 397, - T_Revoke = 398, - T_Rlimit = 399, - T_Saveconfigdir = 400, - T_Server = 401, - T_Setvar = 402, - T_Source = 403, - T_Stacksize = 404, - T_Statistics = 405, - T_Stats = 406, - T_Statsdir = 407, - T_Step = 408, - T_Stepback = 409, - T_Stepfwd = 410, - T_Stepout = 411, - T_Stratum = 412, - T_String = 413, - T_Sys = 414, - T_Sysstats = 415, - T_Tick = 416, - T_Time1 = 417, - T_Time2 = 418, - T_Timer = 419, - T_Timingstats = 420, - T_Tinker = 421, - T_Tos = 422, - T_Trap = 423, - T_True = 424, - T_Trustedkey = 425, - T_Ttl = 426, - T_Type = 427, - T_U_int = 428, - T_Unconfig = 429, - T_Unpeer = 430, - T_Version = 431, - T_WanderThreshold = 432, - T_Week = 433, - T_Wildcard = 434, - T_Xleave = 435, - T_Year = 436, - T_Flag = 437, - T_EOC = 438, - T_Simulate = 439, - T_Beep_Delay = 440, - T_Sim_Duration = 441, - T_Server_Offset = 442, - T_Duration = 443, - T_Freq_Offset = 444, - T_Wander = 445, - T_Jitter = 446, - T_Prop_Delay = 447, - T_Proc_Delay = 448 - }; + /* Put the tokens into the symbol table, so that GDB and other debuggers + know about them. */ + enum yytokentype { + T_Abbrev = 258, + T_Age = 259, + T_All = 260, + T_Allan = 261, + T_Allpeers = 262, + T_Auth = 263, + T_Autokey = 264, + T_Automax = 265, + T_Average = 266, + T_Bclient = 267, + T_Beacon = 268, + T_Broadcast = 269, + T_Broadcastclient = 270, + T_Broadcastdelay = 271, + T_Burst = 272, + T_Calibrate = 273, + T_Ceiling = 274, + T_Clockstats = 275, + T_Cohort = 276, + T_ControlKey = 277, + T_Crypto = 278, + T_Cryptostats = 279, + T_Ctl = 280, + T_Day = 281, + T_Default = 282, + T_Digest = 283, + T_Disable = 284, + T_Discard = 285, + T_Dispersion = 286, + T_Double = 287, + T_Driftfile = 288, + T_Drop = 289, + T_Dscp = 290, + T_Ellipsis = 291, + T_Enable = 292, + T_End = 293, + T_False = 294, + T_File = 295, + T_Filegen = 296, + T_Filenum = 297, + T_Flag1 = 298, + T_Flag2 = 299, + T_Flag3 = 300, + T_Flag4 = 301, + T_Flake = 302, + T_Floor = 303, + T_Freq = 304, + T_Fudge = 305, + T_Host = 306, + T_Huffpuff = 307, + T_Iburst = 308, + T_Ident = 309, + T_Ignore = 310, + T_Incalloc = 311, + T_Incmem = 312, + T_Initalloc = 313, + T_Initmem = 314, + T_Includefile = 315, + T_Integer = 316, + T_Interface = 317, + T_Intrange = 318, + T_Io = 319, + T_Ipv4 = 320, + T_Ipv4_flag = 321, + T_Ipv6 = 322, + T_Ipv6_flag = 323, + T_Kernel = 324, + T_Key = 325, + T_Keys = 326, + T_Keysdir = 327, + T_Kod = 328, + T_Mssntp = 329, + T_Leapfile = 330, + T_Leapsmearinterval = 331, + T_Limited = 332, + T_Link = 333, + T_Listen = 334, + T_Logconfig = 335, + T_Logfile = 336, + T_Loopstats = 337, + T_Lowpriotrap = 338, + T_Manycastclient = 339, + T_Manycastserver = 340, + T_Mask = 341, + T_Maxage = 342, + T_Maxclock = 343, + T_Maxdepth = 344, + T_Maxdist = 345, + T_Maxmem = 346, + T_Maxpoll = 347, + T_Mdnstries = 348, + T_Mem = 349, + T_Memlock = 350, + T_Minclock = 351, + T_Mindepth = 352, + T_Mindist = 353, + T_Minimum = 354, + T_Minpoll = 355, + T_Minsane = 356, + T_Mode = 357, + T_Mode7 = 358, + T_Monitor = 359, + T_Month = 360, + T_Mru = 361, + T_Multicastclient = 362, + T_Nic = 363, + T_Nolink = 364, + T_Nomodify = 365, + T_Nomrulist = 366, + T_None = 367, + T_Nonvolatile = 368, + T_Nopeer = 369, + T_Noquery = 370, + T_Noselect = 371, + T_Noserve = 372, + T_Notrap = 373, + T_Notrust = 374, + T_Ntp = 375, + T_Ntpport = 376, + T_NtpSignDsocket = 377, + T_Orphan = 378, + T_Orphanwait = 379, + T_Panic = 380, + T_Peer = 381, + T_Peerstats = 382, + T_Phone = 383, + T_Pid = 384, + T_Pidfile = 385, + T_Pool = 386, + T_Port = 387, + T_Preempt = 388, + T_Prefer = 389, + T_Protostats = 390, + T_Pw = 391, + T_Randfile = 392, + T_Rawstats = 393, + T_Refid = 394, + T_Requestkey = 395, + T_Reset = 396, + T_Restrict = 397, + T_Revoke = 398, + T_Rlimit = 399, + T_Saveconfigdir = 400, + T_Server = 401, + T_Setvar = 402, + T_Source = 403, + T_Stacksize = 404, + T_Statistics = 405, + T_Stats = 406, + T_Statsdir = 407, + T_Step = 408, + T_Stepback = 409, + T_Stepfwd = 410, + T_Stepout = 411, + T_Stratum = 412, + T_String = 413, + T_Sys = 414, + T_Sysstats = 415, + T_Tick = 416, + T_Time1 = 417, + T_Time2 = 418, + T_Timer = 419, + T_Timingstats = 420, + T_Tinker = 421, + T_Tos = 422, + T_Trap = 423, + T_True = 424, + T_Trustedkey = 425, + T_Ttl = 426, + T_Type = 427, + T_U_int = 428, + T_UEcrypto = 429, + T_UEcryptonak = 430, + T_UEdigest = 431, + T_Unconfig = 432, + T_Unpeer = 433, + T_Version = 434, + T_WanderThreshold = 435, + T_Week = 436, + T_Wildcard = 437, + T_Xleave = 438, + T_Year = 439, + T_Flag = 440, + T_EOC = 441, + T_Simulate = 442, + T_Beep_Delay = 443, + T_Sim_Duration = 444, + T_Server_Offset = 445, + T_Duration = 446, + T_Freq_Offset = 447, + T_Wander = 448, + T_Jitter = 449, + T_Prop_Delay = 450, + T_Proc_Delay = 451 + }; #endif /* Tokens. */ #define T_Abbrev 258 @@ -410,33 +414,37 @@ extern int yydebug; #define T_Ttl 426 #define T_Type 427 #define T_U_int 428 -#define T_Unconfig 429 -#define T_Unpeer 430 -#define T_Version 431 -#define T_WanderThreshold 432 -#define T_Week 433 -#define T_Wildcard 434 -#define T_Xleave 435 -#define T_Year 436 -#define T_Flag 437 -#define T_EOC 438 -#define T_Simulate 439 -#define T_Beep_Delay 440 -#define T_Sim_Duration 441 -#define T_Server_Offset 442 -#define T_Duration 443 -#define T_Freq_Offset 444 -#define T_Wander 445 -#define T_Jitter 446 -#define T_Prop_Delay 447 -#define T_Proc_Delay 448 +#define T_UEcrypto 429 +#define T_UEcryptonak 430 +#define T_UEdigest 431 +#define T_Unconfig 432 +#define T_Unpeer 433 +#define T_Version 434 +#define T_WanderThreshold 435 +#define T_Week 436 +#define T_Wildcard 437 +#define T_Xleave 438 +#define T_Year 439 +#define T_Flag 440 +#define T_EOC 441 +#define T_Simulate 442 +#define T_Beep_Delay 443 +#define T_Sim_Duration 444 +#define T_Server_Offset 445 +#define T_Duration 446 +#define T_Freq_Offset 447 +#define T_Wander 448 +#define T_Jitter 449 +#define T_Prop_Delay 450 +#define T_Proc_Delay 451 + + -/* Value type. */ #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED -typedef union YYSTYPE YYSTYPE; -union YYSTYPE +typedef union YYSTYPE { -#line 51 "../../ntpd/ntp_parser.y" /* yacc.c:1909 */ +/* Line 2053 of yacc.c */ +#line 51 "../../ntpd/ntp_parser.y" char * String; double Double; @@ -455,15 +463,29 @@ union YYSTYPE script_info * Sim_script; script_info_fifo * Sim_script_fifo; -#line 459 "../../ntpd/ntp_parser.h" /* yacc.c:1909 */ -}; + +/* Line 2053 of yacc.c */ +#line 469 "ntp_parser.h" +} YYSTYPE; # define YYSTYPE_IS_TRIVIAL 1 +# define yystype YYSTYPE /* obsolescent; will be withdrawn */ # define YYSTYPE_IS_DECLARED 1 #endif - extern YYSTYPE yylval; +#ifdef YYPARSE_PARAM +#if defined __STDC__ || defined __cplusplus +int yyparse (void *YYPARSE_PARAM); +#else +int yyparse (); +#endif +#else /* ! YYPARSE_PARAM */ +#if defined __STDC__ || defined __cplusplus int yyparse (void); +#else +int yyparse (); +#endif +#endif /* ! YYPARSE_PARAM */ -#endif /* !YY_YY__NTPD_NTP_PARSER_H_INCLUDED */ +#endif /* !YY_YY_NTP_PARSER_H_INCLUDED */ diff --git a/ntpd/ntp_parser.y b/ntpd/ntp_parser.y index a4267e1a8d0..92b438a4916 100644 --- a/ntpd/ntp_parser.y +++ b/ntpd/ntp_parser.y @@ -239,6 +239,9 @@ %token T_Ttl %token T_Type %token T_U_int /* Not a token */ +%token T_UEcrypto +%token T_UEcryptonak +%token T_UEdigest %token T_Unconfig %token T_Unpeer %token T_Version @@ -1083,6 +1086,9 @@ system_option_flag_keyword system_option_local_flag_keyword : T_Mode7 | T_Stats + | T_UEcrypto + | T_UEcryptonak + | T_UEdigest ; /* Tinker Commands diff --git a/ntpd/ntp_proto.c b/ntpd/ntp_proto.c index f7704722a9b..ad454099f8b 100644 --- a/ntpd/ntp_proto.c +++ b/ntpd/ntp_proto.c @@ -153,6 +153,19 @@ u_long sys_declined; /* declined */ u_long sys_limitrejected; /* rate exceeded */ u_long sys_kodsent; /* KoD sent */ +/* + * Mechanism knobs: how soon do we unpeer()? + * + * The default way is "on-receipt". If this was a packet from a + * well-behaved source, on-receipt will offer the fastest recovery. + * If this was from a DoS attack, the default way makes it easier + * for a bad-guy to DoS us. So look and see what bites you harder + * and choose according to your environment. + */ +int unpeer_crypto_early = 1; /* bad crypto (TEST9) */ +int unpeer_crypto_nak_early = 1; /* crypto_NAK (TEST5) */ +int unpeer_digest_early = 1; /* bad digest (TEST5) */ + static int kiss_code_check(u_char hisleap, u_char hisstratum, u_char hismode, u_int32 refid); static double root_distance (struct peer *); static void clock_combine (peer_select *, int, int); @@ -1157,6 +1170,7 @@ receive( } else { peer->delay = sys_bdelay; + peer->bxmt = p_xmt; } break; } @@ -1177,6 +1191,7 @@ receive( sys_restricted++; return; /* ignore duplicate */ } + peer->bxmt = p_xmt; #ifdef AUTOKEY if (skeyid > NTP_MAXKEY) crypto_recv(peer, rbufp); @@ -1286,6 +1301,73 @@ receive( return; } #endif /* AUTOKEY */ + + if (MODE_BROADCAST == hismode) { + u_char poll; + int bail = 0; + l_fp tdiff; + + DPRINTF(2, ("receive: PROCPKT/BROADCAST: prev pkt %ld seconds ago, ppoll: %d, %d secs\n", + (current_time - peer->timelastrec), + peer->ppoll, (1 << peer->ppoll) + )); + /* Things we can check: + * + * Did the poll interval change? + * Is the poll interval in the packet in-range? + * Did this packet arrive too soon? + * Is the timestamp in this packet monotonic + * with respect to the previous packet? + */ + + /* This is noteworthy, not error-worthy */ + if (pkt->ppoll != peer->ppoll) { + msyslog(LOG_INFO, "receive: broadcast poll from %s changed from %ud to %ud", + stoa(&rbufp->recv_srcadr), + peer->ppoll, pkt->ppoll); + } + + poll = min(peer->maxpoll, + max(peer->minpoll, pkt->ppoll)); + + /* This is error-worthy */ + if (pkt->ppoll != poll) { + msyslog(LOG_INFO, "receive: broadcast poll of %ud from %s is out-of-range (%d to %d)!", + pkt->ppoll, stoa(&rbufp->recv_srcadr), + peer->minpoll, peer->maxpoll); + ++bail; + } + + if ( (current_time - peer->timelastrec) + < (1 << pkt->ppoll)) { + msyslog(LOG_INFO, "receive: broadcast packet from %s arrived after %ld, not %d seconds!", + stoa(&rbufp->recv_srcadr), + (current_time - peer->timelastrec), + (1 << pkt->ppoll) + ); + ++bail; + } + + tdiff = p_xmt; + L_SUB(&tdiff, &peer->bxmt); + if (tdiff.l_i < 0) { + msyslog(LOG_INFO, "receive: broadcast packet from %s contains non-monotonic timestamp: %#010x.%08x -> %#010x.%08x", + stoa(&rbufp->recv_srcadr), + peer->bxmt.l_ui, peer->bxmt.l_uf, + p_xmt.l_ui, p_xmt.l_uf + ); + ++bail; + } + + peer->bxmt = p_xmt; + + if (bail) { + peer->timelastrec = current_time; + sys_declined++; + return; + } + } + break; /* @@ -1362,7 +1444,12 @@ receive( /* * Basic mode checks: * - * If there is no origin timestamp, it's an initial packet. + * If there is no origin timestamp, it's either an initial packet + * or we've already received a response to our query. Of course, + * should 'aorg' be all-zero because this really was the original + * transmit timestamp, we'll drop the reply. There is a window of + * one nanosecond once every 136 years' time where this is possible. + * We currently ignore this situation. * * Otherwise, check for bogus packet in basic mode. * If it is bogus, switch to interleaved mode and resynchronize, @@ -1375,7 +1462,8 @@ receive( } else if (peer->flip == 0) { if (0 < hisstratum && L_ISZERO(&p_org)) { L_CLR(&peer->aorg); - } else if (!L_ISEQU(&p_org, &peer->aorg)) { + } else if ( L_ISZERO(&peer->aorg) + || !L_ISEQU(&p_org, &peer->aorg)) { peer->bogusorg++; peer->flash |= TEST2; /* bogus */ msyslog(LOG_INFO, @@ -1424,7 +1512,9 @@ receive( peer->flash |= TEST5; /* bad auth */ peer->badauth++; if (peer->flags & FLAG_PREEMPT) { - unpeer(peer); + if (unpeer_crypto_nak_early) { + unpeer(peer); + } return; } #ifdef AUTOKEY @@ -1450,7 +1540,9 @@ receive( && (hismode == MODE_ACTIVE || hismode == MODE_PASSIVE)) fast_xmit(rbufp, MODE_ACTIVE, 0, restrict_mask); if (peer->flags & FLAG_PREEMPT) { - unpeer(peer); + if (unpeer_digest_early) { + unpeer(peer); + } return; } #ifdef AUTOKEY @@ -1505,12 +1597,47 @@ receive( return; /* Drop any other kiss code packets */ } + /* + * If: + * - this is a *cast (uni-, broad-, or m-) server packet + * - and it's authenticated + * then see if the sender's IP is trusted for this keyid. + * If it is, great - nothing special to do here. + * Otherwise, we should report and bail. + */ + + switch (hismode) { + case MODE_SERVER: /* server mode */ + case MODE_BROADCAST: /* broadcast mode */ + case MODE_ACTIVE: /* symmetric active mode */ + if ( is_authentic == AUTH_OK + && !authistrustedip(skeyid, &peer->srcadr)) { + report_event(PEVNT_AUTH, peer, "authIP"); + peer->badauth++; + return; + } + break; + + case MODE_UNSPEC: /* unspecified (old version) */ + case MODE_PASSIVE: /* symmetric passive mode */ + case MODE_CLIENT: /* client mode */ +#if 0 /* At this point, MODE_CONTROL is overloaded by MODE_BCLIENT */ + case MODE_CONTROL: /* control mode */ +#endif + case MODE_PRIVATE: /* private mode */ + case MODE_BCLIENT: /* broadcast client mode */ + break; + default: + break; + } + /* * That was hard and I am sweaty, but the packet is squeaky * clean. Get on with real work. */ peer->timereceived = current_time; + peer->timelastrec = current_time; if (is_authentic == AUTH_OK) peer->flags |= FLAG_AUTHENTIC; else @@ -1560,8 +1687,11 @@ receive( "crypto