From c8a2bf14627149859c5fed86cf127096c4fa2870 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= Date: Sun, 6 May 2018 12:27:04 +0000 Subject: [PATCH] Vendor import of OpenSSH 7.7p1. --- .depend | 182 + .skipped-commit-ids | 7 + ChangeLog | 4925 +++++++++-------- INSTALL | 20 +- Makefile.in | 101 +- PROTOCOL | 14 +- PROTOCOL.certkeys | 8 +- README | 20 +- README.privsep | 4 +- auth-options.c | 1207 ++-- auth-options.h | 105 +- auth-pam.c | 25 +- auth-pam.h | 4 +- auth-passwd.c | 30 +- auth-sia.c | 4 +- auth.c | 351 +- auth.h | 34 +- auth2-hostbased.c | 10 +- auth2-none.c | 4 +- auth2-passwd.c | 4 +- auth2-pubkey.c | 617 ++- auth2.c | 17 +- authfd.c | 43 +- authfd.h | 7 +- authfile.c | 8 +- bitmap.c | 1 + bitmap.h | 1 + blocks.c | 248 - channels.c | 84 +- cipher.c | 21 +- clientloop.c | 57 +- clientloop.h | 4 +- compat.c | 73 +- compat.h | 28 +- config.h.in | 72 +- configure | 716 ++- configure.ac | 217 +- contrib/aix/README | 1 - contrib/aix/buildbff.sh | 1 - contrib/aix/inventory.sh | 1 - contrib/cygwin/Makefile | 11 +- contrib/findssl.sh | 2 - contrib/redhat/openssh.spec | 69 +- contrib/redhat/sshd.init | 1 - contrib/redhat/sshd.init.old | 17 - contrib/suse/openssh.spec | 2 +- crypto_api.h | 10 +- defines.h | 24 - dh.c | 11 +- dns.c | 7 +- dns.h | 5 +- entropy.c | 4 +- fixprogs | 72 - hash.c | 83 +- install-sh | 678 ++- kex.c | 14 +- kexc25519c.c | 4 +- kexc25519s.c | 2 +- kexdhc.c | 10 +- kexdhs.c | 8 +- kexecdhc.c | 19 +- kexecdhs.c | 14 +- kexgexc.c | 16 +- kexgexs.c | 8 +- key.c | 17 +- key.h | 3 +- krl.c | 4 +- loginrec.c | 6 - md5crypt.c | 4 +- mdoc2man.awk | 2 - misc.c | 696 ++- misc.h | 21 +- mkinstalldirs | 2 - moduli | 836 ++- moduli.c | 6 +- monitor.c | 116 +- monitor_wrap.c | 56 +- monitor_wrap.h | 13 +- opacket.c | 1 + opacket.h | 1 + openbsd-compat/Makefile.in | 81 +- openbsd-compat/bsd-cray.c | 816 --- openbsd-compat/bsd-cray.h | 59 - openbsd-compat/bsd-flock.c | 81 + openbsd-compat/bsd-getpagesize.c | 2 + openbsd-compat/bsd-malloc.c | 2 + openbsd-compat/bsd-misc.c | 81 +- openbsd-compat/bsd-misc.h | 34 +- openbsd-compat/bsd-openpty.c | 25 - openbsd-compat/bsd-signal.c | 62 + openbsd-compat/bsd-signal.h | 39 + openbsd-compat/bsd-statvfs.c | 8 + openbsd-compat/bsd-statvfs.h | 3 + openbsd-compat/freezero.c | 4 + openbsd-compat/openbsd-compat.h | 14 +- openbsd-compat/port-aix.c | 4 +- openbsd-compat/port-linux.c | 9 +- openbsd-compat/{port-tun.c => port-net.c} | 101 +- openbsd-compat/{port-tun.h => port-net.h} | 16 +- openbsd-compat/port-uw.c | 4 +- openbsd-compat/readpassphrase.c | 8 - openbsd-compat/regress/Makefile.in | 2 - openbsd-compat/strndup.c | 43 + openbsd-compat/strnlen.c | 2 +- opensshd.init.in | 4 - packet.c | 32 +- packet.h | 5 +- pathnames.h | 4 +- readconf.c | 76 +- readconf.h | 4 +- regress/Makefile | 5 +- regress/README.regress | 2 - regress/agent-getpeereid.sh | 3 +- regress/agent-ptrace.sh | 2 +- regress/agent.sh | 146 +- regress/allow-deny-users.sh | 1 + regress/authinfo.sh | 4 +- regress/cert-userkey.sh | 5 +- regress/cfgmatch.sh | 6 +- regress/connect-uri.sh | 29 + regress/forward-control.sh | 29 +- regress/key-options.sh | 68 +- regress/keys-command.sh | 2 +- regress/keytype.sh | 14 +- regress/limit-keytype.sh | 9 +- regress/misc/fuzz-harness/sig_fuzz.cc | 12 +- regress/misc/kexfuzz/Makefile | 32 +- regress/misc/kexfuzz/README | 2 + regress/netcat.c | 7 +- regress/proxy-connect.sh | 30 +- regress/putty-ciphers.sh | 2 +- regress/putty-kex.sh | 2 +- regress/putty-transfer.sh | 6 +- regress/scp-uri.sh | 70 + regress/sftp-chroot.sh | 7 +- regress/sftp-uri.sh | 63 + regress/sftp.sh | 6 +- regress/sshd-log-wrapper.sh | 2 +- regress/test-exec.sh | 6 +- regress/unittests/Makefile | 3 +- regress/unittests/Makefile.inc | 16 +- .../authopt/testdata/all_permit.cert | 1 + .../authopt/testdata/bad_sourceaddr.cert | 1 + .../authopt/testdata/force_command.cert | 1 + regress/unittests/authopt/testdata/host.cert | 1 + .../unittests/authopt/testdata/mktestdata.sh | 48 + .../authopt/testdata/no_agentfwd.cert | 1 + .../unittests/authopt/testdata/no_permit.cert | 1 + .../authopt/testdata/no_portfwd.cert | 1 + .../unittests/authopt/testdata/no_pty.cert | 1 + .../authopt/testdata/no_user_rc.cert | 1 + .../unittests/authopt/testdata/no_x11fwd.cert | 1 + .../authopt/testdata/only_agentfwd.cert | 1 + .../authopt/testdata/only_portfwd.cert | 1 + .../unittests/authopt/testdata/only_pty.cert | 1 + .../authopt/testdata/only_user_rc.cert | 1 + .../authopt/testdata/only_x11fwd.cert | 1 + .../authopt/testdata/sourceaddr.cert | 1 + .../authopt/testdata/unknown_critical.cert | 1 + regress/unittests/authopt/tests.c | 573 ++ regress/unittests/bitmap/Makefile | 6 +- regress/unittests/conversion/Makefile | 7 +- regress/unittests/hostkeys/Makefile | 15 +- regress/unittests/kex/Makefile | 19 +- regress/unittests/match/Makefile | 8 +- regress/unittests/sshbuf/Makefile | 12 +- regress/unittests/sshkey/Makefile | 15 +- regress/unittests/sshkey/test_fuzz.c | 6 +- regress/unittests/sshkey/test_sshkey.c | 8 +- regress/unittests/test_helper/test_helper.c | 14 +- regress/unittests/test_helper/test_helper.h | 4 +- regress/unittests/utf8/Makefile | 6 +- regress/yes-head.sh | 2 +- scp.0 | 19 +- scp.1 | 45 +- scp.c | 222 +- servconf.c | 569 +- servconf.h | 77 +- serverloop.c | 82 +- session.c | 120 +- sftp-client.c | 20 +- sftp.0 | 67 +- sftp.1 | 92 +- sftp.c | 88 +- ssh-add.c | 74 +- ssh-agent.c | 64 +- ssh-dss.c | 87 +- ssh-ecdsa.c | 8 +- ssh-keygen.0 | 33 +- ssh-keygen.1 | 29 +- ssh-keygen.c | 98 +- ssh-keyscan.0 | 80 +- ssh-keyscan.1 | 102 +- ssh-keyscan.c | 38 +- ssh-keysign.c | 7 +- ssh-pkcs11-client.c | 5 +- ssh-pkcs11-helper.c | 179 +- ssh-pkcs11.c | 5 +- ssh-rsa.c | 57 +- ssh-xmss.c | 192 + ssh.0 | 50 +- ssh.1 | 57 +- ssh.c | 346 +- ssh_config.0 | 53 +- ssh_config.5 | 52 +- sshconnect.c | 197 +- sshconnect.h | 4 +- sshconnect2.c | 99 +- sshd.0 | 31 +- sshd.8 | 32 +- sshd.c | 218 +- sshd_config | 3 +- sshd_config.0 | 76 +- sshd_config.5 | 74 +- sshkey-xmss.c | 1055 ++++ sshkey-xmss.h | 56 + sshkey.c | 771 ++- sshkey.h | 45 +- sshpty.c | 25 - ttymodes.c | 13 +- umac.c | 194 +- umac128.c | 10 + version.h | 4 +- xmss_commons.c | 36 + xmss_commons.h | 21 + xmss_fast.c | 1106 ++++ xmss_fast.h | 111 + xmss_hash.c | 140 + xmss_hash.h | 22 + xmss_hash_address.c | 66 + xmss_hash_address.h | 40 + xmss_wots.c | 192 + xmss_wots.h | 64 + 233 files changed, 14924 insertions(+), 7925 deletions(-) create mode 100644 .depend delete mode 100644 blocks.c delete mode 100755 fixprogs delete mode 100644 openbsd-compat/bsd-cray.c delete mode 100644 openbsd-compat/bsd-cray.h create mode 100644 openbsd-compat/bsd-flock.c create mode 100644 openbsd-compat/bsd-signal.c create mode 100644 openbsd-compat/bsd-signal.h rename openbsd-compat/{port-tun.c => port-net.c} (77%) rename openbsd-compat/{port-tun.h => port-net.h} (74%) create mode 100644 openbsd-compat/strndup.c create mode 100644 regress/connect-uri.sh create mode 100644 regress/scp-uri.sh create mode 100644 regress/sftp-uri.sh create mode 100644 regress/unittests/authopt/testdata/all_permit.cert create mode 100644 regress/unittests/authopt/testdata/bad_sourceaddr.cert create mode 100644 regress/unittests/authopt/testdata/force_command.cert create mode 100644 regress/unittests/authopt/testdata/host.cert create mode 100644 regress/unittests/authopt/testdata/mktestdata.sh create mode 100644 regress/unittests/authopt/testdata/no_agentfwd.cert create mode 100644 regress/unittests/authopt/testdata/no_permit.cert create mode 100644 regress/unittests/authopt/testdata/no_portfwd.cert create mode 100644 regress/unittests/authopt/testdata/no_pty.cert create mode 100644 regress/unittests/authopt/testdata/no_user_rc.cert create mode 100644 regress/unittests/authopt/testdata/no_x11fwd.cert create mode 100644 regress/unittests/authopt/testdata/only_agentfwd.cert create mode 100644 regress/unittests/authopt/testdata/only_portfwd.cert create mode 100644 regress/unittests/authopt/testdata/only_pty.cert create mode 100644 regress/unittests/authopt/testdata/only_user_rc.cert create mode 100644 regress/unittests/authopt/testdata/only_x11fwd.cert create mode 100644 regress/unittests/authopt/testdata/sourceaddr.cert create mode 100644 regress/unittests/authopt/testdata/unknown_critical.cert create mode 100644 regress/unittests/authopt/tests.c create mode 100644 ssh-xmss.c create mode 100644 sshkey-xmss.c create mode 100644 sshkey-xmss.h create mode 100644 umac128.c create mode 100644 xmss_commons.c create mode 100644 xmss_commons.h create mode 100644 xmss_fast.c create mode 100644 xmss_fast.h create mode 100644 xmss_hash.c create mode 100644 xmss_hash.h create mode 100644 xmss_hash_address.c create mode 100644 xmss_hash_address.h create mode 100644 xmss_wots.c create mode 100644 xmss_wots.h diff --git a/.depend b/.depend new file mode 100644 index 000000000000..0893a87ab026 --- /dev/null +++ b/.depend @@ -0,0 +1,182 @@ +# DO NOT DELETE + +addrmatch.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h match.h log.h +atomicio.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h atomicio.h +audit-bsm.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +audit-linux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +audit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +auth-bsdauth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +auth-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h ssh.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h misc.h servconf.h uidswap.h key.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h +auth-options.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h log.h misc.h sshkey.h match.h ssh2.h auth-options.h +auth-pam.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +auth-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h misc.h servconf.h key.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h +auth-rhosts.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h uidswap.h pathnames.h log.h misc.h key.h sshkey.h servconf.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h +auth-shadow.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +auth-sia.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +auth-skey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h match.h groupaccess.h log.h misc.h servconf.h key.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h canohost.h uidswap.h packet.h openbsd-compat/sys-queue.h +auth.o: dispatch.h opacket.h authfile.h monitor_wrap.h ssherr.h compat.h channels.h +auth2-chall.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h ssh2.h key.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h misc.h servconf.h +auth2-gss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +auth2-hostbased.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h canohost.h +auth2-hostbased.o: monitor_wrap.h pathnames.h ssherr.h match.h +auth2-kbdint.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h key.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h log.h misc.h servconf.h +auth2-none.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h atomicio.h xmalloc.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h misc.h servconf.h compat.h ssh2.h ssherr.h +auth2-none.o: monitor_wrap.h +auth2-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h ssherr.h log.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h monitor_wrap.h misc.h servconf.h +auth2-pubkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h ssh.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h uidswap.h +auth2-pubkey.o: auth-options.h canohost.h monitor_wrap.h authfile.h match.h ssherr.h channels.h session.h +auth2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h atomicio.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h misc.h servconf.h compat.h key.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h +auth2.o: monitor_wrap.h ssherr.h +authfd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h ssh.h sshkey.h authfd.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h compat.h log.h atomicio.h misc.h ssherr.h +authfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h ssh.h log.h authfile.h misc.h atomicio.h sshkey.h ssherr.h krl.h +bitmap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h bitmap.h +bufaux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h ssherr.h +bufbn.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +bufec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h ssherr.h +buffer.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h ssherr.h +canohost.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h canohost.h misc.h +chacha.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h chacha.h +channels.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h ssherr.h packet.h dispatch.h opacket.h log.h misc.h channels.h compat.h canohost.h key.h sshkey.h authfd.h pathnames.h +cipher-aes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/openssl-compat.h +cipher-aesctr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h cipher-aesctr.h rijndael.h +cipher-chachapoly.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h ssherr.h cipher-chachapoly.h chacha.h poly1305.h +cipher-ctr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +cipher.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h misc.h ssherr.h digest.h openbsd-compat/openssl-compat.h +cleanup.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h +clientloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h packet.h dispatch.h opacket.h compat.h channels.h key.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h +clientloop.o: kex.h mac.h myproposal.h log.h misc.h readconf.h clientloop.h sshconnect.h authfd.h atomicio.h sshpty.h match.h msg.h ssherr.h hostfile.h +compat.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h compat.h log.h match.h kex.h mac.h key.h sshkey.h +crc32.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h crc32.h +dh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +digest-libc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssherr.h digest.h +digest-openssl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +dispatch.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssh2.h log.h dispatch.h packet.h openbsd-compat/sys-queue.h opacket.h compat.h ssherr.h +dns.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h sshkey.h ssherr.h dns.h log.h digest.h +ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h crypto_api.h ge25519.h fe25519.h sc25519.h +entropy.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +fatal.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h +fe25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h fe25519.h crypto_api.h +ge25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h fe25519.h crypto_api.h sc25519.h ge25519.h ge25519_base.data +groupaccess.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h groupaccess.h match.h log.h +gss-genr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +gss-serv-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +gss-serv.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +hash.o: crypto_api.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h digest.h log.h ssherr.h +hmac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h digest.h hmac.h +hostfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h match.h sshkey.h hostfile.h log.h misc.h ssherr.h digest.h hmac.h +kex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h key.h log.h match.h misc.h +kex.o: monitor.h ssherr.h digest.h +kexc25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssh2.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h key.h log.h digest.h ssherr.h +kexc25519c.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h key.h log.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h ssh2.h digest.h ssherr.h +kexc25519s.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h kex.h mac.h key.h log.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h ssh2.h ssherr.h +kexdh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +kexdhc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +kexdhs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +kexecdh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +kexecdhc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +kexecdhs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +kexgex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +kexgexc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +kexgexs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +key.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h key.h sshkey.h compat.h ssherr.h log.h authfile.h +krl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h ssherr.h sshkey.h authfile.h misc.h log.h digest.h bitmap.h krl.h +log.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h +loginrec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h key.h sshkey.h hostfile.h ssh.h loginrec.h log.h atomicio.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h canohost.h auth.h auth-pam.h audit.h +logintest.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h loginrec.h +mac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h digest.h hmac.h umac.h mac.h misc.h ssherr.h openbsd-compat/openssl-compat.h +match.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h match.h misc.h +md5crypt.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h misc.h log.h ssh.h ssherr.h uidswap.h +moduli.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +monitor.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h atomicio.h xmalloc.h ssh.h key.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h cipher.h cipher-chachapoly.h chacha.h poly1305.h +monitor.o: cipher-aesctr.h rijndael.h kex.h mac.h dh.h packet.h dispatch.h opacket.h auth-options.h sshpty.h channels.h session.h sshlogin.h canohost.h log.h misc.h servconf.h monitor.h monitor_wrap.h monitor_fdpass.h compat.h ssh2.h authfd.h match.h ssherr.h +monitor_fdpass.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h monitor_fdpass.h +monitor_wrap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssh.h key.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h hostfile.h auth.h auth-pam.h audit.h +monitor_wrap.o: loginrec.h auth-options.h packet.h dispatch.h opacket.h log.h monitor.h monitor_wrap.h atomicio.h monitor_fdpass.h misc.h channels.h session.h servconf.h ssherr.h +msg.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssherr.h log.h atomicio.h msg.h misc.h +mux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h log.h ssh.h ssh2.h pathnames.h misc.h match.h channels.h msg.h packet.h dispatch.h opacket.h monitor_fdpass.h sshpty.h key.h sshkey.h readconf.h clientloop.h +mux.o: ssherr.h +nchan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h ssh2.h ssherr.h packet.h dispatch.h opacket.h channels.h compat.h log.h +opacket.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssherr.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h +packet.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h key.h sshkey.h xmalloc.h crc32.h compat.h ssh2.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h digest.h log.h canohost.h misc.h +packet.o: channels.h ssh.h packet.h dispatch.h opacket.h ssherr.h +platform-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +platform-pledge.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +platform-tracing.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h +platform.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h misc.h servconf.h key.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h +poly1305.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h poly1305.h +progressmeter.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h progressmeter.h atomicio.h misc.h +readconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/glob.h xmalloc.h ssh.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h pathnames.h log.h sshkey.h misc.h readconf.h match.h kex.h mac.h key.h +readconf.o: uidswap.h myproposal.h digest.h +readpass.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h misc.h pathnames.h log.h ssh.h uidswap.h +rijndael.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h rijndael.h +sandbox-capsicum.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +sandbox-darwin.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +sandbox-null.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +sandbox-pledge.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +sandbox-rlimit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +sandbox-seccomp-filter.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +sandbox-solaris.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +sandbox-systrace.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +sc25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h sc25519.h crypto_api.h +scp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h ssh.h atomicio.h pathnames.h log.h misc.h progressmeter.h utf8.h +servconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssh.h log.h misc.h servconf.h compat.h pathnames.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h key.h sshkey.h kex.h mac.h +servconf.o: match.h channels.h groupaccess.h canohost.h packet.h dispatch.h opacket.h hostfile.h auth.h auth-pam.h audit.h loginrec.h myproposal.h digest.h +serverloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h packet.h dispatch.h opacket.h log.h misc.h servconf.h canohost.h sshpty.h channels.h compat.h ssh2.h key.h sshkey.h cipher.h cipher-chachapoly.h chacha.h +serverloop.o: poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h hostfile.h auth.h auth-pam.h audit.h loginrec.h session.h auth-options.h serverloop.h ssherr.h +session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h opacket.h match.h uidswap.h compat.h channels.h key.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h +session.o: cipher-aesctr.h rijndael.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfd.h pathnames.h log.h misc.h servconf.h sshlogin.h serverloop.h canohost.h session.h kex.h mac.h monitor_wrap.h sftp.h atomicio.h +sftp-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h log.h atomicio.h progressmeter.h misc.h utf8.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h +sftp-common.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h ssherr.h log.h misc.h sftp.h sftp-common.h +sftp-glob.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h +sftp-server-main.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h sftp.h misc.h xmalloc.h +sftp-server.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h ssherr.h log.h misc.h match.h uidswap.h sftp.h sftp-common.h +sftp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h log.h pathnames.h misc.h utf8.h sftp.h ssherr.h sftp-common.h sftp-client.h openbsd-compat/glob.h +ssh-add.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/openssl-compat.h xmalloc.h ssh.h log.h sshkey.h authfd.h authfile.h pathnames.h misc.h ssherr.h digest.h +ssh-agent.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshkey.h authfd.h compat.h log.h misc.h digest.h ssherr.h match.h +ssh-dss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +ssh-ecdsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +ssh-ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h crypto_api.h log.h sshkey.h ssherr.h ssh.h +ssh-keygen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h sshkey.h authfile.h uuencode.h pathnames.h log.h misc.h match.h hostfile.h dns.h ssh.h ssh2.h ssherr.h ssh-pkcs11.h atomicio.h krl.h digest.h utf8.h authfd.h +ssh-keyscan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h key.h compat.h myproposal.h packet.h dispatch.h +ssh-keyscan.o: opacket.h log.h atomicio.h misc.h hostfile.h ssherr.h ssh_api.h ssh2.h dns.h +ssh-keysign.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h log.h sshkey.h ssh.h ssh2.h misc.h authfile.h msg.h canohost.h pathnames.h readconf.h uidswap.h ssherr.h +ssh-pkcs11-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +ssh-pkcs11-helper.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h log.h misc.h sshkey.h authfd.h ssh-pkcs11.h ssherr.h +ssh-pkcs11.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +ssh-rsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +ssh-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +ssh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/openssl-compat.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h canohost.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h packet.h +ssh.o: dispatch.h opacket.h channels.h key.h sshkey.h authfd.h authfile.h pathnames.h clientloop.h log.h misc.h readconf.h sshconnect.h kex.h mac.h sshpty.h match.h msg.h uidswap.h version.h ssherr.h myproposal.h utf8.h +ssh_api.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssh_api.h openbsd-compat/sys-queue.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h key.h ssh.h ssh2.h packet.h dispatch.h opacket.h compat.h +ssh_api.o: log.h authfile.h misc.h version.h myproposal.h ssherr.h +sshbuf-getput-basic.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssherr.h +sshbuf-getput-crypto.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssherr.h +sshbuf-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssherr.h +sshbuf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssherr.h misc.h +sshconnect.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h key.h sshkey.h hostfile.h ssh.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h uidswap.h compat.h sshconnect.h log.h misc.h readconf.h atomicio.h dns.h monitor_fdpass.h +sshconnect.o: ssh2.h version.h authfile.h ssherr.h authfd.h +sshconnect2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h packet.h dispatch.h opacket.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h key.h sshkey.h kex.h mac.h +sshconnect2.o: myproposal.h sshconnect.h authfile.h dh.h authfd.h log.h misc.h readconf.h match.h canohost.h msg.h pathnames.h uidswap.h hostfile.h ssherr.h utf8.h +sshd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h opacket.h log.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h +sshd.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h key.h sshkey.h kex.h mac.h myproposal.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h ssh-sandbox.h auth-options.h version.h ssherr.h +ssherr.o: ssherr.h +sshkey-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +sshkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h crypto_api.h ssh2.h ssherr.h misc.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h sshkey-xmss.h match.h xmss_fast.h +sshlogin.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h loginrec.h log.h misc.h servconf.h +sshpty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h sshpty.h log.h misc.h +sshtty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h sshpty.h +ttymodes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h compat.h ttymodes.h +uidswap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h uidswap.h xmalloc.h +umac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h umac.h misc.h rijndael.h +umac128.o: umac.c includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h umac.h misc.h rijndael.h +utf8.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h utf8.h +uuencode.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h uuencode.h +verify.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h crypto_api.h +xmalloc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h log.h +xmss_commons.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +xmss_fast.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +xmss_hash.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +xmss_hash_address.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h +xmss_wots.