error"); peer_clear(peer, "CRYP"); peer->flash |= TEST9; /* bad crypt */ - if (peer->flags & FLAG_PREEMPT) - unpeer(peer); + if (peer->flags & FLAG_PREEMPT) { + if (unpeer_crypto_early) { + unpeer(peer); + } + } } return; } @@ -4358,6 +4488,22 @@ proto_config( io_multicast_del(svalue); break; + /* + * Unpeer Early policy choices + */ + + case PROTO_UECRYPTO: /* Crypto */ + unpeer_crypto_early = value; + break; + + case PROTO_UECRYPTONAK: /* Crypto_NAK */ + unpeer_crypto_nak_early = value; + break; + + case PROTO_UEDIGEST: /* Digest */ + unpeer_digest_early = value; + break; + default: msyslog(LOG_NOTICE, "proto: unsupported option %d", item); diff --git a/ntpd/ntp_request.c b/ntpd/ntp_request.c index fa78ce1e494..ba968e2c8e8 100644 --- a/ntpd/ntp_request.c +++ b/ntpd/ntp_request.c @@ -81,8 +81,8 @@ static void do_unconf (sockaddr_u *, endpt *, struct req_pkt *); static void set_sys_flag (sockaddr_u *, endpt *, struct req_pkt *); static void clr_sys_flag (sockaddr_u *, endpt *, struct req_pkt *); static void setclr_flags (sockaddr_u *, endpt *, struct req_pkt *, u_long); -static void list_restrict4 (restrict_u *, struct info_restrict **); -static void list_restrict6 (restrict_u *, struct info_restrict **); +static void list_restrict4 (const restrict_u *, struct info_restrict **); +static void list_restrict6 (const restrict_u *, struct info_restrict **); static void list_restrict (sockaddr_u *, endpt *, struct req_pkt *); static void do_resaddflags (sockaddr_u *, endpt *, struct req_pkt *); static void do_ressubflags (sockaddr_u *, endpt *, struct req_pkt *); @@ -667,43 +667,35 @@ list_peers( struct req_pkt *inpkt ) { - struct info_peer_list *ip; - struct peer *pp; - int skip = 0; + struct info_peer_list * ip; + const struct peer * pp; ip = (struct info_peer_list *)prepare_pkt(srcadr, inter, inpkt, v6sizeof(struct info_peer_list)); for (pp = peer_list; pp != NULL && ip != NULL; pp = pp->p_link) { if (IS_IPV6(&pp->srcadr)) { - if (client_v6_capable) { - ip->addr6 = SOCK_ADDR6(&pp->srcadr); - ip->v6_flag = 1; - skip = 0; - } else { - skip = 1; - break; - } + if (!client_v6_capable) + continue; + ip->addr6 = SOCK_ADDR6(&pp->srcadr); + ip->v6_flag = 1; } else { ip->addr = NSRCADR(&pp->srcadr); if (client_v6_capable) ip->v6_flag = 0; - skip = 0; } - if (!skip) { - ip->port = NSRCPORT(&pp->srcadr); - ip->hmode = pp->hmode; - ip->flags = 0; - if (pp->flags & FLAG_CONFIG) - ip->flags |= INFO_FLAG_CONFIG; - if (pp == sys_peer) - ip->flags |= INFO_FLAG_SYSPEER; - if (pp->status == CTL_PST_SEL_SYNCCAND) - ip->flags |= INFO_FLAG_SEL_CANDIDATE; - if (pp->status >= CTL_PST_SEL_SYSPEER) - ip->flags |= INFO_FLAG_SHORTLIST; - ip = (struct info_peer_list *)more_pkt(); - } + ip->port = NSRCPORT(&pp->srcadr); + ip->hmode = pp->hmode; + ip->flags = 0; + if (pp->flags & FLAG_CONFIG) + ip->flags |= INFO_FLAG_CONFIG; + if (pp == sys_peer) + ip->flags |= INFO_FLAG_SYSPEER; + if (pp->status == CTL_PST_SEL_SYNCCAND) + ip->flags |= INFO_FLAG_SEL_CANDIDATE; + if (pp->status >= CTL_PST_SEL_SYSPEER) + ip->flags |= INFO_FLAG_SHORTLIST; + ip = (struct info_peer_list *)more_pkt(); } /* for pp */ flush_pkt(); @@ -720,10 +712,9 @@ list_peers_sum( struct req_pkt *inpkt ) { - register struct info_peer_summary *ips; - register struct peer *pp; - l_fp ltmp; - register int skip; + struct info_peer_summary * ips; + const struct peer * pp; + l_fp ltmp; DPRINTF(3, ("wants peer list summary\n")); @@ -736,18 +727,14 @@ list_peers_sum( * want only v4. */ if (IS_IPV6(&pp->srcadr)) { - if (client_v6_capable) { - ips->srcadr6 = SOCK_ADDR6(&pp->srcadr); - ips->v6_flag = 1; - if (pp->dstadr) - ips->dstadr6 = SOCK_ADDR6(&pp->dstadr->sin); - else - ZERO(ips->dstadr6); - skip = 0; - } else { - skip = 1; - break; - } + if (!client_v6_capable) + continue; + ips->srcadr6 = SOCK_ADDR6(&pp->srcadr); + ips->v6_flag = 1; + if (pp->dstadr) + ips->dstadr6 = SOCK_ADDR6(&pp->dstadr->sin); + else + ZERO(ips->dstadr6); } else { ips->srcadr = NSRCADR(&pp->srcadr); if (client_v6_capable) @@ -765,39 +752,37 @@ list_peers_sum( ips->dstadr = NSRCADR(&pp->dstadr->bcast); } } - } else + } else { ips->dstadr = 0; - - skip = 0; + } } - if (!skip) { - ips->srcport = NSRCPORT(&pp->srcadr); - ips->stratum = pp->stratum; - ips->hpoll = pp->hpoll; - ips->ppoll = pp->ppoll; - ips->reach = pp->reach; - ips->flags = 0; - if (pp == sys_peer) - ips->flags |= INFO_FLAG_SYSPEER; - if (pp->flags & FLAG_CONFIG) - ips->flags |= INFO_FLAG_CONFIG; - if (pp->flags & FLAG_REFCLOCK) - ips->flags |= INFO_FLAG_REFCLOCK; - if (pp->flags & FLAG_PREFER) - ips->flags |= INFO_FLAG_PREFER; - if (pp->flags & FLAG_BURST) - ips->flags |= INFO_FLAG_BURST; - if (pp->status == CTL_PST_SEL_SYNCCAND) - ips->flags |= INFO_FLAG_SEL_CANDIDATE; - if (pp->status >= CTL_PST_SEL_SYSPEER) - ips->flags |= INFO_FLAG_SHORTLIST; - ips->hmode = pp->hmode; - ips->delay = HTONS_FP(DTOFP(pp->delay)); - DTOLFP(pp->offset, <mp); - HTONL_FP(<mp, &ips->offset); - ips->dispersion = HTONS_FP(DTOUFP(SQRT(pp->disp))); - } + ips->srcport = NSRCPORT(&pp->srcadr); + ips->stratum = pp->stratum; + ips->hpoll = pp->hpoll; + ips->ppoll = pp->ppoll; + ips->reach = pp->reach; + ips->flags = 0; + if (pp == sys_peer) + ips->flags |= INFO_FLAG_SYSPEER; + if (pp->flags & FLAG_CONFIG) + ips->flags |= INFO_FLAG_CONFIG; + if (pp->flags & FLAG_REFCLOCK) + ips->flags |= INFO_FLAG_REFCLOCK; + if (pp->flags & FLAG_PREFER) + ips->flags |= INFO_FLAG_PREFER; + if (pp->flags & FLAG_BURST) + ips->flags |= INFO_FLAG_BURST; + if (pp->status == CTL_PST_SEL_SYNCCAND) + ips->flags |= INFO_FLAG_SEL_CANDIDATE; + if (pp->status >= CTL_PST_SEL_SYSPEER) + ips->flags |= INFO_FLAG_SHORTLIST; + ips->hmode = pp->hmode; + ips->delay = HTONS_FP(DTOFP(pp->delay)); + DTOLFP(pp->offset, <mp); + HTONL_FP(<mp, &ips->offset); + ips->dispersion = HTONS_FP(DTOUFP(SQRT(pp->disp))); + ips = (struct info_peer_summary *)more_pkt(); } /* for pp */ @@ -1197,7 +1182,7 @@ mem_stats( ms->hashcount[i] = (u_char) max((u_int)peer_hash_count[i], UCHAR_MAX); - more_pkt(); + (void) more_pkt(); flush_pkt(); } @@ -1285,7 +1270,7 @@ loop_info( li->compliance = htonl((u_int32)(tc_counter)); li->watchdog_timer = htonl((u_int32)(current_time - sys_epoch)); - more_pkt(); + (void) more_pkt(); flush_pkt(); } @@ -1571,56 +1556,143 @@ setclr_flags( req_ack(srcadr, inter, inpkt, INFO_OKAY); } +/* There have been some issues with the restrict list processing, + * ranging from problems with deep recursion (resulting in stack + * overflows) and overfull reply buffers. + * + * To avoid this trouble the list reversal is done iteratively using a + * scratch pad. + */ +typedef struct RestrictStack RestrictStackT; +struct RestrictStack { + RestrictStackT *link; + size_t fcnt; + const restrict_u *pres[63]; +}; + +static size_t +getStackSheetSize( + RestrictStackT *sp + ) +{ + if (sp) + return sizeof(sp->pres)/sizeof(sp->pres[0]); + return 0u; +} + +static int/*BOOL*/ +pushRestriction( + RestrictStackT **spp, + const restrict_u *ptr + ) +{ + RestrictStackT *sp; + + if (NULL == (sp = *spp) || 0 == sp->fcnt) { + /* need another sheet in the scratch pad */ + sp = emalloc(sizeof(*sp)); + sp->link = *spp; + sp->fcnt = getStackSheetSize(sp); + *spp = sp; + } + sp->pres[--sp->fcnt] = ptr; + return TRUE; +} + +static int/*BOOL*/ +popRestriction( + RestrictStackT **spp, + const restrict_u **opp + ) +{ + RestrictStackT *sp; + + if (NULL == (sp = *spp) || sp->fcnt >= getStackSheetSize(sp)) + return FALSE; + + *opp = sp->pres[sp->fcnt++]; + if (sp->fcnt >= getStackSheetSize(sp)) { + /* discard sheet from scratch pad */ + *spp = sp->link; + free(sp); + } + return TRUE; +} + +static void +flushRestrictionStack( + RestrictStackT **spp + ) +{ + RestrictStackT *sp; + + while (NULL != (sp = *spp)) { + *spp = sp->link; + free(sp); + } +} + /* - * list_restrict4 - recursive helper for list_restrict dumps IPv4 + * list_restrict4 - iterative helper for list_restrict dumps IPv4 * restriction list in reverse order. */ static void list_restrict4( - restrict_u * res, + const restrict_u * res, struct info_restrict ** ppir ) { + RestrictStackT * rpad; struct info_restrict * pir; - if (res->link != NULL) - list_restrict4(res->link, ppir); - pir = *ppir; - pir->addr = htonl(res->u.v4.addr); - if (client_v6_capable) - pir->v6_flag = 0; - pir->mask = htonl(res->u.v4.mask); - pir->count = htonl(res->count); - pir->flags = htons(res->flags); - pir->mflags = htons(res->mflags); - *ppir = (struct info_restrict *)more_pkt(); + for (rpad = NULL; res; res = res->link) + if (!pushRestriction(&rpad, res)) + break; + + while (pir && popRestriction(&rpad, &res)) { + pir->addr = htonl(res->u.v4.addr); + if (client_v6_capable) + pir->v6_flag = 0; + pir->mask = htonl(res->u.v4.mask); + pir->count = htonl(res->count); + pir->flags = htons(res->flags); + pir->mflags = htons(res->mflags); + pir = (struct info_restrict *)more_pkt(); + } + flushRestrictionStack(&rpad); + *ppir = pir; } - /* - * list_restrict6 - recursive helper for list_restrict dumps IPv6 + * list_restrict6 - iterative helper for list_restrict dumps IPv6 * restriction list in reverse order. */ static void list_restrict6( - restrict_u * res, + const restrict_u * res, struct info_restrict ** ppir ) { + RestrictStackT * rpad; struct info_restrict * pir; - if (res->link != NULL) - list_restrict6(res->link, ppir); - pir = *ppir; - pir->addr6 = res->u.v6.addr; - pir->mask6 = res->u.v6.mask; - pir->v6_flag = 1; - pir->count = htonl(res->count); - pir->flags = htons(res->flags); - pir->mflags = htons(res->mflags); - *ppir = (struct info_restrict *)more_pkt(); + for (rpad = NULL; res; res = res->link) + if (!pushRestriction(&rpad, res)) + break; + + while (pir && popRestriction(&rpad, &res)) { + pir->addr6 = res->u.v6.addr; + pir->mask6 = res->u.v6.mask; + pir->v6_flag = 1; + pir->count = htonl(res->count); + pir->flags = htons(res->flags); + pir->mflags = htons(res->mflags); + pir = (struct info_restrict *)more_pkt(); + } + flushRestrictionStack(&rpad); + *ppir = pir; } @@ -1644,8 +1716,7 @@ list_restrict( /* * The restriction lists are kept sorted in the reverse order * than they were originally. To preserve the output semantics, - * dump each list in reverse order. A recursive helper function - * achieves that. + * dump each list in reverse order. The workers take care of that. */ list_restrict4(restrictlist4, &ir); if (client_v6_capable) @@ -2010,7 +2081,7 @@ do_trustkey( register int items; items = INFO_NITEMS(inpkt->err_nitems); - kp = (uint32_t*)&inpkt->u; + kp = (uint32_t *)&inpkt->u; while (items-- > 0) { authtrust(*kp, trust); kp++; @@ -2089,7 +2160,7 @@ req_get_traps( it = (struct info_trap *)prepare_pkt(srcadr, inter, inpkt, v6sizeof(struct info_trap)); - for (i = 0, tr = ctl_traps; i < COUNTOF(ctl_traps); i++, tr++) { + for (i = 0, tr = ctl_traps; it && i < COUNTOF(ctl_traps); i++, tr++) { if (tr->tr_flags & TRAP_INUSE) { if (IS_IPV4(&tr->tr_addr)) { if (tr->tr_localaddr == any_interface) @@ -2405,7 +2476,7 @@ get_clock_info( ic = (struct info_clock *)prepare_pkt(srcadr, inter, inpkt, sizeof(struct info_clock)); - while (items-- > 0) { + while (items-- > 0 && ic) { NSRCADR(&addr) = *clkaddr++; if (!ISREFCLOCKADR(&addr) || NULL == findexistingpeer(&addr, NULL, NULL, -1, 0)) { @@ -2544,7 +2615,7 @@ get_clkbug_info( ic = (struct info_clkbug *)prepare_pkt(srcadr, inter, inpkt, sizeof(struct info_clkbug)); - while (items-- > 0) { + while (items-- > 0 && ic) { NSRCADR(&addr) = *clkaddr++; if (!ISREFCLOCKADR(&addr) || NULL == findexistingpeer(&addr, NULL, NULL, -1, 0)) { @@ -2592,13 +2663,15 @@ fill_info_if_stats(void *data, interface_info_t *interface_info) struct info_if_stats **ifsp = (struct info_if_stats **)data; struct info_if_stats *ifs = *ifsp; endpt *ep = interface_info->ep; + + if (NULL == ifs) + return; ZERO(*ifs); if (IS_IPV6(&ep->sin)) { - if (!client_v6_capable) { + if (!client_v6_capable) return; - } ifs->v6_flag = 1; ifs->unaddr.addr6 = SOCK_ADDR6(&ep->sin); ifs->unbcast.addr6 = SOCK_ADDR6(&ep->bcast); diff --git a/ntpd/ntp_scanner.c b/ntpd/ntp_scanner.c index 49adf6bfb76..631c218b156 100644 --- a/ntpd/ntp_scanner.c +++ b/ntpd/ntp_scanner.c @@ -669,7 +669,7 @@ int yylex(void) { static follby followedby = FOLLBY_TOKEN; - int i; + size_t i; int instring; int yylval_was_set; int converted; diff --git a/ntpd/ntp_timer.c b/ntpd/ntp_timer.c index 03084a35362..78c81b620b1 100644 --- a/ntpd/ntp_timer.c +++ b/ntpd/ntp_timer.c @@ -549,14 +549,16 @@ check_leapsec( #ifdef LEAP_SMEAR leap_smear.enabled = leap_smear_intv != 0; #endif - if (reset) { + if (reset) { lsprox = LSPROX_NOWARN; leapsec_reset_frame(); memset(&lsdata, 0, sizeof(lsdata)); } else { - int fired = leapsec_query(&lsdata, now, tpiv); + int fired; - DPRINTF(1, ("*** leapsec_query: fired %i, now %u (0x%08X), tai_diff %i, ddist %u\n", + fired = leapsec_query(&lsdata, now, tpiv); + + DPRINTF(3, ("*** leapsec_query: fired %i, now %u (0x%08X), tai_diff %i, ddist %u\n", fired, now, now, lsdata.tai_diff, lsdata.ddist)); #ifdef LEAP_SMEAR @@ -572,8 +574,7 @@ check_leapsec( DPRINTF(1, ("*** leapsec_query: setting leap_smear interval %li, begin %.0f, end %.0f\n", leap_smear.interval, leap_smear.intv_start, leap_smear.intv_end)); } - } - else { + } else { if (leap_smear.interval) DPRINTF(1, ("*** leapsec_query: clearing leap_smear