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h diff --git a/.skipped-commit-ids b/.skipped-commit-ids index 7c03c9db827a..b51baf90d75c 100644 --- a/.skipped-commit-ids +++ b/.skipped-commit-ids @@ -1,3 +1,10 @@ +5317f294d63a876bfc861e19773b1575f96f027d remove libssh from makefiles +a337e886a49f96701ccbc4832bed086a68abfa85 Makefile changes +f2c9feb26963615c4fece921906cf72e248b61ee more Makefile +fa728823ba21c4b45212750e1d3a4b2086fd1a62 more Makefile refactoring + +Old upstream tree: + 321065a95a7ccebdd5fd08482a1e19afbf524e35 Update DH groups d4f699a421504df35254cf1c6f1a7c304fb907ca Remove 1k bit groups aafe246655b53b52bc32c8a24002bc262f4230f7 Remove intermediate moduli diff --git a/ChangeLog b/ChangeLog index e008ec9f383f..bb729917c333 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,2689 @@ +commit a0349a1cc4a18967ad1dbff5389bcdf9da098814 +Author: Damien Miller +Date: Mon Apr 2 15:38:28 2018 +1000 + + update versions in .spec files + +commit 816ad38f79792f5617e3913be306ddb27e91091c +Author: Damien Miller +Date: Mon Apr 2 15:38:20 2018 +1000 + + update version number + +commit 2c71ca1dd1efe458cb7dee3f8a1a566f913182c2 +Author: Darren Tucker +Date: Fri Mar 30 18:23:07 2018 +1100 + + Disable native strndup and strnlen on AIX. + + On at least some revisions of AIX, strndup returns unterminated strings + under some conditions, apparently because strnlen returns incorrect + values in those cases. Disable both on AIX and use the replacements + from openbsd-compat. Fixes problem with ECDSA keys there, ok djm. + +commit 6b5a17bc14e896e3904dc58d889b58934cfacd24 +Author: Darren Tucker +Date: Mon Mar 26 13:12:44 2018 +1100 + + Include ssh_api.h for struct ssh. + + struct ssh is needed by implementations of sys_auth_passwd() that were + converted in commit bba02a50. Needed to fix build on AIX, I assume for + the other platforms too (although it should be harmless if not needed). + +commit bc3f80e4d191b8e48650045dfa8a682cd3aabd4d +Author: Darren Tucker +Date: Mon Mar 26 12:58:09 2018 +1100 + + Remove UNICOS code missed during removal. + + Fixes compile error on AIX. + +commit 9d57762c24882e2f000a21a0ffc8c5908a1fa738 +Author: markus@openbsd.org +Date: Sat Mar 24 19:29:03 2018 +0000 + + upstream: openssh-7.7 + + OpenBSD-Commit-ID: 274e614352460b9802c905f38fb5ea7ed5db3d41 + +commit 4b7d8acdbbceef247dc035e611e577174ed8a87e +Author: Damien Miller +Date: Mon Mar 26 09:37:02 2018 +1100 + + Remove authinfo.sh test dependency on printenv + + Some platforms lack printenv in the default $PATH. + Reported by Tom G. Christensen + +commit 4afeaf3dcb7dc70efd98fcfcb0ed28a6b40b820e +Author: Tim Rice +Date: Sun Mar 25 10:00:21 2018 -0700 + + Use libiaf on all sysv5 systems + +commit bba02a5094b3db228ceac41cb4bfca165d0735f3 +Author: Tim Rice +Date: Sun Mar 25 09:17:33 2018 -0700 + + modified: auth-sia.c + modified: openbsd-compat/port-aix.c + modified: openbsd-compat/port-uw.c + + propogate changes to auth-passwd.c in commit + 7c856857607112a3dfe6414696bf4c7ab7fb0cb3 to other providers + of sys_auth_passwd() + +commit d7a7a39168bdfe273587bf85d779d60569100a3f +Author: markus@openbsd.org +Date: Sat Mar 24 19:29:03 2018 +0000 + + upstream: openssh-7.7 + + OpenBSD-Commit-ID: 274e614352460b9802c905f38fb5ea7ed5db3d41 + +commit 9efcaaac314c611c6c0326e8bac5b486c424bbd2 +Author: markus@openbsd.org +Date: Sat Mar 24 19:28:43 2018 +0000 + + upstream: fix bogus warning when signing cert keys using agent; + + from djm; ok deraadt dtucker + + OpenBSD-Commit-ID: 12e50836ba2040042383a8b71e12d7ea06e9633d + +commit 393436024d2e4b4c7a01f9cfa5854e7437896d11 +Author: Darren Tucker +Date: Sun Mar 25 09:40:46 2018 +1100 + + Replace /dev/stdin with "-". + + For some reason sftp -b doesn't work with /dev/stdin on Cygwin, as noted + and suggested by vinschen at redhat.com. + +commit b5974de1a1d419e316ffb6524b1b277dda2f3b49 +Author: Darren Tucker +Date: Fri Mar 23 13:21:14 2018 +1100 + + Provide $OBJ to paths in PuTTY interop tests. + +commit dc31e79454e9b9140b33ad380565fdb59b9c4f33 +Author: dtucker@openbsd.org +Date: Fri Mar 16 09:06:31 2018 +0000 + + upstream: Tell puttygen to use /dev/urandom instead of /dev/random. On + + OpenBSD they are both non-blocking, but on many other -portable platforms it + blocks, stalling tests. + + OpenBSD-Regress-ID: 397d0d4c719c353f24d79f5b14775e0cfdf0e1cc + +commit cb1f94431ef319cd48618b8b771b58739a8210cf +Author: markus@openbsd.org +Date: Thu Mar 22 07:06:11 2018 +0000 + + upstream: ssh/xmss: fix build; ok djm@ + + OpenBSD-Commit-ID: c9374ca41d4497f1c673ab681cc33f6e7c5dd186 + +commit 27979da9e4074322611355598f69175b9ff10d39 +Author: markus@openbsd.org +Date: Thu Mar 22 07:05:48 2018 +0000 + + upstream: ssh/xmss: fix deserialize for certs; ok djm@ + + OpenBSD-Commit-ID: f44c41636c16ec83502039828beaf521c057dddc + +commit c6cb2565c9285eb54fa9dfbb3890f5464aff410f +Author: Darren Tucker +Date: Thu Mar 22 17:00:28 2018 +1100 + + Save $? before case statement. + + In some shells (FreeBSD 9, ash) the case statement resets $?, so save + for later testing. + +commit 4c4e7f783b43b264c247233acb887ee10ed4ce4d +Author: djm@openbsd.org +Date: Wed Mar 14 05:35:40 2018 +0000 + + upstream: rename recently-added "valid-before" key restriction to + + "expiry-time" as the former is confusing wrt similar terminology in X.509; + pointed out by jsing@ + + OpenBSD-Regress-ID: ac8b41dbfd90cffd525d58350c327195b0937793 + +commit 500396b204c58e78ad9d081516a365a9f28dc3fd +Author: djm@openbsd.org +Date: Mon Mar 12 00:56:03 2018 +0000 + + upstream: check valid-before option in authorized_keys + + OpenBSD-Regress-ID: 7e1e4a84f7f099a290e5a4cbf4196f90ff2d7e11 + +commit a76b5d26c2a51d7dd7a5164e683ab3f4419be215 +Author: djm@openbsd.org +Date: Mon Mar 12 00:54:04 2018 +0000 + + upstream: explicitly specify RSA/SHA-2 keytype here too + + OpenBSD-Regress-ID: 74d7b24e8c72c27af6b481198344eb077e993a62 + +commit 3a43297ce29d37c64e37c7e21282cb219e28d3d1 +Author: djm@openbsd.org +Date: Mon Mar 12 00:52:57 2018 +0000 + + upstream: exlicitly include RSA/SHA-2 keytypes in + + PubkeyAcceptedKeyTypes here + + OpenBSD-Regress-ID: 954d19e0032a74e31697fb1dc7e7d3d1b2d65fe9 + +commit 037fdc1dc2d68e1d43f9c9e2586c02cabc8f7cc8 +Author: jmc@openbsd.org +Date: Wed Mar 14 06:56:20 2018 +0000 + + upstream: sort expiry-time; + + OpenBSD-Commit-ID: 8c7d82ee1e63e26ceb2b3d3a16514019f984f6bf + +commit abc0fa38c9bc136871f28e452c3465c3051fc785 +Author: djm@openbsd.org +Date: Wed Mar 14 05:35:40 2018 +0000 + + upstream: rename recently-added "valid-before" key restriction to + + "expiry-time" as the former is confusing wrt similar terminology in X.509; + pointed out by jsing@ + + OpenBSD-Commit-ID: 376939466a1f562f3950a22314bc6505733aaae6 + +commit bf0fbf2b11a44f06a64b620af7d01ff171c28e13 +Author: djm@openbsd.org +Date: Mon Mar 12 00:52:01 2018 +0000 + + upstream: add valid-before="[time]" authorized_keys option. A + + simple way of giving a key an expiry date. ok markus@ + + OpenBSD-Commit-ID: 1793b4dd5184fa87f42ed33c7b0f4f02bc877947 + +commit fbd733ab7adc907118a6cf56c08ed90c7000043f +Author: Darren Tucker +Date: Mon Mar 12 19:17:26 2018 +1100 + + Add AC_LANG_PROGRAM to AC_COMPILE_IFELSE. + + The recently added MIPS ABI tests need AC_LANG_PROGRAM to prevent + warnings from autoconf. Pointed out by klausz at haus-gisela.de. + +commit c7c458e8261b04d161763cd333d74e7a5842e917 +Author: djm@openbsd.org +Date: Wed Mar 7 23:53:08 2018 +0000 + + upstream: revert recent strdelim() change, it causes problems with + + some configs. + + revision 1.124 + date: 2018/03/02 03:02:11; author: djm; state: Exp; lines: +19 -8; commitid: nNRsCijZiGG6SUTT; + Allow escaped quotes \" and \' in ssh_config and sshd_config quotes + option strings. bz#1596 ok markus@ + + OpenBSD-Commit-ID: 59c40b1b81206d713c06b49d8477402c86babda5 + +commit 0bcd871ccdf3baf2b642509ba4773d5be067cfa2 +Author: jmc@openbsd.org +Date: Mon Mar 5 07:03:18 2018 +0000 + + upstream: move the input format details to -f; remove the output + + format details and point to sshd(8), where it is documented; + + ok dtucker + + OpenBSD-Commit-ID: 95f17e47dae02a6ac7329708c8c893d4cad0004a + +commit 45011511a09e03493568506ce32f4891a174a3bd +Author: Vicente Olivert Riera +Date: Tue Jun 20 16:42:28 2017 +0100 + + configure.ac: properly set seccomp_audit_arch for MIPS64 + + Currently seccomp_audit_arch is set to AUDIT_ARCH_MIPS64 or + AUDIT_ARCH_MIPSEL64 (depending on the endinness) when openssh is built + for MIPS64. However, that's only valid for n64 ABI. The right macros for + n32 ABI defined in seccomp.h are AUDIT_ARCH_MIPS64N32 and + AUDIT_ARCH_MIPSEL64N32, for big and little endian respectively. + + Because of that an sshd built for MIPS64 n32 rejects connection attempts + and the output of strace reveals that the problem is related to seccomp + audit: + + [pid 194] prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, {len=57, + filter=0x555d5da0}) = 0 + [pid 194] write(7, "\0\0\0]\0\0\0\5\0\0\0Ulist_hostkey_types: "..., 97) = ? + [pid 193] <... poll resumed> ) = 2 ([{fd=5, revents=POLLIN|POLLHUP}, + {fd=6, revents=POLLHUP}]) + [pid 194] +++ killed by SIGSYS +++ + + This patch fixes that problem by setting the right value to + seccomp_audit_arch taking into account the MIPS64 ABI. + + Signed-off-by: Vicente Olivert Riera + +commit 580086704c31de91dc7ba040a28e416bf1fefbca +Author: Vicente Olivert Riera +Date: Tue Jun 20 16:42:11 2017 +0100 + + configure.ac: detect MIPS ABI + + Signed-off-by: Vicente Olivert Riera + +commit cd4e937aa701f70366cd5b5969af525dff6fdf15 +Author: Alan Yee +Date: Wed Mar 7 15:12:14 2018 -0800 + + Use https URLs for links that support it. + +commit c0a0c3fc4a76b682db22146b28ddc46566db1ce9 +Author: Darren Tucker +Date: Mon Mar 5 20:03:07 2018 +1100 + + Disable UTMPX on SunOS4. + +commit 58fd4c5c0140f6636227ca7acbb149ab0c2509b9 +Author: Darren Tucker +Date: Mon Mar 5 19:28:08 2018 +1100 + + Check for and work around buggy fflush(NULL). + + Some really old platforms (eg SunOS4) segfault on fflush(NULL) so check + for and work around. With klausz at haus-gisela.de. + +commit 71e48bc7945f867029e50e06c665c66aed6d3c64 +Author: Darren Tucker +Date: Mon Mar 5 10:22:32 2018 +1100 + + Remove extra XMSS #endif + + Extra #endif breaks compile with -DWITH_XMSS. Pointed out by Jack + Schmidt via github. + +commit 055e09e2212ff52067786bf6d794ca9512ff7f0c +Author: dtucker@openbsd.org +Date: Sat Mar 3 06:37:53 2018 +0000 + + upstream: Update RSA minimum modulus size to 1024. sshkey.h rev 1.18 + + bumped the minimum from 768 to 1024, update man page accordingly. + + OpenBSD-Commit-ID: 27563ab4e866cd2aac40a5247876f6787c08a338 + +commit 7e4fadd3248d6bb7d39d6688c76a613d35d2efc1 +Author: djm@openbsd.org +Date: Sun Mar 4 01:46:48 2018 +0000 + + upstream: for the pty control tests, just check that the PTY path + + points to something in /dev (rather than checking the device node itself); + makes life easier for portable, where systems with dynamic ptys can delete + nodes before we get around to testing their existence. + + OpenBSD-Regress-ID: b1e455b821e62572bccd98102f8dd9d09bb94994 + +commit 13ef4cf53f24753fe920832b990b25c9c9cd0530 +Author: Darren Tucker +Date: Sat Mar 3 16:21:20 2018 +1100 + + Update PAM password change to new opts API. + +commit 33561e68e0b27366cb769295a077aabc6a49d2a1 +Author: Darren Tucker +Date: Sat Mar 3 14:56:09 2018 +1100 + + Add strndup for platforms that need it. + + Some platforms don't have strndup, which includes Solaris 10, NetBSD 3 + and FreeBSD 6. + +commit e8a17feba95eef424303fb94441008f6c5347aaf +Author: Darren Tucker +Date: Sat Mar 3 14:49:07 2018 +1100 + + Flatten and alphabetize object file lists. + + This will make maintenance and changes easier. "no objection" tim@ + +commit de1920d743d295f50e6905e5957c4172c038e8eb +Author: djm@openbsd.org +Date: Sat Mar 3 03:16:17 2018 +0000 + + upstream: unit tests for new authorized_keys options API + + OpenBSD-Regress-ID: 820f9ec9c6301f6ca330ad4052d85f0e67d0bdc1 + +commit dc3e92df17556dc5b0ab19cee8dcb2a6ba348717 +Author: djm@openbsd.org +Date: Fri Mar 2 02:53:27 2018 +0000 + + upstream: fix testing of pty option, include positive test and + + testing of restrict keyword + + OpenBSD-Regress-ID: 4268f27c2706a0a95e725d9518c5bcbec9814c6d + +commit 3d1edd1ebbc0aabea8bbe61903060f37137f7c61 +Author: djm@openbsd.org +Date: Fri Mar 2 02:51:55 2018 +0000 + + upstream: better testing for port-forwarding and restrict flags in + + authorized_keys + + OpenBSD-Regress-ID: ee771df8955f2735df54746872c6228aff381daa + +commit 7c856857607112a3dfe6414696bf4c7ab7fb0cb3 +Author: djm@openbsd.org +Date: Sat Mar 3 03:15:51 2018 +0000 + + upstream: switch over to the new authorized_keys options API and + + remove the legacy one. + + Includes a fairly big refactor of auth2-pubkey.c to retain less state + between key file lines. + + feedback and ok markus@ + + OpenBSD-Commit-ID: dece6cae0f47751b9892080eb13d6625599573df + +commit 90c4bec8b5f9ec4c003ae4abdf13fc7766f00c8b +Author: djm@openbsd.org +Date: Sat Mar 3 03:06:02 2018 +0000 + + upstream: Introduce a new API for handling authorized_keys options. + + This API parses options to a dedicated structure rather than the old API's + approach of setting global state. It also includes support for merging + options, e.g. from authorized_keys, authorized_principals and/or + certificates. + + feedback and ok markus@ + + OpenBSD-Commit-ID: 98badda102cd575210d7802943e93a34232c80a2 + +commit 26074380767e639ef89321610e146ae11016b385 +Author: djm@openbsd.org +Date: Sat Mar 3 03:01:50 2018 +0000 + + upstream: warn when the agent returns a signature type that was + + different to what was requested. This might happen when an old/non-OpenSSH + agent is asked to make a rsa-sha2-256/512 signature but only supports + ssh-rsa. bz#2799 feedback and ok markus@ + + OpenBSD-Commit-ID: 760c0f9438c5c58abc16b5f98008ff2d95cb13ce + +commit f493d2b0b66fb003ed29f31dd66ff1aeb64be1fc +Author: jmc@openbsd.org +Date: Fri Mar 2 21:40:15 2018 +0000 + + upstream: apply a lick of paint; tweaks/ok dtucker + + OpenBSD-Commit-ID: 518a6736338045e0037f503c21027d958d05e703 + +commit 713d9cb510e0e7759398716cbe6dcf43e574be71 +Author: djm@openbsd.org +Date: Fri Mar 2 03:02:11 2018 +0000 + + upstream: Allow escaped quotes \" and \' in ssh_config and + + sshd_config quotes option strings. bz#1596 ok markus@ + + OpenBSD-Commit-ID: dd3a29fc2dc905e8780198e5a6a30b096de1a1cb + +commit 94b4e2d29afaaaef89a95289b16c18bf5627f7cd +Author: djm@openbsd.org +Date: Fri Mar 2 02:08:03 2018 +0000 + + upstream: refactor sshkey_read() to make it a little more, err, + + readable. ok markus + + OpenBSD-Commit-ID: 2e9247b5762fdac3b6335dc606d3822121714c28 + +commit 5886b92968b360623491699247caddfb77a74d80 +Author: markus@openbsd.org +Date: Thu Mar 1 20:32:16 2018 +0000 + + upstream: missing #ifdef for _PATH_HOST_XMSS_KEY_FILE; report by + + jmc@ + + OpenBSD-Commit-ID: 9039cb69a3f9886bfef096891a9e7fcbd620280b + +commit 3b36bed3d26f17f6a2b7e036e01777770fe1bcd4 +Author: dtucker@openbsd.org +Date: Mon Feb 26 12:14:53 2018 +0000 + + upstream: Remove unneeded (local) include. ok markus@ + + OpenBSD-Commit-ID: 132812dd2296b1caa8cb07d2408afc28e4e60f93 + +commit 27b9f3950e0289e225b57b7b880a8f1859dcd70b +Author: dtucker@openbsd.org +Date: Mon Feb 26 03:56:44 2018 +0000 + + upstream: Add $OpenBSD$ markers to xmss files to help keep synced + + with portable. ok djm@. + + OpenBSD-Commit-ID: 5233a27aafd1dfadad4b957225f95ae51eb365c1 + +commit afd830847a82ebbd5aeab05bad6d2c8ce74df1cd +Author: dtucker@openbsd.org +Date: Mon Feb 26 03:03:05 2018 +0000 + + upstream: Add newline at end of file to prevent compiler warnings. + + OpenBSD-Commit-ID: 52f247d4eafe840c7c14c8befa71a760a8eeb063 + +commit 941e0d3e9bb8d5e4eb70cc694441445faf037c84 +Author: Darren Tucker +Date: Wed Feb 28 19:59:35 2018 +1100 + + Add WITH_XMSS, move to prevent conflicts. + + Add #ifdef WITH_XMSS to ssh-xmss.c, move it in the other files to after + includes.h so it's less likely to conflict and will pick up WITH_XMSS if + added to config.h. + +commit a10d8552d0d2438da4ed539275abcbf557d1e7a8 +Author: Darren Tucker +Date: Tue Feb 27 14:45:17 2018 +1100 + + Conditionally compile XMSS code. + + The XMSS code is currently experimental and, unlike the rest of OpenSSH + cannot currently be compiled with a c89 compiler. + +commit 146c3bd28c8dbee9c4b06465d9c9facab96b1e9b +Author: Darren Tucker +Date: Mon Feb 26 12:51:29 2018 +1100 + + Check dlopen has RTLD_NOW before enabling pkcs11. + +commit 1323f120d06a26074c4d154fcbe7f49bcad3d741 +Author: Darren Tucker +Date: Tue Feb 27 08:41:25 2018 +1100 + + Check for attributes on prototype args. + + Some compilers (gcc 2.9.53, 3.0 and probably others, see gcc bug #3481) + do not accept __attribute__ on function pointer prototype args. Check for + this and hide them if they're not accepted. + +commit f0b245b0439e600fab782d19e97980e9f2c2533c +Author: Darren Tucker +Date: Mon Feb 26 11:43:48 2018 +1100 + + Check if HAVE_DECL_BZERO correctly. + +commit c7ef4a399155e1621a532cc5e08e6fa773658dd4 +Author: Darren Tucker +Date: Mon Feb 26 17:42:56 2018 +1100 + + Wrap in #ifdef HAVE_STDINT_H. + +commit ac53ce46cf8165cbda7f57ee045f9f32e1e92b31 +Author: Darren Tucker +Date: Mon Feb 26 16:24:23 2018 +1100 + + Replace $(CURDIR) with $(PWD). + + The former doesn't work on Solaris or BSDs. + +commit 534b2680a15d14e7e60274d5b29b812d44cc5a44 +Author: Darren Tucker +Date: Mon Feb 26 14:51:59 2018 +1100 + + Comment out hexdump(). + + Nothing currently uses them but they cause conflicts on at least + FreeBSD, possibly others. ok djm@ + +commit 5aea4aa522f61bb2f34c3055a7de203909dfae77 +Author: Darren Tucker +Date: Mon Feb 26 14:39:14 2018 +1100 + + typo: missing ; + +commit cd3ab57f9b388f8b1abf601dc4d78ff82d83b75e +Author: Darren Tucker +Date: Mon Feb 26 14:37:06 2018 +1100 + + Hook up flock() compat code. + + Also a couple of minor changes: fail if we can't lock instead of + silently succeeding, and apply a couple of minor style fixes. + +commit b087998d1ba90dd1ddb6bfdb17873dc3e7392798 +Author: Darren Tucker +Date: Mon Feb 26 14:27:02 2018 +1100 + + Import flock() compat from NetBSD. + + From NetBSD's src/trunk/tools/compat/flock.c, no OpenSSH changes yet. + +commit 89212533dde6798324e835b1499084658df4579e +Author: Darren Tucker +Date: Mon Feb 26 12:32:14 2018 +1100 + + Fix breakage when REGRESSTMP not set. + + BUILDDIR is not set where used for REGRESSTMP, use make's CURDIR + instead. Pointed out by djm@. + +commit f885474137df4b89498c0b8834c2ac72c47aa4bd +Author: Damien Miller +Date: Mon Feb 26 12:18:14 2018 +1100 + + XMSS-related files get includes.h + +commit 612faa34c72e421cdc9e63f624526bae62d557cc +Author: Damien Miller +Date: Mon Feb 26 12:17:55 2018 +1100 + + object files end with .o - not .c + +commit bda709b8e13d3eef19e69c2d1684139e3af728f5 +Author: Damien Miller +Date: Mon Feb 26 12:17:22 2018 +1100 + + avoid inclusion of deprecated selinux/flask.h + + Use string_to_security_class() instead. + +commit 2e396439365c4ca352cac222717d09b14f8a0dfd +Author: Damien Miller +Date: Mon Feb 26 11:48:27 2018 +1100 + + updatedepend + +commit 1b11ea7c58cd5c59838b5fa574cd456d6047b2d4 +Author: markus@openbsd.org +Date: Fri Feb 23 15:58:37 2018 +0000 + + upstream: Add experimental support for PQC XMSS keys (Extended + + Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS + in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See + https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok + djm@ + + OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac + +commit 7d330a1ac02076de98cfc8fda05353d57b603755 +Author: jmc@openbsd.org +Date: Fri Feb 23 07:38:09 2018 +0000 + + upstream: some cleanup for BindInterface and ssh-keyscan; + + OpenBSD-Commit-ID: 1a719ebeae22a166adf05bea5009add7075acc8c + +commit c7b5a47e3b9db9a0f0198f9c90c705f6307afc2b +Author: Darren Tucker +Date: Sun Feb 25 23:55:41 2018 +1100 + + Invert sense of getpgrp test. + + AC_FUNC_GETPGRP tests if getpgrp(0) works, which it does if it's not + declared. Instead, test if the zero-arg version we want to use works. + +commit b39593a6de5290650a01adf8699c6460570403c2 +Author: Darren Tucker +Date: Sun Feb 25 13:25:15 2018 +1100 + + Add no-op getsid implmentation. + +commit 11057564eb6ab8fd987de50c3d7f394c6f6632b7 +Author: Darren Tucker +Date: Sun Feb 25 11:22:57 2018 +1100 + + bsd-statvfs: include sys/vfs.h, check for f_flags. + +commit e9dede06e5bc582a4aeb5b1cd5a7a640d7de3609 +Author: Darren Tucker +Date: Sun Feb 25 10:20:31 2018 +1100 + + Handle calloc(0,x) where different from malloc. + + Configure assumes that if malloc(0) returns null then calloc(0,n) + also does. On some old platforms (SunOS4) malloc behaves as expected + (as determined by AC_FUNC_MALLOC) but calloc doesn't. Test for this + at configure time and activate the replacement function if found, plus + handle this case in rpl_calloc. + +commit 2eb4041493fd2635ffdc64a852d02b38c4955e0b +Author: Darren Tucker +Date: Sat Feb 24 21:06:48 2018 +1100 + + Add prototype for readv if needed. + +commit 6c8c9a615b6d31db8a87bc25033f053d5b0a831e +Author: Darren Tucker +Date: Sat Feb 24 20:46:37 2018 +1100 + + Check for raise and supply if needed. + +commit a9004425a032d7a7141a5437cfabfd02431e2a74 +Author: Darren Tucker +Date: Sat Feb 24 20:25:22 2018 +1100 + + Check for bzero and supply if needed. + + Since explicit_bzero uses it via an indirect it needs to be a function + not just a macro. + +commit 1a348359e4d2876203b5255941bae348557f4f54 +Author: djm@openbsd.org +Date: Fri Feb 23 05:14:05 2018 +0000 + + upstream: Add ssh-keyscan -D option to make it print its results in + + SSHFP format bz#2821, ok dtucker@ + + OpenBSD-Commit-ID: 831446b582e0f298ca15c9d99c415c899e392221 + +commit 3e19fb976a47b44b3d7c4f8355269f7f2c5dd82c +Author: dtucker@openbsd.org +Date: Fri Feb 23 04:18:46 2018 +0000 + + upstream: Add missing braces. + + Caught by the tinderbox's -Werror=misleading-indentation, ok djm@ + + OpenBSD-Commit-ID: d44656af594c3b2366eb87d6abcef83e1c88a6ca + +commit b59162da99399d89bd57f71c170c0003c55b1583 +Author: Darren Tucker +Date: Fri Feb 23 15:20:42 2018 +1100 + + Check for ifaddrs.h for BindInterface. + + BindInterface required getifaddr and friends so disable if not available + (eg Solaris 10). We should be able to add support for some systems with + a bit more work but this gets the building again. + +commit a8dd6fe0aa10b6866830b4688a73ef966f0aed88 +Author: Damien Miller +Date: Fri Feb 23 14:19:11 2018 +1100 + + space before tab in previous + +commit b5e9263c7704247f9624c8f5c458e9181fcdbc09 +Author: dtucker@openbsd.org +Date: Fri Feb 9 03:40:22 2018 +0000 + + upstream: Replace fatal with exit in the case that we do not have + + $SUDO set. Prevents test failures when neither sudo nor doas are configured. + + OpenBSD-Regress-ID: 6a0464decc4f8ac7d6eded556a032b0fc521bc7b + +commit 3e9d3192ad43758ef761c5b0aa3ac5ccf8121ef2 +Author: Darren Tucker +Date: Fri Feb 23 14:10:53 2018 +1100 + + Use portable syntax for REGRESSTMP. + +commit 73282b61187883a2b2bb48e087fdda1d751d6059 +Author: djm@openbsd.org +Date: Fri Feb 23 03:03:00 2018 +0000 + + upstream: unbreak interop test after SSHv1 purge; patch from Colin + + Watson via bz#2823 + + OpenBSD-Regress-ID: 807d30a597756ed6612bdf46dfebca74f49cb31a + +commit f8985dde5f46aedade0373365cbf86ed3f1aead2 +Author: dtucker@openbsd.org +Date: Fri Feb 9 03:42:57 2018 +0000 + + upstream: Skip sftp-chroot test when SUDO not set instead of + + fatal(). + + OpenBSD-Regress-ID: cd4b5f1109b0dc09af4e5ea7d4968c43fbcbde88 + +commit df88551c02d4e3445c44ff67ba8757cff718609a +Author: dtucker@openbsd.org +Date: Fri Feb 9 03:40:22 2018 +0000 + + upstream: Replace fatal with exit in the case that we do not have + + $SUDO set. Prevents test failures when neither sudo nor doas are configured. + + OpenBSD-Regress-ID: 6a0464decc4f8ac7d6eded556a032b0fc521bc7b + +commit 3b252c20b19f093e87363de197f1100b79705dd3 +Author: djm@openbsd.org +Date: Thu Feb 8 08:46:20 2018 +0000 + + upstream: some helpers to check verbose/quiet mode + + OpenBSD-Regress-ID: e736aac39e563f5360a0935080a71d5fdcb976de + +commit ac2e3026bbee1367e4cda34765d1106099be3287 +Author: djm@openbsd.org +Date: Fri Feb 23 02:34:33 2018 +0000 + + upstream: Add BindInterface ssh_config directive and -B + + command-line argument to ssh(1) that directs it to bind its outgoing + connection to the address of the specified network interface. + + BindInterface prefers to use addresses that aren't loopback or link- + local, but will fall back to those if no other addresses of the + required family are available on that interface. + + Based on patch by Mike Manning in bz#2820, ok dtucker@ + + OpenBSD-Commit-ID: c5064d285c2851f773dd736a2c342aa384fbf713 + +commit fcdb9d777839a3fa034b3bc3067ba8c1f6886679 +Author: djm@openbsd.org +Date: Mon Feb 19 00:55:02 2018 +0000 + + upstream: emphasise that the hostkey rotation may send key types + + that the client may not support, and that the client should simply disregard + such keys (this is what ssh does already). + + OpenBSD-Commit-ID: 65f8ffbc32ac8d12be8f913d7c0ea55bef8622bf + +commit ce066f688dc166506c082dac41ca686066e3de5f +Author: Darren Tucker +Date: Thu Feb 22 20:45:09 2018 +1100 + + Add headers for sys/audit.h. + + On some older platforms (at least sunos4, probably others) sys/audit.h + requires some other headers. Patch from klausz at haus-gisela.de. + +commit 3fd2d2291a695c96a54269deae079bacce6e3fb9 +Author: Darren Tucker +Date: Mon Feb 19 18:37:40 2018 +1100 + + Add REGRESSTMP make var override. + + Defaults to original location ($srcdir/regress) but allows overriding + if desired, eg a directory in /tmp. + +commit f8338428588f3ecb5243c86336eccaa28809f97e +Author: Darren Tucker +Date: Sun Feb 18 15:53:15 2018 +1100 + + Remove now-unused check for getrusage. + + getrusage was used in ssh-rand-helper but that's now long gone. + Patch from klauszh at haus-gisela.de. + +commit 8570177195f6a4b3173c0a25484a83641ee3faa6 +Author: dtucker@openbsd.org +Date: Fri Feb 16 04:43:11 2018 +0000 + + upstream: Don't send IUTF8 to servers that don't like them. + + Some SSH servers eg "ConfD" drop the connection if the client sends the + new IUTF8 (RFC8160) terminal mode even if it's not set. Add a bug bit + for such servers and avoid sending IUTF8 to them. ok djm@ + + OpenBSD-Commit-ID: 26425855402d870c3c0a90491e72e2a8a342ceda + +commit f6dc2ba3c9d12be53057b9371f5109ec553a399f +Author: Darren Tucker +Date: Fri Feb 16 17:32:28 2018 +1100 + + freezero should check for NULL. + +commit 680321f3eb46773883111e234b3c262142ff7c5b +Author: djm@openbsd.org +Date: Fri Feb 16 02:40:45 2018 +0000 + + upstream: Mention recent DH KEX methods: + + diffie-hellman-group14-sha256 + diffie-hellman-group16-sha512 + diffie-hellman-group18-sha512 + + From Jakub Jelen via bz#2826 + + OpenBSD-Commit-ID: 51bf769f06e55447f4bfa7306949e62d2401907a + +commit 88c50a5ae20902715f0fca306bb9c38514f71679 +Author: djm@openbsd.org +Date: Fri Feb 16 02:32:40 2018 +0000 + + upstream: stop loading DSA keys by default, remove sshd_config + + stanza and manpage bits; from Colin Watson via bz#2662, ok dtucker@ + + OpenBSD-Commit-ID: d33a849f481684ff655c140f5eb1b4acda8c5c09 + +commit d2b3db2860c962927def39a52f67f1c23f7b201a +Author: jsing@openbsd.org +Date: Wed Feb 14 16:27:24 2018 +0000 + + upstream: Ensure that D mod (P-1) and D mod (Q-1) are calculated in + + constant time. + + This avoids a potential side channel timing leak. + + ok djm@ markus@ + + OpenBSD-Commit-ID: 71ff3c16be03290e63d8edab8fac053d8a82968c + +commit 4270efad7048535b4f250f493d70f9acfb201593 +Author: jsing@openbsd.org +Date: Wed Feb 14 16:03:32 2018 +0000 + + upstream: Some obvious freezero() conversions. + + This also zeros an ed25519_pk when it was not being zeroed previously. + + ok djm@ dtucker@ + + OpenBSD-Commit-ID: 5c196a3c85c23ac0bd9b11bcadaedd90b7a2ce82 + +commit affa6ba67ffccc30b85d6e98f36eb5afd9386882 +Author: Darren Tucker +Date: Thu Feb 15 22:32:04 2018 +1100 + + Remove execute bit from modpipe.c. + +commit 9879dca438526ae6dfd656fecb26b0558c29c731 +Author: Darren Tucker +Date: Thu Feb 15 22:26:16 2018 +1100 + + Update prngd link to point to sourceforge. + +commit b6973fa5152b1a0bafd2417b7c3ad96f6e87d014 +Author: Darren Tucker +Date: Thu Feb 15 22:22:38 2018 +1100 + + Remove references to UNICOS. + +commit f1ca487940449f0b64f38f1da575078257609966 +Author: Darren Tucker +Date: Thu Feb 15 22:18:37 2018 +1100 + + Remove extra newline. + +commit 6d4e980f3cf27f409489cf89cd46c21501b13731 +Author: Darren Tucker +Date: Thu Feb 15 22:16:54 2018 +1100 + + OpenSSH's builtin entropy gathering is long gone. + +commit 389125b25d1a1d7f22e907463b7e8eca74af79ea +Author: Darren Tucker +Date: Thu Feb 15 21:43:01 2018 +1100 + + Replace remaining mysignal() with signal(). + + These seem to have been missed during the replacement of mysignal + with #define signal in commit 5ade9ab. Both include the requisite + headers to pick up the #define. + +commit 265d88d4e61e352de6791733c8b29fa3d7d0c26d +Author: Darren Tucker +Date: Thu Feb 15 20:06:19 2018 +1100 + + Remove remaining now-obsolete cvs $Ids. + +commit 015749e9b1d2f6e14733466d19ba72f014d0845c +Author: Darren Tucker +Date: Thu Feb 15 17:01:54 2018 +1100 + + Regenerate dependencies after UNICOS removal. + +commit ddc0f3814881ea279a6b6d4d98e03afc60ae1ed7 +Author: Darren Tucker +Date: Tue Feb 13 09:10:46 2018 +1100 + + Remove UNICOS support. + + The code required to support it is quite invasive to the mainline + code that is synced with upstream and is an ongoing maintenance burden. + Both the hardware and software are literal museum pieces these days and + we could not find anyone still running OpenSSH on one. + +commit 174bed686968494723e6db881208cc4dac0d020f +Author: Darren Tucker +Date: Tue Feb 13 18:12:47 2018 +1100 + + Retpoline linker flag only needed for linking. + +commit 075e258c2cc41e1d7f3ea2d292c5342091728d40 +Author: Darren Tucker +Date: Tue Feb 13 17:36:43 2018 +1100 + + Default PidFile is sshd.pid not ssh.pid. + +commit 49f3c0ec47730ea264e2bd1e6ece11167d6384df +Author: Darren Tucker +Date: Tue Feb 13 16:27:09 2018 +1100 + + Remove assigned-to-but-never-used variable. + + 'p' was removed in previous change but I neglected to remove the + otherwise-unused assignment to it. + +commit b8bbff3b3fc823bf80c5ab226c94f13cb887d5b1 +Author: djm@openbsd.org +Date: Tue Feb 13 03:36:56 2018 +0000 + + upstream: remove space before tab + + OpenBSD-Commit-ID: 674edd214d0a7332dd4623c9cf8117301b012890 + +commit 05046d907c211cb9b4cd21b8eff9e7a46cd6c5ab +Author: dtucker@openbsd.org +Date: Sun Feb 11 21:16:56 2018 +0000 + + upstream Don't reset signal handlers inside handlers. + + The signal handlers from the original ssh1 code on which OpenSSH + is based assume unreliable signals and reinstall their handlers. + Since OpenBSD (and pretty much every current system) has reliable + signals this is not needed. In the unlikely even that -portable + is still being used on such systems we will deal with it in the + compat layer. ok deraadt@ + + OpenBSD-Commit-ID: f53a1015cb6908431b92116130d285d71589612c + +commit 3c51143c639ac686687c7acf9b373b8c08195ffb +Author: Darren Tucker +Date: Tue Feb 13 09:07:29 2018 +1100 + + Whitespace sync with upstream. + +commit 19edfd4af746bedf0df17f01953ba8c6d3186eb7 +Author: Darren Tucker +Date: Tue Feb 13 08:25:46 2018 +1100 + + Whitespace sync with upstream. + +commit fbfa6f980d7460b3e12b0ce88ed3b6018edf4711 +Author: Darren Tucker +Date: Sun Feb 11 21:25:11 2018 +1300 + + Move signal compat code into bsd-signal.