interval\n")); leap_smear.interval = 0; @@ -655,10 +656,10 @@ check_leapsec( sys_tai = lsdata.tai_offs; } else { #ifdef AUTOKEY - update_autokey = (sys_tai != lsdata.tai_offs); + update_autokey = (sys_tai != (u_int)lsdata.tai_offs); #endif - lsprox = lsdata.proximity; - sys_tai = lsdata.tai_offs; + lsprox = lsdata.proximity; + sys_tai = lsdata.tai_offs; } } diff --git a/ntpd/ntpd-opts.c b/ntpd/ntpd-opts.c index 660884b94b7..f435a31af66 100644 --- a/ntpd/ntpd-opts.c +++ b/ntpd/ntpd-opts.c @@ -1,7 +1,7 @@ /* * EDIT THIS FILE WITH CAUTION (ntpd-opts.c) * - * It has been AutoGen-ed January 7, 2016 at 11:28:29 PM by AutoGen 5.18.5 + * It has been AutoGen-ed January 20, 2016 at 04:15:45 AM by AutoGen 5.18.5 * From the definitions ntpd-opts.def * and the template file options * @@ -18,7 +18,7 @@ * The ntpd program is copyrighted and licensed * under the following terms: * - * Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved. + * Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved. * This is free software. It is licensed for use, modification and * redistribution under the terms of the NTP License, copies of which * can be seen at: @@ -75,8 +75,8 @@ extern FILE * option_usage_fp; * static const strings for ntpd options */ static char const ntpd_opt_strs[3129] = -/* 0 */ "ntpd 4.2.8p5\n" - "Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n" +/* 0 */ "ntpd 4.2.8p6\n" + "Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n" "This is free software. It is licensed for use, modification and\n" "redistribution under the terms of the NTP License, copies of which\n" "can be seen at:\n" @@ -205,12 +205,12 @@ static char const ntpd_opt_strs[3129] = /* 2900 */ "output version information and exit\0" /* 2936 */ "version\0" /* 2944 */ "NTPD\0" -/* 2949 */ "ntpd - NTP daemon program - Ver. 4.2.8p5\n" +/* 2949 */ "ntpd - NTP daemon program - Ver. 4.2.8p6\n" "Usage: %s [ - [] | --[{=| }] ]... \\\n" "\t\t[ ... ]\n\0" /* 3080 */ "http://bugs.ntp.org, bugs@ntp.org\0" /* 3114 */ "\n\0" -/* 3116 */ "ntpd 4.2.8p5"; +/* 3116 */ "ntpd 4.2.8p6"; /** * ipv4 option description with @@ -1529,8 +1529,8 @@ static void bogus_function(void) { translate option names. */ /* referenced via ntpdOptions.pzCopyright */ - puts(_("ntpd 4.2.8p5\n\ -Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n\ + puts(_("ntpd 4.2.8p6\n\ +Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n\ This is free software. It is licensed for use, modification and\n\ redistribution under the terms of the NTP License, copies of which\n\ can be seen at:\n")); @@ -1670,7 +1670,7 @@ implied warranty.\n")); puts(_("output version information and exit")); /* referenced via ntpdOptions.pzUsageTitle */ - puts(_("ntpd - NTP daemon program - Ver. 4.2.8p5\n\ + puts(_("ntpd - NTP daemon program - Ver. 4.2.8p6\n\ Usage: %s [ - [] | --[{=| }] ]... \\\n\ \t\t[ ... ]\n")); @@ -1678,7 +1678,7 @@ Usage: %s [ - [] | --[{=| }] ]... \\\n\ puts(_("\n")); /* referenced via ntpdOptions.pzFullVersion */ - puts(_("ntpd 4.2.8p5")); + puts(_("ntpd 4.2.8p6")); /* referenced via ntpdOptions.pzFullUsage */ puts(_("<<>>")); diff --git a/ntpd/ntpd-opts.h b/ntpd/ntpd-opts.h index 571fd342568..9427cac75a5 100644 --- a/ntpd/ntpd-opts.h +++ b/ntpd/ntpd-opts.h @@ -1,7 +1,7 @@ /* * EDIT THIS FILE WITH CAUTION (ntpd-opts.h) * - * It has been AutoGen-ed January 7, 2016 at 11:28:28 PM by AutoGen 5.18.5 + * It has been AutoGen-ed January 20, 2016 at 04:15:43 AM by AutoGen 5.18.5 * From the definitions ntpd-opts.def * and the template file options * @@ -18,7 +18,7 @@ * The ntpd program is copyrighted and licensed * under the following terms: * - * Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved. + * Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved. * This is free software. It is licensed for use, modification and * redistribution under the terms of the NTP License, copies of which * can be seen at: @@ -106,9 +106,9 @@ typedef enum { /** count of all options for ntpd */ #define OPTION_CT 38 /** ntpd version */ -#define NTPD_VERSION "4.2.8p5" +#define NTPD_VERSION "4.2.8p6" /** Full ntpd version text */ -#define NTPD_FULL_VERSION "ntpd 4.2.8p5" +#define NTPD_FULL_VERSION "ntpd 4.2.8p6" /** * Interface defines for all options. Replace "n" with the UPPER_CASED diff --git a/ntpd/ntpd.1ntpdman b/ntpd/ntpd.1ntpdman index 42d0caf54cb..322d0bc441d 100644 --- a/ntpd/ntpd.1ntpdman +++ b/ntpd/ntpd.1ntpdman @@ -10,11 +10,11 @@ .ds B-Font B .ds I-Font I .ds R-Font R -.TH ntpd 1ntpdman "07 Jan 2016" "4.2.8p5" "User Commands" +.TH ntpd 1ntpdman "20 Jan 2016" "4.2.8p6" "User Commands" .