{c,h} + +commit 24d2a33bd3bf5170700bfdd8675498aa09a79eab +Author: Darren Tucker +Date: Sun Feb 11 21:20:39 2018 +1300 + + Include headers for linux/if.h. + + Prevents configure-time "present but cannot be compiled" warning. + +commit bc02181c24fc551aab85eb2cff0f90380928ef43 +Author: Darren Tucker +Date: Sun Feb 11 19:45:47 2018 +1300 + + Fix test for -z,retpolineplt linker flag. + +commit 3377df00ea3fece5293db85fe63baef33bf5152e +Author: Darren Tucker +Date: Sun Feb 11 09:32:37 2018 +1100 + + Add checks for Spectre v2 mitigation (retpoline) + + This adds checks for gcc and clang flags for mitigations for Spectre + variant 2, ie "retpoline". It'll automatically enabled if the compiler + supports it as part of toolchain hardening flag. ok djm@ + +commit d9e5cf078ea5380da6df767bb1773802ec557ef0 +Author: djm@openbsd.org +Date: Sat Feb 10 09:25:34 2018 +0000 + + upstream commit + + constify some private key-related functions; based on + https://github.com/openssh/openssh-portable/pull/56 by Vincent Brillault + + OpenBSD-Commit-ID: dcb94a41834a15f4d00275cb5051616fdc4c988c + +commit a7c38215d564bf98e8e9eb40c1079e3adf686f15 +Author: djm@openbsd.org +Date: Sat Feb 10 09:03:54 2018 +0000 + + upstream commit + + Mention ServerAliveTimeout in context of TCPKeepAlives; + prompted by Christoph Anton Mitterer via github + + OpenBSD-Commit-ID: f0cf1b5bd3f1fbf41d71c88d75d93afc1c880ca2 + +commit 62562ceae61e4f7cf896566592bb840216e71061 +Author: djm@openbsd.org +Date: Sat Feb 10 06:54:38 2018 +0000 + + upstream commit + + clarify IgnoreUserKnownHosts; based on github PR from + Christoph Anton Mitterer. + + OpenBSD-Commit-ID: 4fff2c17620c342fb2f1f9c2d2e679aab3e589c3 + +commit 4f011daa4cada6450fa810f7563b8968639bb562 +Author: djm@openbsd.org +Date: Sat Feb 10 06:40:28 2018 +0000 + + upstream commit + + Shorter, more accurate explanation of + NoHostAuthenticationForLocalhost without the confusing example. Prompted by + Christoph Anton Mitterer via github and bz#2293. + + OpenBSD-Commit-ID: 19dc96bea25b80d78d416b581fb8506f1e7b76df + +commit 77e05394af21d3f5faa0c09ed3855e4505a5cf9f +Author: djm@openbsd.org +Date: Sat Feb 10 06:15:12 2018 +0000 + + upstream commit + + Disable RemoteCommand and RequestTTY in the ssh session + started by scp. sftp is already doing this. From Camden Narzt via github; ok + dtucker + + OpenBSD-Commit-ID: 59e2611141c0b2ee579c6866e8eb9d7d8217bc6b + +commit ca613249a00b64b2eea9f52d3834b55c28cf2862 +Author: djm@openbsd.org +Date: Sat Feb 10 05:48:46 2018 +0000 + + upstream commit + + Refuse to create a certificate with an unusable number of + principals; Prompted by gdestuynder via github + + OpenBSD-Commit-ID: 8cfae2451e8f07810e3e2546dfdcce66984cbd29 + +commit b56ac069d46b6f800de34e1e935f98d050731d14 +Author: djm@openbsd.org +Date: Sat Feb 10 05:43:26 2018 +0000 + + upstream commit + + fatal if we're unable to write all the public key; previously + we would silently ignore errors writing the comment and terminating newline. + Prompted by github PR from WillerZ; ok dtucker + + OpenBSD-Commit-ID: 18fbfcfd4e8c6adbc84820039b64d70906e49831 + +commit cdb10bd431f9f6833475c27e9a82ebb36fdb12db +Author: Darren Tucker +Date: Sat Feb 10 11:18:38 2018 +1100 + + Add changelog entry for binary strip change. + +commit fbddd91897cfaf456bfc2081f39fb4a2208a0ebf +Author: Darren Tucker +Date: Sat Feb 10 11:14:54 2018 +1100 + + Remove unused variables. + +commit 937d96587df99c16c611d828cded292fa474a32b +Author: Darren Tucker +Date: Sat Feb 10 11:12:45 2018 +1100 + + Don't strip binaries so debuginfo gets built. + + Tell install not to strip binaries during package creation so that the + debuginfo package can be built. + +commit eb0865f330f59c889ec92696b97bd397090e720c +Author: Darren Tucker +Date: Sat Feb 10 10:33:11 2018 +1100 + + Fix bogus dates in changelog. + +commit 7fbde1b34c1f6c9ca9e9d10805ba1e5e4538e165 +Author: Darren Tucker +Date: Sat Feb 10 10:25:15 2018 +1100 + + Remove SSH1 from description. + +commit 9c34a76f099c4e0634bf6ecc2f40ce93925402c4 +Author: Darren Tucker +Date: Sat Feb 10 10:19:16 2018 +1100 + + Add support for compat-openssl10 build dep. + +commit 04f4e8193cb5a5a751fcc356bd6656291fec539e +Author: Darren Tucker +Date: Sat Feb 10 09:57:04 2018 +1100 + + Add leading zero so it'll work when rhel not set. + + When rhel is not set it will error out with "bad if". Add leading zero + as per https://fedoraproject.org/wiki/Packaging:DistTag so it'll work + on non-RHEL. + +commit 12abd67a6af28476550807a443b38def2076bb92 +Author: Darren Tucker +Date: Sat Feb 10 09:56:34 2018 +1100 + + Update openssl-devel dependency. + +commit b33e7645f8813719d7f9173fef24463c8833ebb3 +Author: nkadel +Date: Sun Nov 16 18:19:58 2014 -0500 + + Add mandir with-mandir' for RHEL 5 compatibility. + + Activate '--mandir' and '--with-mandir' settings in setup for RHEL + 5 compatibility. + +commit 94f8bf360eb0162e39ddf39d69925c2e93511e40 +Author: nkadel +Date: Sun Nov 16 18:18:51 2014 -0500 + + Discard 'K5DIR' reporting. + + It does not work inside 'mock' build environment. + +commit bb7e54dbaf34b70b3e57acf7982f3a2136c94ee5 +Author: nkadel +Date: Sun Nov 16 18:17:15 2014 -0500 + + Add 'dist' to 'rel' for OS specific RPM names. + +commit 87346f1f57f71150a9b8c7029d8c210e27027716 +Author: nkadel +Date: Sun Nov 16 14:17:38 2014 -0500 + + Add openssh-devel >= 0.9.8f for redhat spec file. + +commit bec1478d710866d3c1b119343a35567a8fc71ec3 +Author: nkadel +Date: Sun Nov 16 13:10:24 2014 -0500 + + Enhance BuildRequires for openssh-x11-askpass. + +commit 3104fcbdd3c70aefcb0cdc3ee24948907db8dc8f +Author: nkadel +Date: Sun Nov 16 13:04:14 2014 -0500 + + Always include x11-ssh-askpass SRPM. + + Always include x11-ssh-askpass tarball in redhat SRPM, even if unused. + +commit c61d0d038d58eebc365f31830be6e04ce373ad1b +Author: Damien Miller +Date: Sat Feb 10 09:43:12 2018 +1100 + + this is long unused; prompted by dtucker@ + +commit 745771fb788e41bb7cdad34e5555bf82da3af7ed +Author: dtucker@openbsd.org +Date: Fri Feb 9 02:37:36 2018 +0000 + + upstream commit + + Remove unused sKerberosTgtPassing from enum. From + calestyo via github pull req #11, ok djm@ + + OpenBSD-Commit-ID: 1008f8870865a7c4968b7aed402a0a9e3e5b9540 + +commit 1f385f55332db830b0ae22a7663b98279ca2d657 +Author: dtucker@openbsd.org +Date: Thu Feb 8 04:12:32 2018 +0000 + + upstream commit + + Rename struct umac_ctx to umac128_ctx too. In portable + some linkers complain about two symbols with the same name having differing + sizes. ok djm@ + + OpenBSD-Commit-ID: cbebf8bdd3310a9795b4939a1e112cfe24061ca3 + +commit f1f047fb031c0081dbc8738f05bf5d4cc47acadf +Author: dtucker@openbsd.org +Date: Wed Feb 7 22:52:45 2018 +0000 + + upstream commit + + ssh_free checks for and handles NULL args, remove NULL + checks from remaining callers. ok djm@ + + OpenBSD-Commit-ID: bb926825c53724c069df68a93a2597f9192f7e7b + +commit aee49b2a89b6b323c80dd3b431bd486e51f94c8c +Author: Darren Tucker +Date: Thu Feb 8 12:36:22 2018 +1100 + + Set SO_REUSEADDR in regression test netcat. + + Sometimes multiplex tests fail on Solaris with "netcat: local_listen: + Address already in use" which is likely due to previous invocations + leaving the port in TIME_WAIT. Set SO_REUSEADDR (in addition to + SO_REUSEPORT which is alread set on platforms that support it). ok djm@ + +commit 1749991c55bab716877b7c687cbfbf19189ac6f1 +Author: jsing@openbsd.org +Date: Wed Feb 7 05:17:56 2018 +0000 + + upstream commit + + Convert some explicit_bzero()/free() calls to freezero(). + + ok deraadt@ dtucker@ + + OpenBSD-Commit-ID: f566ab99149650ebe58b1d4b946ea726c3829609 + +commit 94ec2b69d403f4318b7a0d9b17f8bc3efbf4d0d2 +Author: jsing@openbsd.org +Date: Wed Feb 7 05:15:49 2018 +0000 + + upstream commit + + Remove some #ifdef notyet code from OpenSSL 0.9.8 days. + + These functions have never appeared in OpenSSL and are likely never to do + so. + + "kill it with fire" djm@ + + OpenBSD-Commit-ID: fee9560e283fd836efc2631ef381658cc673d23e + +commit 7cd31632e3a6607170ed0c9ed413a7ded5b9b377 +Author: jsing@openbsd.org +Date: Wed Feb 7 02:06:50 2018 +0000 + + upstream commit + + Remove all guards for calls to OpenSSL free functions - + all of these functions handle NULL, from at least OpenSSL 1.0.1g onwards. + + Prompted by dtucker@ asking about guards for RSA_free(), when looking at + openssh-portable pr#84 on github. + + ok deraadt@ dtucker@ + + OpenBSD-Commit-ID: 954f1c51b94297d0ae1f749271e184141e0cadae + +commit 3c000d57d46882eb736c6563edfc4995915c24a2 +Author: Darren Tucker +Date: Wed Feb 7 09:19:38 2018 +1100 + + Remove obsolete "Smartcard support" message + + The configure checks that populated $SCARD_MSG were removed in commits + 7ea845e4 and d8f60022 when the smartcard support was replaced with + PKCS#11. + +commit 3e615090de0ce36a833d811e01c28aec531247c4 +Author: dtucker@openbsd.org +Date: Tue Feb 6 06:01:54 2018 +0000 + + upstream commit + + Replace "trojan horse" with the correct term (MITM). + From maikel at predikkta.com via bz#2822, ok markus@ + + OpenBSD-Commit-ID: e86ac64c512057c89edfadb43302ac0aa81a6c53 + +commit 3484380110d437c50e17f87d18544286328c75cb +Author: tb@openbsd.org +Date: Mon Feb 5 05:37:46 2018 +0000 + + upstream commit + + Add a couple of non-negativity checks to avoid close(-1). + + ok djm + + OpenBSD-Commit-ID: 4701ce0b37161c891c838d0931305f1d37a50880 + +commit 5069320be93c8b2a6584b9f944c86f60c2b04e48 +Author: tb@openbsd.org +Date: Mon Feb 5 05:36:49 2018 +0000 + + upstream commit + + The file descriptors for socket, stdin, stdout and stderr + aren't necessarily distinct, so check if they are the same to avoid closing + the same fd several times. + + ok djm + + OpenBSD-Commit-ID: 60d71fd22e9a32f5639d4ba6e25a2f417fc36ac1 + +commit 2b428f90ea1b21d7a7c68ec1ee334253b3f9324d +Author: djm@openbsd.org +Date: Mon Feb 5 04:02:53 2018 +0000 + + upstream commit + + I accidentially a word + + OpenBSD-Commit-ID: 4547ee713fa941da861e83ae7a3e6432f915e14a + +commit 130283d5c2545ff017c2162dc1258c5354e29399 +Author: djm@openbsd.org +Date: Thu Jan 25 03:34:43 2018 +0000 + + upstream commit + + certificate options are case-sensitive; fix case on one + that had it wrong. + + move a badly-place sentence to a less bad place + + OpenBSD-Commit-ID: 231e516bba860699a1eece6d48532d825f5f747b + +commit 89f09ee68730337015bf0c3f138504494a34e9a6 +Author: Damien Miller +Date: Wed Jan 24 12:20:44 2018 +1100 + + crypto_api.h needs includes.h + +commit c9c1bba06ad1c7cad8548549a68c071bd807af60 +Author: stsp@openbsd.org +Date: Tue Jan 23 20:00:58 2018 +0000 + + upstream commit + + Fix a logic bug in sshd_exchange_identification which + prevented clients using major protocol version 2 from connecting to the + server. ok millert@ + + OpenBSD-Commit-ID: 8668dec04586e27f1c0eb039ef1feb93d80a5ee9 + +commit a60c5dcfa2538ffc94dc5b5adb3db5b6ed905bdb +Author: stsp@openbsd.org +Date: Tue Jan 23 18:33:49 2018 +0000 + + upstream commit + + Add missing braces; fixes 'write: Socket is not + connected' error in ssh. ok deraadt@ + + OpenBSD-Commit-ID: db73a3a9e147722d410866cac34d43ed52e1ad24 + +commit 20d53ac283e1c60245ea464bdedd015ed9b38f4a +Author: Damien Miller +Date: Tue Jan 23 16:49:43 2018 +1100 + + rebuild depends + +commit 552ea155be44f9c439c1f9f0c38f9e593428f838 +Author: Damien Miller +Date: Tue Jan 23 16:49:22 2018 +1100 + + one SSH_BUG_BANNER instance that got away + +commit 14b5c635d1190633b23ac3372379517fb645b0c2 +Author: djm@openbsd.org +Date: Tue Jan 23 05:27:21 2018 +0000 + + upstream commit + + Drop compatibility hacks for some ancient SSH + implementations, including ssh.com <=2.* and OpenSSH <= 3.*. + + These versions were all released in or before 2001 and predate the + final SSH RFCs. The hacks in question aren't necessary for RFC- + compliant SSH implementations. + + ok markus@ + + OpenBSD-Commit-ID: 4be81c67db57647f907f4e881fb9341448606138 + +commit 7c77991f5de5d8475cbeb7cbb06d0c7d1611d7bb +Author: djm@openbsd.org +Date: Tue Jan 23 05:17:04 2018 +0000 + + upstream commit + + try harder to preserve errno during + ssh_connect_direct() to make the final error message possibly accurate; + bz#2814, ok dtucker@ + + OpenBSD-Commit-ID: 57de882cb47381c319b04499fef845dd0c2b46ca + +commit 9e9c4a7e57b96ab29fe6d7545ed09d2e5bddbdec +Author: djm@openbsd.org +Date: Tue Jan 23 05:12:12 2018 +0000 + + upstream commit + + unbreak support for clients that advertise a protocol + version of "1.99" (indicating both v2 and v1 support). Busted by me during + SSHv1 purge in r1.358; bz2810, ok dtucker + + OpenBSD-Commit-ID: e8f9c2bee11afc16c872bb79d6abe9c555bd0e4b + +commit fc21ea97968264ad9bb86b13fedaaec8fd3bf97d +Author: djm@openbsd.org +Date: Tue Jan 23 05:06:25 2018 +0000 + + upstream commit + + don't attempt to force hostnames that are addresses to + lowercase, but instead canonicalise them through getnameinfo/getaddrinfo to + remove ambiguities (e.g. ::0001 => ::1) before they are matched against + known_hosts; bz#2763, ok dtucker@ + + OpenBSD-Commit-ID: ba0863ff087e61e5c65efdbe53be3cb92c9aefa0 + +commit d6364f6fb1a3d753d7ca9bf15b2adce961324513 +Author: djm@openbsd.org +Date: Tue Jan 23 05:01:15 2018 +0000 + + upstream commit + + avoid modifying pw->pw_passwd; let endpwent() clean up + for us, but keep a scrubbed copy; bz2777, ok dtucker@ + + OpenBSD-Commit-ID: 715afc0f59c6b82c4929a73279199ed241ce0752 + +commit a69bbb07cd6fb4dfb9bdcacd370ab26d0a2b4215 +Author: naddy@openbsd.org +Date: Sat Jan 13 00:24:09 2018 +0000 + + upstream commit + + clarify authorship; prodded by and ok markus@ + + OpenBSD-Commit-ID: e1938eee58c89b064befdabe232835fa83bb378c + +commit 04214b30be3d3e73a01584db4e040d5ccbaaddd4 +Author: markus@openbsd.org +Date: Mon Jan 8 15:37:21 2018 +0000 + + upstream commit + + group shared source files (e.g. SRCS_KEX) and allow + compilation w/o OPENSSL ok djm@ + + OpenBSD-Commit-ID: fa728823ba21c4b45212750e1d3a4b2086fd1a62 + +commit 25cf9105b849932fc3b141590c009e704f2eeba6 +Author: markus@openbsd.org +Date: Mon Jan 8 15:21:49 2018 +0000 + + upstream commit + + move subprocess() so scp/sftp do not need uidswap.o; ok + djm@ + + OpenBSD-Commit-ID: 6601b8360388542c2e5fef0f4085f8e54750bea8 + +commit b0d34132b3ca26fe94013f01d7b92101e70b68bb +Author: markus@openbsd.org +Date: Mon Jan 8 15:18:46 2018 +0000 + + upstream commit + + switch ssh-pkcs11-helper to new API; ok djm@ + + OpenBSD-Commit-ID: e0c0ed2a568e25b1d2024f3e630f3fea837c2a42 + +commit ec4a9831184c0c6ed5f7f0cfff01ede5455465a3 +Author: markus@openbsd.org +Date: Mon Jan 8 15:15:36 2018 +0000 + + upstream commit + + split client/server kex; only ssh-keygen needs + uuencode.o; only scp/sftp use progressmeter.o; ok djm@ + + OpenBSD-Commit-ID: f2c9feb26963615c4fece921906cf72e248b61ee + +commit ec77efeea06ac62ee1d76fe0b3225f3000775a9e +Author: markus@openbsd.org +Date: Mon Jan 8 15:15:17 2018 +0000 + + upstream commit + + only ssh-keygen needs uuencode.o; only scp/sftp use + progressmeter.o + + OpenBSD-Commit-ID: a337e886a49f96701ccbc4832bed086a68abfa85 + +commit 25aae35d3d6ee86a8c4c0b1896acafc1eab30172 +Author: markus@openbsd.org +Date: Mon Jan 8 15:14:44 2018 +0000 + + upstream commit + + uuencode.h is not used + + OpenBSD-Commit-ID: 238eb4659f3c119904326b9e94a5e507a912796c + +commit 4f29309c4cb19bcb1774931db84cacc414f17d29 +Author: Damien Miller +Date: Wed Jan 3 19:50:43 2018 +1100 + + unbreak fuzz harness + +commit f6b50bf84dc0b61f22c887c00423e0ea7644e844 +Author: djm@openbsd.org +Date: Thu Dec 21 05:46:35 2017 +0000 + + upstream commit + + another libssh casualty + + OpenBSD-Regress-ID: 839b970560246de23e7c50215095fb527a5a83ec + +commit 5fb4fb5a0158318fb8ed7dbb32f3869bbf221f13 +Author: djm@openbsd.org +Date: Thu Dec 21 03:01:49 2017 +0000 + + upstream commit + + missed one (unbreak after ssh/lib removal) + + OpenBSD-Regress-ID: cfdd132143131769e2d2455e7892b5d55854c322 + +commit e6c4134165d05447009437a96e7201276688807f +Author: djm@openbsd.org +Date: Thu Dec 21 00:41:22 2017 +0000 + + upstream commit + + unbreak unit tests after removal of src/usr.bin/ssh/lib + + OpenBSD-Regress-ID: 3a79760494147b20761cbd2bd5c20e86c63dc8f9 + +commit d45d69f2a937cea215c7f0424e5a4677b6d8c7fe +Author: djm@openbsd.org +Date: Thu Dec 21 00:00:28 2017 +0000 + + upstream commit + + revert stricter key type / signature type checking in + userauth path; too much software generates inconsistent messages, so we need + a better plan. + + OpenBSD-Commit-ID: 4a44ddc991c803c4ecc8f1ad40e0ab4d22e1c519 + +commit c5a6cbdb79752f7e761074abdb487953ea6db671 +Author: djm@openbsd.org +Date: Tue Dec 19 00:49:30 2017 +0000 + + upstream commit + + explicitly test all key types and their certificate + counterparts + + refactor a little + + OpenBSD-Regress-ID: e9ecd5580821b9ef8b7106919c6980d8e45ca8c4 + +commit f689adb7a370b5572612d88be9837ca9aea75447 +Author: dtucker@openbsd.org +Date: Mon Dec 11 11:41:56 2017 +0000 + + upstream commit + + use cmp in a loop instead of diff -N to compare + directories. The former works on more platforms for Portable. + + OpenBSD-Regress-ID: c3aa72807f9c488e8829a26ae50fe5bcc5b57099 + +commit 748dd8e5de332b24c40f4b3bbedb902acb048c98 +Author: Damien Miller +Date: Tue Dec 19 16:17:59 2017 +1100 + + remove blocks.c from Makefile + +commit 278856320520e851063b06cef6ef1c60d4c5d652 +Author: djm@openbsd.org +Date: Tue Dec 19 00:24:34 2017 +0000 + + upstream commit + + include signature type and CA key (if applicable) in some + debug messages + + OpenBSD-Commit-ID: b71615cc20e78cec7105bb6e940c03ce9ae414a5 + +commit 7860731ef190b52119fa480f8064ab03c44a120a +Author: djm@openbsd.org +Date: Mon Dec 18 23:16:23 2017 +0000 + + upstream commit + + unbreak hostkey rotation; attempting to sign with a + desired signature algorithm of kex->hostkey_alg is incorrect when the key + type isn't capable of making those signatures. ok markus@ + + OpenBSD-Commit-ID: 35ae46864e1f5859831ec0d115ee5ea50953a906 + +commit 966ef478339ad5e631fb684d2a8effe846ce3fd4 +Author: djm@openbsd.org +Date: Mon Dec 18 23:14:34 2017 +0000 + + upstream commit + + log mismatched RSA signature types; ok markus@ + + OpenBSD-Commit-ID: 381bddfcc1e297a42292222f3bcb5ac2b7ea2418 + +commit 349ecd4da3a985359694a74635748009be6baca6 +Author: djm@openbsd.org +Date: Mon Dec 18 23:13:42 2017 +0000 + + upstream commit + + pass kex->hostkey_alg and kex->hostkey_nid from pre-auth + to post-auth unpriviledged child processes; ok markus@ + + OpenBSD-Commit-ID: 4a35bc7af0a5f8a232d1361f79f4ebc376137302 + +commit c9e37a8725c083441dd34a8a53768aa45c3c53fe +Author: millert@openbsd.org +Date: Mon Dec 18 17:28:54 2017 +0000 + + upstream commit + + Add helper function for uri handing in scp where a + missing path simply means ".". Also fix exit code and add warnings when an + invalid uri is encountered. OK otto@ + + OpenBSD-Commit-ID: 47dcf872380586dabf7fcc6e7baf5f8ad508ae1a + +commit 04c7e28f83062dc42f2380d1bb3a6bf0190852c0 +Author: djm@openbsd.org +Date: Mon Dec 18 02:25:15 2017 +0000 + + upstream commit + + pass negotiated signing algorithm though to + sshkey_verify() and check that the negotiated algorithm matches the type in + the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@ + + OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9 + +commit 931c78dfd7fe30669681a59e536bbe66535f3ee9 +Author: djm@openbsd.org +Date: Mon Dec 18 02:22:29 2017 +0000 + + upstream commit + + sshkey_sigtype() function to return the type of a + signature; ok markus@ + + OpenBSD-Commit-ID: d3772b065ad6eed97285589bfb544befed9032e8 + +commit 4cdc5956f2fcc9e9078938db833142dc07d8f523 +Author: naddy@openbsd.org +Date: Thu Dec 14 21:07:39 2017 +0000 + + upstream commit + + Replace ED25519's private SHA-512 implementation with a + call to the regular digest code. This speeds up compilation considerably. ok + markus@ + + OpenBSD-Commit-ID: fcce8c3bcfe7389462a28228f63c823e80ade41c + +commit 012e5cb839faf76549e3b6101b192fe1a74d367e +Author: naddy@openbsd.org +Date: Tue Dec 12 15:06:12 2017 +0000 + + upstream commit + + Create a persistent umac128.c source file: #define the + output size and the name of the entry points for UMAC-128 before including + umac.c. Idea from FreeBSD. ok dtucker@ + + OpenBSD-Commit-ID: 463cfacfa07cb8060a4d4961e63dca307bf3f4b1 + +commit b35addfb4cd3b5cdb56a2a489d38e940ada926c7 +Author: Darren Tucker +Date: Mon Dec 11 16:23:28 2017 +1100 + + Update .depend with empty config.h + +commit 2d96f28246938e0ca474a939d8ac82ecd0de27e3 +Author: Darren Tucker +Date: Mon Dec 11 16:21:55 2017 +1100 + + Ensure config.h is always in dependencies. + + Put an empty config.h into the dependency list to ensure that it's + always listed and consistent. + +commit ac4987a55ee5d4dcc8e87f7ae7c1f87be7257d71 +Author: deraadt@openbsd.org +Date: Sun Dec 10 19:37:57 2017 +0000 + + upstream commit + + ssh/lib hasn't worked towards our code-sharing goals for + a quit while, perhaps it is too verbose? Change each */Makefile to + specifying exactly what sources that program requires, compiling it seperate. + Maybe we'll iterate by sorting those into seperatable chunks, splitting up + files which contain common code + server/client specific code, or whatnot. + But this isn't one step, or we'd have done it a long time ago.. ok dtucker + markus djm + + OpenBSD-Commit-ID: 5317f294d63a876bfc861e19773b1575f96f027d + +commit 48c23a39a8f1069a57264dd826f6c90aa12778d5 +Author: dtucker@openbsd.org +Date: Sun Dec 10 05:55:29 2017 +0000 + + upstream commit + + Put remote client info back into the ClientAlive + connection termination message. Based in part on diff from lars.nooden at + gmail, ok djm + + OpenBSD-Commit-ID: 80a0f619a29bbf2f32eb5297a69978a0e05d0ee0 + +commit aabd75ec76575c1b17232e6526a644097cd798e5 +Author: deraadt@openbsd.org +Date: Fri Dec 8 03:45:52 2017 +0000 + + upstream commit + + time_t printing needs %lld and (long long) casts ok djm + + OpenBSD-Commit-ID: 4a93bc2b0d42a39b8f8de8bb74d07ad2e5e83ef7 + +commit fd4eeeec16537870bd40d04836c7906ec141c17d +Author: djm@openbsd.org +Date: Fri Dec 8 02:14:33 2017 +0000 + + upstream commit + + fix ordering in previous to ensure errno isn't clobbered + before logging. + + OpenBSD-Commit-ID: e260bc1e145a9690dcb0d5aa9460c7b96a0c8ab2 + +commit 155072fdb0d938015df828836beb2f18a294ab8a +Author: djm@openbsd.org +Date: Fri Dec 8 02:13:02 2017 +0000 + + upstream commit + + for some reason unix_listener() logged most errors twice + with each message containing only some of the useful information; merge these + + OpenBSD-Commit-ID: 1978a7594a9470c0dddcd719586066311b7c9a4a + +commit 79c0e1d29959304e5a49af1dbc58b144628c09f3 +Author: Darren Tucker +Date: Mon Dec 11 14:38:33 2017 +1100 + + Add autogenerated dependency info to Makefile. + + Adds a .depend file containing dependency information generated by + makedepend, which is appended to the generated Makefile by configure. + + You can regen the file with "make -f Makefile.in depend" if necessary, + but we'll be looking at some way to automatically keep this up to date. + + "no objection" djm@ + +commit f001de8fbf7f3faddddd8efd03df18e57601f7eb +Author: Darren Tucker +Date: Mon Dec 11 13:42:51 2017 +1100 + + Fix pasto in ldns handling. + + When ldns-config is not found, configure would check the wrong variable. + ok djm@ + +commit c5bfe83f67cb64e71cf2fe0d1500f6904b0099ee +Author: Darren Tucker +Date: Sat Dec 9 10:12:23 2017 +1100 + + Portable switched to git so s/CVS/git/. + +commit bb82e61a40a4ee52e4eb904caaee2c27b763ab5b +Author: Darren Tucker +Date: Sat Dec 9 08:06:00 2017 +1100 + + Remove now-used check for perl. + +commit e0ce54c0b9ca3a9388f9c50f4fa6cc25c28a3240 +Author: djm@openbsd.org +Date: Wed Dec 6 05:06:21 2017 +0000 + + upstream commit + + don't accept junk after "yes" or "no" responses to + hostkey prompts. bz#2803 reported by Maksim Derbasov; ok dtucker@ + + OpenBSD-Commit-ID: e1b159fb2253be973ce25eb7a7be26e6f967717c + +commit 609d96b3d58475a15b2eb6b3d463f2c5d8e510c0 +Author: dtucker@openbsd.org +Date: Tue Dec 5 23:59:47 2017 +0000 + + upstream commit + + Replace atoi and strtol conversions for integer arguments + to config keywords with a checking wrapper around strtonum. This will + prevent and flag invalid and negative arguments to these keywords. ok djm@ + + OpenBSD-Commit-ID: 99ae3981f3d608a219ccb8d2fff635ae52c17998 + +commit 168ecec13f9d7cb80c07df3bf7d414f4e4165e84 +Author: dtucker@openbsd.org +Date: Tue Dec 5 23:56:07 2017 +0000 + + upstream commit + + Add missing break for rdomain. Prevents spurious + "Deprecated option" warnings. ok djm@ + + OpenBSD-Commit-ID: ba28a675d39bb04a974586241c3cba71a9c6099a + +commit 927f8514ceffb1af380a5f63ab4d3f7709b1b198 +Author: djm@openbsd.org +Date: Tue Dec 5 01:30:19 2017 +0000 + + upstream commit + + include the addr:port in bind/listen failure messages + + OpenBSD-Commit-ID: fdadb69fe1b38692608809cf0376b71c2c28e58e + +commit a8c89499543e2d889629c4e5e8dcf47a655cf889 +Author: dtucker@openbsd.org +Date: Wed Nov 29 05:49:54 2017 +0000 + + upstream commit + + Import updated moduli. + + OpenBSD-Commit-ID: 524d210f982af6007aa936ca7f4c977f4d32f38a + +commit 3dde09ab38c8e1cfc28252be473541a81bc57097 +Author: dtucker@openbsd.org +Date: Tue Nov 28 21:10:22 2017 +0000 + + upstream commit + + Have sftp print a warning about shell cleanliness when + decoding the first packet fails, which is usually caused by shells polluting + stdout of non-interactive starups. bz#2800, ok markus@ deraadt@. + + OpenBSD-Commit-ID: 88d6a9bf3470f9324b76ba1cbd53e50120f685b5 + +commit 6c8a246437f612ada8541076be2414846d767319 +Author: Darren Tucker +Date: Fri Dec 1 17:11:47 2017 +1100 + + Replace mkinstalldirs with mkdir -p. + + Check for MIKDIR_P and use it instead of mkinstalldirs. Should fix "mkdir: + cannot create directory:... File exists" during "make install". + Patch from eb at emlix.com. + +commit 3058dd78d2e43ed0f82ad8eab8bb04b043a72023 +Author: Darren Tucker +Date: Fri Dec 1 17:07:08 2017 +1100 + + Pull in newer install-sh from autoconf-2.69. + + Suggested by eb at emlix.com + +commit 79226e5413c5b0fda3511351a8511ff457e306d8 +Author: Darren Tucker +Date: Fri Dec 1 16:55:35 2017 +1100 + + Remove RSA1 host key generation. + + SSH1 support is now gone, remove SSH1 key generation. + Patch from eb at emlix.com. + +commit 2937dd02c572a12f33d5c334d518f6cbe0b645eb +Author: djm@openbsd.org +Date: Tue Nov 28 06:09:38 2017 +0000 + + upstream commit + + more whitespace errors + + OpenBSD-Commit-ID: 5e11c125378327b648940b90145e0d98beb05abb + +commit 7f257bf3fd3a759f31098960cbbd1453fafc4164 +Author: djm@openbsd.org@openbsd.org +Date: Tue Nov 28 06:04:51 2017 +0000 + + upstream commit + + whitespace at EOL + + OpenBSD-Commit-ID: 76d3965202b22d59c2784a8df3a8bfa5ee67b96a + +commit 5db6fbf1438b108e5df3e79a1b4de544373bc2d4 +Author: dtucker@openbsd.org@openbsd.org +Date: Sat Nov 25 06:46:22 2017 +0000 + + upstream commit + + Add monotime_ts and monotime_tv that return monotonic + timespec and timeval respectively. Replace calls to gettimeofday() in packet + timing with monotime_tv so that the callers will work over a clock step. + Should prevent integer overflow during clock steps reported by wangle6 at + huawei.com. "I like" markus@ + + OpenBSD-Commit-ID: 74d684264814ff806f197948b87aa732cb1b0b8a + +commit 2d638e986085bdf1a40310ed6e2307463db96ea0 +Author: dtucker@openbsd.org@openbsd.org +Date: Sat Nov 25 05:58:47 2017 +0000 + + upstream commit + + Remove get_current_time() and replace with calls to + monotime_double() which uses CLOCK_MONOTONIC and works over clock steps. "I + like" markus@ + + OpenBSD-Commit-ID: 3ad2f7d2414e2cfcaef99877a7a5b0baf2242952 + +commit ba460acae48a36ef749cb23068f968f4d5d90a24 +Author: Darren Tucker +Date: Fri Nov 24 16:24:31 2017 +1100 + + Include string.h for explicit_bzero. + +commit a65655fb1a12b77fb22f9e71559b9d73030ec8ff +Author: Damien Miller +Date: Fri Nov 24 10:23:47 2017 +1100 + + fix incorrect range of OpenSSL versions supported + + Pointed out by Solar Designer + +commit 83a1e5dbec52d05775174f368e0c44b08619a308 +Author: djm@openbsd.org@openbsd.org +Date: Wed Nov 15 02:10:16 2017 +0000 + + upstream commit + + downgrade a couple more request parsing errors from + process-fatal to just returning failure, making them consistent with the + others that were already like that. + + OpenBSD-Commit-ID: c111461f7a626690a2d53018ef26557b34652918 + +commit 93c68a8f3da8e5e6acdc3396f54d73919165e242 +Author: djm@openbsd.org@openbsd.org +Date: Wed Nov 15 00:13:40 2017 +0000 + + upstream commit + + fix regression in 7.6: failure to parse a signature request + message shouldn't be fatal to the process, just the request. Reported by Ron + Frederick + + OpenBSD-Commit-ID: e5d01b3819caa1a2ad51fc57d6ded43f48bbcc05 + +commit 548d3a66feb64c405733932a6b1abeaf7198fa71 +Author: djm@openbsd.org@openbsd.org +Date: Tue Nov 14 00:45:29 2017 +0000 + + upstream commit + + fix problem in configuration parsing when in config dump mode + (sshd -T) without providing a full connection specification (sshd -T -C ...) + + spotted by bluhm@ + + OpenBSD-Commit-ID: 7125faf5740eaa9d3a2f25400a0bc85e94e28b8f + +commit 33edb6ebdc2f81ebed1bceadacdfb8910b64fb88 +Author: djm@openbsd.org@openbsd.org +Date: Fri Nov 3 05:18:44 2017 +0000 + + upstream commit + + reuse parse_multistate for parse_flag (yes/no arguments). + Saves a few lines of code and makes the parser more consistent wrt case- + sensitivity. bz#2664 ok dtucker@ + + OpenBSD-Commit-ID: b2ad1b6086858d5db71c7b11e5a74dba6d60efef + +commit d52131a98316e76c0caa348f09bf6f7b9b01a1b9 +Author: djm@openbsd.org@openbsd.org +Date: Fri Nov 3 05:14:04 2017 +0000 + + upstream commit + + allow certificate validity intervals that specify only a + start or stop time (we already support specifying both or neither) + + OpenBSD-Commit-ID: 9be486545603c003030bdb5c467d1318b46b4e42 + +commit fbe8e7ac94c2fa380421a9205a8bc966549c2f91 +Author: djm@openbsd.org@openbsd.org +Date: Fri Nov 3 03:46:52 2017 +0000 + + upstream commit + + allow "cd" and "lcd" commands with no explicit path + argument. lcd will change to the local user's home directory as usual. cd + will change to the starting directory for session (because the protocol + offers no way to obtain the remote user's home directory). bz#2760 ok + dtucker@ + + OpenBSD-Commit-ID: 15333f5087cee8c1ed1330cac1bd0a3e6a767393 + +commit 0208a48517b5e8e8b091f32fa4addcd67c31ca9e +Author: dtucker@openbsd.org@openbsd.org +Date: Fri Nov 3 03:18:53 2017 +0000 + + upstream commit + + When doing a config test with sshd -T, only require the + attributes that are actually used in Match criteria rather than (an + incomplete list of) all criteria. ok djm@, man page help jmc@ + + OpenBSD-Commit-ID: b4e773c4212d3dea486d0259ae977551aab2c1fc + +commit c357eed5a52cd2f4ff358b17e30e3f9a800644da +Author: djm@openbsd.org@openbsd.org +Date: Fri Nov 3 02:32:19 2017 +0000 + + upstream commit + + typos in ECDSA certificate names; bz#2787 reported by + Mike Gerow + + OpenBSD-Commit-ID: 824938b6aba1b31321324ba1f56c05f84834b163 + +commit ecbf005b8fd80b81d0c61dfc1e96fe3da6099395 +Author: djm@openbsd.org@openbsd.org +Date: Fri Nov 3 02:29:17 2017 +0000 + + upstream commit + + Private keys in PEM format have been encrypted by AES-128 for + a while (not 3DES). bz#2788 reported by Calum Mackay + + OpenBSD-Commit-ID: bd33da7acbbb3c882f0a0ee56007a35ce0d8a11a + +commit 81c9ccdbf6ddbf9bfbd6f1f775a5a7c13e47e185 +Author: Darren Tucker +Date: Fri Nov 3 14:52:51 2017 +1100 + + Check for linux/if.h when enabling rdomain. + + musl libc doesn't seem to have linux/if.h, so check for its presence + before enabling rdomain support on Linux. + +commit fa1b834cce41a1ce3e6a8d57fb67ef18c9dd803f +Author: Darren Tucker +Date: Fri Nov 3 14:09:45 2017 +1100 + + Add headers for sys/sysctl.h and net/route.h + + On at least older OpenBSDs, sys/sysctl.h and net/route.h require + sys/types and, in the case of sys/sysctl.h, sys/param.h for MAXLOGNAME. + +commit 41bff4da21fcd8a7c6a83a7e0f92b018f904f6fb +Author: djm@openbsd.org@openbsd.org +Date: Fri Nov 3 02:22:41 2017 +0000 + + upstream commit + + avoid unused variable warnings for !WITH_OPENSSL; patch from + Marcus Folkesson + + OpenBSD-Commit-ID: c01d27a3f907acdc3dd4ea48170fac3ba236d229 + +commit 6b373e4635a7470baa94253dd1dc8953663da9e8 +Author: Marcus Folkesson +Date: Sat Oct 28 19:48:39 2017 +0200 + + only enable functions in dh.c when openssl is used + + Signed-off-by: Marcus Folkesson + +commit 939b30ba23848b572e15bf92f0f1a3d9cf3acc2b +Author: djm@openbsd.org@openbsd.org +Date: Wed Nov 1 00:04:15 2017 +0000 + + upstream commit + + fix broken stdout in ControlPersist mode, introduced by me in + r1.467 and reported by Alf Schlichting + + OpenBSD-Commit-ID: 3750a16e02108fc25f747e4ebcedb7123c1ef509 + +commit f21455a084f9cc3942cf1bde64055a4916849fed +Author: Darren Tucker +Date: Tue Oct 31 10:09:33 2017 +1100 + + Include includes.h for HAVE_GETPAGESIZE. + + The configure script checks for getpagesize() and sets HAVE_GETPAGESIZE in + config.h, but bsd-getpagesize.c forgot to include includes.h (which + indirectly includes config.h) so the checks always fails, causing linker + issues when linking statically on systems with getpagesize(). + + Patch from Peter Korsgaard + +commit f2ad63c0718b93ac1d1e85f53fee33b06eef86b5 +Author: djm@openbsd.org@openbsd.org +Date: Mon Oct 30 22:01:52 2017 +0000 + + upstream commit + + whitespace at EOL + + OpenBSD-Regress-ID: f4b5df99b28c6f63478deb916c6ed0e794685f07 + +commit c6415b1f8f1d0c2735564371647fd6a177fb9a3e +Author: djm@openbsd.org@openbsd.org +Date: Mon Oct 30 21:59:43 2017 +0000 + + upstream commit + + whitespace at EOL + + OpenBSD-Regress-ID: 19b1394393deee4c8a2114a3b7d18189f27a15cd + +commit e4d4ddbbba0e585ca3ec3a455430750b4622a6d3 +Author: millert@openbsd.org@openbsd.org +Date: Wed Oct 25 20:08:36 2017 +0000 + + upstream commit + + Use printenv to test whether an SSH_USER_AUTH is set + instead of using $SSH_USER_AUTH. The latter won't work with csh which treats + unknown variables as an error when expanding them. OK markus@ + + OpenBSD-Regress-ID: f601e878dd8b71aa40381573dde3a8f567e6f2d1 + +commit 116b1b439413a724ebb3320633a64dd0f3ee1fe7 +Author: millert@openbsd.org@openbsd.org +Date: Tue Oct 24 19:33:32 2017 +0000 + + upstream commit + + Add tests for URI parsing. OK markus@ + + OpenBSD-Regress-ID: 5d1df19874f3b916d1a2256a905526e17a98bd3b + +commit dbe0662e9cd482593a4a8bf58c6481bfe8a747a4 +Author: djm@openbsd.org@openbsd.org +Date: Fri Oct 27 01:57:06 2017 +0000 + + upstream commit + + whitespace at EOL + + OpenBSD-Commit-ID: c95549cf5a07d56ea11aaff818415118720214f6 + +commit d2135474344335a7c6ee643b6ade6db400fa76ee +Author: djm@openbsd.org@openbsd.org +Date: Fri Oct 27 01:01:17 2017 +0000 + + upstream commit + + whitespace at EOL (lots) + + OpenBSD-Commit-ID: 757257dd44116794ee1b5a45c6724973de181747 + +commit b77c29a07f5a02c7c1998701c73d92bde7ae1608 +Author: djm@openbsd.org@openbsd.org +Date: Fri Oct 27 00:18:41 2017 +0000 + + upstream commit + + improve printing of rdomain on accept() a little + + OpenBSD-Commit-ID: 5da58db2243606899cedaa646c70201b2d12247a + +commit 68d3bbb2e6dfbf117c46e942142795b2cdd0274b +Author: jmc@openbsd.org@openbsd.org +Date: Thu Oct 26 06:44:01 2017 +0000 + + upstream commit + + mark up the rdomain keyword; + + OpenBSD-Commit-ID: 1b597d0ad0ad20e94dbd61ca066057e6f6313b8a + +commit 0b2e2896b9d0d6cfb59e9ec8271085296bd4e99b +Author: jmc@openbsd.org@openbsd.org +Date: Wed Oct 25 06:19:46 2017 +0000 + + upstream commit + + tweak the uri text, specifically removing some markup to + make it a bit more readable; + + issue reported by - and diff ok - millert + + OpenBSD-Commit-ID: 8b56a20208040b2d0633536fd926e992de37ef3f + +commit 7530e77bdc9415386d2a8ea3d086e8b611b2ba40 +Author: jmc@openbsd.org@openbsd.org +Date: Wed Oct 25 06:18:06 2017 +0000 + + upstream commit + + simplify macros in previous, and some minor tweaks; + + OpenBSD-Commit-ID: 6efeca3d8b095b76e21b484607d9cc67ac9a11ca + +commit eb9c582b710dc48976b48eb2204218f6863bae9a +Author: Damien Miller +Date: Tue Oct 31 00:46:29 2017 +1100 + + Switch upstream git repository. + + Previously portable OpenSSH has synced against a conversion of OpenBSD's + CVS repository made using the git cvsimport tool, but this has become + increasingly unreliable. + + As of this commit, portable OpenSSH now tracks a conversion of the + OpenBSD CVS upstream made using the excellent cvs2gitdump tool from + YASUOKA Masahiko: https://github.com/yasuoka/cvs2gitdump + + cvs2gitdump is considerably more reliable than gitcvsimport and the old + version of cvsps that it uses under the hood, and is the same tool used + to export the entire OpenBSD repository to git (so we know it can cope + with future growth). + + These new conversions are mirrored at github, so interested parties can + match portable OpenSSH commits to their upstream counterparts. + + https://github.com/djmdjm/openbsd-openssh-src + https://github.com/djmdjm/openbsd-openssh-regress + + An unfortunate side effect of switching upstreams is that we must have + a flag day, across which the upstream commit IDs will be inconsistent. + The old commit IDs are recorded with the tags "Upstream-ID" for main + directory commits and "Upstream-Regress-ID" for regress commits. + + To make it clear that the commit IDs do not refer to the same + things, the new repository will instead use "OpenBSD-ID" and + "OpenBSD-Regress-ID" tags instead. + + Apart from being a longwinded explanation of what is going on, this + commit message also serves to synchronise our tools with the state of + the tree, which happens to be: + + OpenBSD-ID: 9c43a9968c7929613284ea18e9fb92e4e2a8e4c1 + OpenBSD-Regress-ID: b33b385719420bf3bc57d664feda6f699c147fef + +commit 2de5c6b53bf063ac698596ef4e23d8e3099656ea +Author: Damien Miller +Date: Fri Oct 27 08:42:33 2017 +1100 + + fix rdomain compilation errors + +commit 6bd5b569fd6dfd5e8c8af20bbc41e45c2d6462ab +Author: Damien Miller +Date: Wed Oct 25 14:15:42 2017 +1100 + + autoconf glue to enable Linux VRF + +commit 97c5aaf925d61641d599071abb56012cde265978 +Author: Damien Miller +Date: Wed Oct 25 14:09:56 2017 +1100 + + basic valid_rdomain() implementation for Linux + +commit ce1cca39d7935dd394080ce2df62f5ce5b51f485 +Author: Damien Miller +Date: Wed Oct 25 13:47:59 2017 +1100 + + implement get/set_rdomain() for Linux + + Not enabled, pending implementation of valid_rdomain() and autoconf glue + +commit 6eee79f9b8d4a3b113b698383948a119acb82415 +Author: Damien Miller +Date: Wed Oct 25 13:22:29 2017 +1100 + + stubs for rdomain replacement functions + +commit f5594f939f844bbb688313697d6676238da355b3 +Author: Damien Miller +Date: Wed Oct 25 13:13:57 2017 +1100 + + rename port-tun.[ch] => port-net.[ch] + + Ahead of adding rdomain support + +commit d685e5a31feea35fb99e1a31a70b3c60a7f2a0eb +Author: djm@openbsd.org +Date: Wed Oct 25 02:10:39 2017 +0000 + + upstream commit + + uninitialised variable in PermitTunnel printing code + + Upstream-ID: f04dc33e42855704e116b8da61095ecc71bc9e9a + +commit 43c29bb7cfd46bbbc61e0ffa61a11e74d49a712f +Author: Damien Miller +Date: Wed Oct 25 13:10:59 2017 +1100 + + provide hooks and fallbacks for rdomain support + +commit 3235473bc8e075fad7216b7cd62fcd2b0320ea04 +Author: Damien Miller +Date: Wed Oct 25 11:25:43 2017 +1100 + + check for net/route.h and sys/sysctl.h + +commit 4d5456c7de108e17603a0920c4d15bca87244921 +Author: djm@openbsd.org +Date: Wed Oct 25 00:21:37 2017 +0000 + + upstream commit + + transfer ownership of stdout to the session channel by + dup2'ing /dev/null to fd 1. This allows propagation of remote stdout close to + the local side; reported by David Newall, ok markus@ + + Upstream-ID: 8d9ac18a11d89e6b0415f0cbf67b928ac67f0e79 + +commit 68af80e6fdeaeb79432209db614386ff0f37e75f +Author: djm@openbsd.org +Date: Wed Oct 25 00:19:47 2017 +0000 + + upstream commit + + add a "rdomain" criteria for the sshd_config Match + keyword to allow conditional configuration that depends on which rdomain(4) a + connection was recevied on. ok markus@ + + Upstream-ID: 27d8fd5a3f1bae18c9c6e533afdf99bff887a4fb + +commit 35eb33fb957979e3fcbe6ea0eaee8bf4a217421a +Author: djm@openbsd.org +Date: Wed Oct 25 00:17:08 2017 +0000 + + upstream commit + + add sshd_config RDomain keyword to place sshd and the + subsequent user session (including the shell and any TCP/IP forwardings) into + the specified rdomain(4) + + ok markus@ + + Upstream-ID: be2358e86346b5cacf20d90f59f980b87d1af0f5 + +commit acf559e1cffbd1d6167cc1742729fc381069f06b +Author: djm@openbsd.org +Date: Wed Oct 25 00:15:35 2017 +0000 + + upstream commit + + Add optional rdomain qualifier to sshd_config's + ListenAddress option to allow listening on a different rdomain(4), e.g. + + ListenAddress 0.0.0.0 rdomain 4 + + Upstream-ID: 24b6622c376feeed9e9be8b9605e593695ac9091 + +commit b9903ee8ee8671b447fc260c2bee3761e26c7227 +Author: millert@openbsd.org +Date: Tue Oct 24 19:41:45 2017 +0000 + + upstream commit + + Kill dead store and some spaces vs. tabs indent in + parse_user_host_path(). Noticed by markus@ + + Upstream-ID: 114fec91dadf9af46c7c94fd40fc630ea2de8200 + +commit 0869627e00f4ee2a038cb62d7bd9ffad405e1800 +Author: jmc@openbsd.org +Date: Tue Oct 24 06:27:42 2017 +0000 + + upstream commit + + tweak previous; ok djm + + Upstream-ID: 7d913981ab315296be1f759c67b6e17aea38fca9 + +commit e3fa20e2e58fdc88a0e842358778f2de448b771b +Author: Damien Miller +Date: Mon Oct 23 16:25:24 2017 +1100 + + avoid -Wsign-compare warning in argv copying + +commit b7548b12a6b2b4abf4d057192c353147e0abba08 +Author: djm@openbsd.org +Date: Mon Oct 23 05:08:00 2017 +0000 + + upstream commit + + Expose devices allocated for tun/tap forwarding. + + At the client, the device may be obtained from a new %T expansion + for LocalCommand. + + At the server, the allocated devices will be listed in a + SSH_TUNNEL variable exposed to the environment of any user sessions + started after the tunnel forwarding was established. + + ok markus + + Upstream-ID: e61e53f8ae80566e9ddc0d67a5df5bdf2f3c9f9e + +commit 887669ef032d63cf07f53cada216fa8a0c9a7d72 +Author: millert@openbsd.org +Date: Sat Oct 21 23:06:24 2017 +0000 + + upstream commit + + Add URI support to ssh, sftp and scp. For example + ssh://user@host or sftp://user@host/path. The connection parameters + described in draft-ietf-secsh-scp-sftp-ssh-uri-04 are not implemented since + the ssh fingerprint format in the draft uses md5 with no way to specify the + hash function type. OK djm@ + + Upstream-ID: 4ba3768b662d6722de59e6ecb00abf2d4bf9cacc + +commit d27bff293cfeb2252f4c7a58babe5ad3262c6c98 +Author: Damien Miller +Date: Fri Oct 20 13:22:00 2017 +1100 + + Fix missed RCSID merges + +commit d3b6aeb546242c9e61721225ac4387d416dd3d5e +Author: djm@openbsd.org +Date: Fri Oct 20 02:13:41 2017 +0000 + + upstream commit + + more RCSIDs + + Upstream-Regress-ID: 1aecbe3f8224793f0ec56741a86d619830eb33be + +commit b011edbb32e41aaab01386ce4c0efcc9ff681c4a +Author: djm@openbsd.org +Date: Fri Oct 20 01:56:39 2017 +0000 + + upstream commit + + add RCSIDs to these; they make syncing portable a bit + easier + + Upstream-ID: 56cb7021faea599736dd7e7f09c2e714425b1e68 + +commit 6eb27597781dccaf0ec2b80107a9f0592a0cb464 +Author: Damien Miller +Date: Fri Oct 20 12:54:15 2017 +1100 + + upstream commit + + Apply missing commit 1.11 to kexc25519s.c + + Upstream-ID: 5f020e23a1ee6c3597af1f91511e68552cdf15e8 + +commit 6f72280553cb6918859ebcacc717f2d2fafc1a27 +Author: Damien Miller +Date: Fri Oct 20 12:52:50 2017 +1100 + + upstream commit + + Apply missing commit 1.127 to servconf.h + + Upstream-ID: f14c4bac74a2b7cf1e3cff6bea5c447f192a7d15 + +commit bb3e16ab25cb911238c2eb7455f9cf490cb143cc +Author: jmc@openbsd.org +Date: Wed Oct 18 05:36:59 2017 +0000 + + upstream commit + + remove unused Pp; + + Upstream-ID: 8ad26467f1f6a40be887234085a8e01a61a00550 + +commit 05b69e99570553c8e1eafb895b1fbf1d098d2e14 +Author: djm@openbsd.org +Date: Wed Oct 18 02:49:44 2017 +0000 + + upstream commit + + In the description of pattern-lists, clarify negated + matches by explicitly stating that a negated match will never yield a + positive result, and that at least one positive term in the pattern-list must + match. bz#1918 + + Upstream-ID: 652d2f9d993f158fc5f83cef4a95cd9d95ae6a14 + +commit eb80e26a15c10bc65fed8b8cdb476819a713c0fd +Author: djm@openbsd.org +Date: Fri Oct 13 21:13:54 2017 +0000 + + upstream commit + + log debug messages sent to peer; ok deraadt markus + + Upstream-ID: 3b4fdc0a06ea5083f61d96e20043000f477103d9 + +commit 071325f458d615d7740da5c1c1d5a8b68a0b4605 +Author: jmc@openbsd.org +Date: Fri Oct 13 16:50:45 2017 +0000 + + upstream commit + + trim permitrootlogin description somewhat, to avoid + ambiguity; original diff from walter alejandro iglesias, tweaked by sthen and + myself + + ok sthen schwarze deraadt + + Upstream-ID: 1749418b2bc073f3fdd25fe21f8263c3637fe5d2 + +commit 10727487becb897a15f658e0cb2d05466236e622 +Author: djm@openbsd.org +Date: Fri Oct 13 06:45:18 2017 +0000 + + upstream commit + + mention SSH_USER_AUTH in the list of environment + variables + + Upstream-ID: 1083397c3ee54b4933121ab058c70a0fc6383691 + +commit 224f193d6a4b57e7a0cb2b9ecd3b6c54d721d8c2 +Author: djm@openbsd.org +Date: Fri Oct 13 06:24:51 2017 +0000 + + upstream commit + + BIO_get_mem_data() is supposed to take a char* as pointer + argument, so don't pass it a const char* + + Upstream-ID: 1ccd91eb7f4dd4f0fa812d4f956987cd00b5f6ec + +commit cfa46825b5ef7097373ed8e31b01a4538a8db565 +Author: benno@openbsd.org +Date: Mon Oct 9 20:12:51 2017 +0000 + + upstream commit + + clarify the order in which config statements are used. ok + jmc@ djm@ + + Upstream-ID: e37e27bb6bbac71315e22cb9690fd8a556a501ed + +commit