\" -.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-KDaWJq/ag-WDaOIq) +.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-9JaiRS/ag-jKaaQS) .\" -.\" It has been AutoGen-ed January 7, 2016 at 11:30:44 PM by AutoGen 5.18.5 +.\" It has been AutoGen-ed January 20, 2016 at 04:17:54 AM by AutoGen 5.18.5 .\" From the definitions ntpd-opts.def .\" and the template file agman-cmd.tpl .SH NAME @@ -979,7 +979,7 @@ RFC5908 .SH "AUTHORS" The University of Delaware and Network Time Foundation .SH "COPYRIGHT" -Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved. +Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved. This program is released under the terms of the NTP license, . .SH BUGS The diff --git a/ntpd/ntpd.1ntpdmdoc b/ntpd/ntpd.1ntpdmdoc index dc06f58a952..301d983596f 100644 --- a/ntpd/ntpd.1ntpdmdoc +++ b/ntpd/ntpd.1ntpdmdoc @@ -1,9 +1,9 @@ -.Dd January 7 2016 +.Dd January 20 2016 .Dt NTPD 1ntpdmdoc User Commands .Os .\" EDIT THIS FILE WITH CAUTION (ntpd-opts.mdoc) .\" -.\" It has been AutoGen-ed January 7, 2016 at 11:31:02 PM by AutoGen 5.18.5 +.\" It has been AutoGen-ed January 20, 2016 at 04:18:12 AM by AutoGen 5.18.5 .\" From the definitions ntpd-opts.def .\" and the template file agmdoc-cmd.tpl .Sh NAME @@ -886,7 +886,7 @@ A snapshot of this documentation is available in HTML format in .Sh "AUTHORS" The University of Delaware and Network Time Foundation .Sh "COPYRIGHT" -Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved. +Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved. This program is released under the terms of the NTP license, . .Sh BUGS The diff --git a/ntpd/ntpd.c b/ntpd/ntpd.c index 7630aee43bd..2c7f02ec5d6 100644 --- a/ntpd/ntpd.c +++ b/ntpd/ntpd.c @@ -209,6 +209,11 @@ extern int syscall (int, ...); #if !defined(SIM) && defined(SIGDIE1) +static volatile int signalled = 0; +static volatile int signo = 0; + +/* In an ideal world, 'finish_safe()' would declared as noreturn... */ +static void finish_safe (int); static RETSIGTYPE finish (int); #endif @@ -298,11 +303,28 @@ my_pthread_warmup_worker( static void my_pthread_warmup(void) { - pthread_t thread; - int rc; + pthread_t thread; + pthread_attr_t thr_attr; + int rc; + + pthread_attr_init(&thr_attr); +#if defined(HAVE_PTHREAD_ATTR_GETSTACKSIZE) && \ + defined(HAVE_PTHREAD_ATTR_SETSTACKSIZE) && \ + defined(PTHREAD_STACK_MIN) + rc = pthread_attr_setstacksize(&thr_attr, PTHREAD_STACK_MIN); + if (0 != rc) + msyslog(LOG_ERR, + "my_pthread_warmup: pthread_attr_setstacksize() -> %s", + strerror(rc)); +#endif rc = pthread_create( - &thread, NULL, my_pthread_warmup_worker, NULL); - if (0 == rc) { + &thread, &thr_attr, my_pthread_warmup_worker, NULL); + pthread_attr_destroy(&thr_attr); + if (0 != rc) { + msyslog(LOG_ERR, + "my_pthread_warmup: pthread_create() -> %s", + strerror(rc)); + } else { pthread_cancel(thread); pthread_join(thread, NULL); } @@ -1204,6 +1226,10 @@ int scmp_sc[] = { # ifdef HAVE_IO_COMPLETION_PORT for (;;) { +#if !defined(SIM) && defined(SIGDIE1) + if (signalled) + finish_safe(signo); +#endif GetReceivedBuffers(); # else /* normal I/O */ @@ -1211,11 +1237,19 @@ int scmp_sc[] = { was_alarmed = FALSE; for (;;) { +#if !defined(SIM) && defined(SIGDIE1) + if (signalled) + finish_safe(signo); +#endif if (alarm_flag) { /* alarmed? */ was_alarmed = TRUE; alarm_flag = FALSE; } + /* collect async name/addr results */ + if (!was_alarmed) + harvest_blocking_responses(); + if (!was_alarmed && !has_full_recv_buffer()) { /* * Nothing to do. Wait for something. @@ -1330,9 +1364,9 @@ int scmp_sc[] = { /* * finish - exit gracefully */ -static RETSIGTYPE -finish( - int sig +static void +finish_safe( + int sig ) { const char *sig_desc; @@ -1353,6 +1387,16 @@ finish( peer_cleanup(); exit(0); } + +static RETSIGTYPE +finish( + int sig + ) +{ + signalled = 1; + signo = sig; +} + #endif /* !SIM && SIGDIE1 */ diff --git a/ntpd/ntpd.html b/ntpd/ntpd.html index ae3e17ce7a3..bdf58a1beee 100644 --- a/ntpd/ntpd.html +++ b/ntpd/ntpd.html @@ -39,7 +39,7 @@ The program can operate in any of several modes, including client/server, symmetric and broadcast modes, and with both symmetric-key and public-key cryptography. -

This document applies to version 4.2.8p5 of ntpd. +

This document applies to version 4.2.8p6 of ntpd.