dceabc7ad7ebc7769c8214a1647af64c9a1d92e5 +Author: djm@openbsd.org +Date: Thu Oct 5 15:52:03 2017 +0000 + + upstream commit + + replace statically-sized arrays in ServerOptions with + dynamic ones managed by xrecallocarray, removing some arbitrary (though + large) limits and saving a bit of memory; "much nicer" markus@ + + Upstream-ID: 1732720b2f478fe929d6687ac7b0a97ff2efe9d2 + +commit 2b4f3ab050c2aaf6977604dd037041372615178d +Author: jmc@openbsd.org +Date: Thu Oct 5 12:56:50 2017 +0000 + + upstream commit + + %C is hashed; from klemens nanni ok markus + + Upstream-ID: 6ebed7b2e1b6ee5402a67875d74f5e2859d8f998 + +commit a66714508b86d6814e9055fefe362d9fe4d49ab3 +Author: djm@openbsd.org +Date: Wed Oct 4 18:50:23 2017 +0000 + + upstream commit + + exercise PermitOpen a little more thoroughly + + Upstream-Regress-ID: f41592334e227a4c1f9a983044522de4502d5eac + +commit 609ecc8e57eb88e2eac976bd3cae7f7889aaeff6 +Author: dtucker@openbsd.org +Date: Tue Sep 26 22:39:25 2017 +0000 + + upstream commit + + UsePrivilegeSeparation is gone, stop trying to test it. + + Upstream-Regress-ID: 796a5057cfd79456a20ea935cc53f6eb80ace191 + +commit 69bda0228861f3dacd4fb3d28b60ce9d103d254b +Author: djm@openbsd.org +Date: Wed Oct 4 18:49:30 2017 +0000 + + upstream commit + + fix (another) problem in PermitOpen introduced during the + channels.c refactor: the third and subsequent arguments to PermitOpen were + being silently ignored; ok markus@ + + Upstream-ID: 067c89f1f53cbc381628012ba776d6861e6782fd + commit 66bf74a92131b7effe49fb0eefe5225151869dc5 Author: djm@openbsd.org Date: Mon Oct 2 19:33:20 2017 +0000 @@ -7110,2242 +9796,3 @@ Author: Darren Tucker Date: Mon Apr 4 11:07:59 2016 +1000 Fix configure-time warnings for openssl test. - -commit 95687f5831ae680f7959446d8ae4b52452ee05dd -Author: djm@openbsd.org -Date: Fri Apr 1 02:34:10 2016 +0000 - - upstream commit - - whitespace at EOL - - Upstream-ID: 40ae2203d07cb14e0a89e1a0d4c6120ee8fd8c3a - -commit fdfbf4580de09d84a974211715e14f88a5704b8e -Author: dtucker@openbsd.org -Date: Thu Mar 31 05:24:06 2016 +0000 - - upstream commit - - Remove fallback from moduli to "primes" file that was - deprecated in 2001 and fix log messages referring to primes file. Based on - patch from xnox at ubuntu.com via bz#2559. "kill it" deraadt@ - - Upstream-ID: 0d4f8c70e2fa7431a83b95f8ca81033147ba8713 - -commit 0235a5fa67fcac51adb564cba69011a535f86f6b -Author: djm@openbsd.org -Date: Thu Mar 17 17:19:43 2016 +0000 - - upstream commit - - UseDNS affects ssh hostname processing in authorized_keys, - not known_hosts; bz#2554 reported by jjelen AT redhat.com - - Upstream-ID: c1c1bb895dde46095fc6d81d8653703928437591 - -commit 8c4739338f5e379d05b19d6e544540114965f07e -Author: Darren Tucker -Date: Tue Mar 15 09:24:43 2016 +1100 - - Don't call Solaris setproject() with UsePAM=yes. - - When Solaris Projects are enabled along with PAM setting the project - is PAM's responsiblity. bz#2425, based on patch from - brent.paulson at gmail.com. - -commit cff26f373c58457a32cb263e212cfff53fca987b -Author: Damien Miller -Date: Tue Mar 15 04:30:21 2016 +1100 - - remove slogin from *.spec - -commit c38905ba391434834da86abfc988a2b8b9b62477 -Author: djm@openbsd.org -Date: Mon Mar 14 16:20:54 2016 +0000 - - upstream commit - - unbreak authentication using lone certificate keys in - ssh-agent: when attempting pubkey auth with a certificate, if no separate - private key is found among the keys then try with the certificate key itself. - - bz#2550 reported by Peter Moody - - Upstream-ID: f939cd76d68e6a9a3d1711b5a943d6ed1e623966 - -commit 4b4bfb01cd40b9ddb948e6026ddd287cc303d871 -Author: djm@openbsd.org -Date: Thu Mar 10 11:47:57 2016 +0000 - - upstream commit - - sanitise characters destined for xauth reported by - github.com/tintinweb feedback and ok deraadt and markus - - Upstream-ID: 18ad8d0d74cbd2ea3306a16595a306ee356aa261 - -commit 732b463d37221722b1206f43aa59563766a6a968 -Author: Darren Tucker -Date: Mon Mar 14 16:04:23 2016 +1100 - - Pass supported malloc options to connect-privsep. - - This allows us to activate only the supported options during the malloc - option portion of the connect-privsep test. - -commit d29c5b9b3e9f27394ca97a364ed4bb4a55a59744 -Author: Darren Tucker -Date: Mon Mar 14 09:30:58 2016 +1100 - - Remove leftover roaming.h file. - - Pointed out by des at des.no. - -commit 8ff20ec95f4377021ed5e9b2331320f5c5a34cea -Author: Darren Tucker -Date: Mon Mar 14 09:24:03 2016 +1100 - - Quote variables that may contain whitespace. - - The variable $L_TMP_ID_FILE needs to be surrounded by quotes in order to - survive paths containing whitespace. bz#2551, from Corinna Vinschen via - Philip Hands. - -commit 627824480c01f0b24541842c7206ab9009644d02 -Author: Darren Tucker -Date: Fri Mar 11 14:47:41 2016 +1100 - - Include priv.h for priv_set_t. - - From alex at cooperi.net. - -commit e960051f9a264f682c4d2fefbeecffcfc66b0ddf -Author: Darren Tucker -Date: Wed Mar 9 13:14:18 2016 +1100 - - Wrap stdint.h inside #ifdef HAVE_STDINT_H. - -commit 2c48bd344d2c4b5e08dae9aea5ff44fc19a5e363 -Author: Darren Tucker -Date: Wed Mar 9 12:46:50 2016 +1100 - - Add compat to monotime_double(). - - Apply all of the portability changes in monotime() to monotime() double. - Fixes build on at least older FreeBSD systems. - -commit 7b40ef6c2eef40c339f6ea8920cb8a44838e10c9 -Author: Damien Miller -Date: Tue Mar 8 14:12:58 2016 -0800 - - make a regress-binaries target - - Easier to build all the regression/unit test binaries in one pass - than going through all of ${REGRESS_BINARIES} - -commit c425494d6b6181beb54a1b3763ef9e944fd3c214 -Author: Damien Miller -Date: Tue Mar 8 14:03:54 2016 -0800 - - unbreak kexfuzz for -Werror without __bounded__ - -commit 3ed9218c336607846563daea5d5ab4f701f4e042 -Author: Damien Miller -Date: Tue Mar 8 14:01:29 2016 -0800 - - unbreak PAM after canohost refactor - -commit 885fb2a44ff694f01e4f6470f803629e11f62961 -Author: Darren Tucker -Date: Tue Mar 8 11:58:43 2016 +1100 - - auth_get_canonical_hostname in portable code. - - "refactor canohost.c" replaced get_canonical_hostname, this makes the - same change to some portable-specific code. - -commit 95767262caa6692eff1e1565be1f5cb297949a89 -Author: djm@openbsd.org -Date: Mon Mar 7 19:02:43 2016 +0000 - - upstream commit - - refactor canohost.c: move functions that cache results closer - to the places that use them (authn and session code). After this, no state is - cached in canohost.c - - feedback and ok markus@ - - Upstream-ID: 5f2e4df88d4803fc8ec59ec53629105e23ce625e - -commit af0bb38ffd1f2c4f9f43b0029be2efe922815255 -Author: Damien Miller -Date: Fri Mar 4 15:11:55 2016 +1100 - - hook unittests/misc/kexfuzz into build - -commit 331b8e07ee5bcbdca12c11cc8f51a7e8de09b248 -Author: dtucker@openbsd.org -Date: Fri Mar 4 02:48:06 2016 +0000 - - upstream commit - - Filter debug messages out of log before picking the last - two lines. Should prevent problems if any more debug output is added late in - the connection. - - Upstream-Regress-ID: 345d0a9589c381e7d640a4ead06cfaadf4db1363 - -commit 0892edaa3ce623381d3a7635544cbc69b31cf9cb -Author: djm@openbsd.org -Date: Fri Mar 4 02:30:36 2016 +0000 - - upstream commit - - add KEX fuzzer harness; ok deraadt@ - - Upstream-Regress-ID: 3df5242d30551b12b828aa9ba4a4cec0846be8d1 - -commit ae2562c47d41b68dbb00240fd6dd60bed205367a -Author: dtucker@openbsd.org -Date: Thu Mar 3 00:46:53 2016 +0000 - - upstream commit - - Look back 3 lines for possible error messages. Changes - to the code mean that "Bad packet length" errors are 3 lines back instead of - the previous two, which meant we didn't skip some offsets that we intended - to. - - Upstream-Regress-ID: 24f36912740a634d509a3144ebc8eb7c09b9c684 - -commit 988e429d903acfb298bfddfd75e7994327adfed0 -Author: djm@openbsd.org -Date: Fri Mar 4 03:35:44 2016 +0000 - - upstream commit - - fix ClientAliveInterval when a time-based RekeyLimit is - set; previously keepalive packets were not being sent. bz#2252 report and - analysis by Christian Wittenhorst and Garrett Lee feedback and ok dtucker@ - - Upstream-ID: d48f9deadd35fdacdd5106b41bb07630ddd4aa81 - -commit 8ef04d7a94bcdb8b0085fdd2a79a844b7d40792d -Author: dtucker@openbsd.org -Date: Wed Mar 2 22:43:52 2016 +0000 - - upstream commit - - Improve accuracy of reported transfer speeds by waiting - for the ack from the other end. Pointed out by mmcc@, ok deraadt@ markus@ - - Upstream-ID: 99f1cf15c9a8f161086b814d414d862795ae153d - -commit b8d4eafe29684fe4f5bb587f7eab948e6ed62723 -Author: dtucker@openbsd.org -Date: Wed Mar 2 22:42:40 2016 +0000 - - upstream commit - - Improve precision of progressmeter for sftp and scp by - storing sub-second timestamps. Pointed out by mmcc@, ok deraadt@ markus@ - - Upstream-ID: 38fd83a3d83dbf81c8ff7b5d1302382fe54970ab - -commit 18f64b969c70ed00e74b9d8e50359dbe698ce4c0 -Author: jca@openbsd.org -Date: Mon Feb 29 20:22:36 2016 +0000 - - upstream commit - - Print ssize_t with %zd; ok deraadt@ mmcc@ - - Upstream-ID: 0590313bbb013ff6692298c98f7e0be349d124bd - -commit 6e7f68ce38130c794ec1fb8d2a6091fbe982628d -Author: djm@openbsd.org -Date: Sun Feb 28 22:27:00 2016 +0000 - - upstream commit - - rearrange DH public value tests to be a little more clear - - rearrange DH private value generation to explain rationale more - clearly and include an extra sanity check. - - ok deraadt - - Upstream-ID: 9ad8a07e1a12684e1b329f9bd88941b249d4b2ad - -commit 2ed17aa34008bdfc8db674315adc425a0712be11 -Author: Darren Tucker -Date: Tue Mar 1 15:24:20 2016 +1100 - - Import updated moduli file from OpenBSD. - - Note that 1.5k bit groups have been removed. - -commit 72b061d4ba0f909501c595d709ea76e06b01e5c9 -Author: Darren Tucker -Date: Fri Feb 26 14:40:04 2016 +1100 - - Add a note about using xlc on AIX. - -commit fd4e4f2416baa2e6565ea49d52aade296bad3e28 -Author: Darren Tucker -Date: Wed Feb 24 10:44:25 2016 +1100 - - Skip PrintLastLog in config dump mode. - - When DISABLE_LASTLOG is set, do not try to include PrintLastLog in the - config dump since it'll be reported as UNKNOWN. - -commit 99135c764fa250801da5ec3b8d06cbd0111caae8 -Author: Damien Miller -Date: Tue Feb 23 20:17:23 2016 +1100 - - update spec/README versions ahead of release - -commit b86a334aaaa4d1e643eb1fd71f718573d6d948b5 -Author: Damien Miller -Date: Tue Feb 23 20:16:53 2016 +1100 - - put back portable patchlevel to p1 - -commit 555dd35ff176847e3c6bd068ba2e8db4022eb24f -Author: djm@openbsd.org -Date: Tue Feb 23 09:14:34 2016 +0000 - - upstream commit - - openssh-7.2 - - Upstream-ID: 9db776b26014147fc907ece8460ef2bcb0f11e78 - -commit 1acc058d0a7913838c830ed998a1a1fb5b7864bf -Author: Damien Miller -Date: Tue Feb 23 16:12:13 2016 +1100 - - Disable tests where fs perms are incorrect - - Some tests have strict requirements on the filesystem permissions - for certain files and directories. This adds a regress/check-perm - tool that copies the relevant logic from sshd to exactly test - the paths in question. This lets us skip tests when the local - filesystem doesn't conform to our expectations rather than - continuing and failing the test run. - - ok dtucker@ - -commit 39f303b1f36d934d8410b05625f25c7bcb75db4d -Author: Damien Miller -Date: Tue Feb 23 12:56:59 2016 +1100 - - fix sandbox on OSX Lion - - sshd was failing with: - - ssh_sandbox_child: sandbox_init: dlopen(/usr/lib/libsandbox.1.dylib, 261):cw - image not found [preauth] - - caused by chroot before sandboxing. Avoid by explicitly linking libsandbox - to sshd. Spotted by Darren. - -commit 0d1451a32c7436e6d3d482351e776bc5e7824ce4 -Author: djm@openbsd.org -Date: Tue Feb 23 01:34:14 2016 +0000 - - upstream commit - - fix spurious error message when incorrect passphrase - entered for keys; reported by espie@ ok deraadt@ - - Upstream-ID: 58b2e46e63ed6912ed1ee780bd3bd8560f9a5899 - -commit 09d87d79741beb85768b5e788d7dfdf4bc3543dc -Author: sobrado@openbsd.org -Date: Sat Feb 20 23:06:23 2016 +0000 - - upstream commit - - set ssh(1) protocol version to 2 only. - - ok djm@ - - Upstream-ID: e168daf9d27d7e392e3c9923826bd8e87b2b3a10 - -commit 9262e07826ba5eebf8423f7ac9e47ec488c47869 -Author: sobrado@openbsd.org -Date: Sat Feb 20 23:02:39 2016 +0000 - - upstream commit - - add missing ~/.ssh/id_ecdsa and ~/.ssh/id_ed25519 to - IdentityFile. - - ok djm@ - - Upstream-ID: 6ce99466312e4ae7708017c3665e3edb976f70cf - -commit c12f0fdce8f985fca8d71829fd64c5b89dc777f5 -Author: sobrado@openbsd.org -Date: Sat Feb 20 23:01:46 2016 +0000 - - upstream commit - - AddressFamily defaults to any. - - ok djm@ - - Upstream-ID: 0d94aa06a4b889bf57a7f631c45ba36d24c13e0c - -commit 907091acb188b1057d50c2158f74c3ecf1c2302b -Author: Darren Tucker -Date: Fri Feb 19 09:05:39 2016 +1100 - - Make Solaris privs code build on older systems. - - Not all systems with Solaris privs have priv_basicset so factor that - out and provide backward compatibility code. Similarly, not all have - PRIV_NET_ACCESS so wrap that in #ifdef. Based on code from - alex at cooperi.net and djm@ with help from carson at taltos.org and - wieland at purdue.edu. - -commit 292a8dee14e5e67dcd1b49ba5c7b9023e8420d59 -Author: djm@openbsd.org -Date: Wed Feb 17 22:20:14 2016 +0000 - - upstream commit - - rekey refactor broke SSH1; spotted by Tom G. Christensen - - Upstream-ID: 43f0d57928cc077c949af0bfa71ef574dcb58243 - -commit 3a13cb543df9919aec2fc6b75f3dd3802facaeca -Author: djm@openbsd.org -Date: Wed Feb 17 08:57:34 2016 +0000 - - upstream commit - - rsa-sha2-512,rsa-sha2-256 cannot be selected explicitly - in *KeyTypes options yet. Remove them from the lists of algorithms for now. - committing on behalf of markus@ ok djm@ - - Upstream-ID: c6e8820eb8e610ac21551832c0c89684a9a51bb7 - -commit a685ae8d1c24fb7c712c55a4f3280ee76f5f1e4b -Author: jmc@openbsd.org -Date: Wed Feb 17 07:38:19 2016 +0000 - - upstream commit - - since these pages now clearly tell folks to avoid v1, - normalise the docs from a v2 perspective (i.e. stop pointing out which bits - are v2 only); - - ok/tweaks djm ok markus - - Upstream-ID: eb474f8c36fb6a532dc05c282f7965e38dcfa129 - -commit c5c3f3279a0e4044b8de71b70d3570d692d0f29d -Author: djm@openbsd.org -Date: Wed Feb 17 05:29:04 2016 +0000 - - upstream commit - - make sandboxed privilege separation the default, not just - for new installs; "absolutely" deraadt@ - - Upstream-ID: 5221ef3b927d2df044e9aa3f5db74ae91743f69b - -commit eb3f7337a651aa01d5dec019025e6cdc124ed081 -Author: jmc@openbsd.org -Date: Tue Feb 16 07:47:54 2016 +0000 - - upstream commit - - no need to state that protocol 2 is the default twice; - - Upstream-ID: b1e4c36b0c2e12e338e5b66e2978f2ac953b95eb - -commit e7901efa9b24e5b0c7e74f2c5520d47eead4d005 -Author: djm@openbsd.org -Date: Tue Feb 16 05:11:04 2016 +0000 - - upstream commit - - Replace list of ciphers and MACs adjacent to -1/-2 flag - descriptions in ssh(1) with a strong recommendation not to use protocol 1. - Add a similar warning to the Protocol option descriptions in ssh_config(5) - and sshd_config(5); - - prompted by and ok mmcc@ - - Upstream-ID: 961f99e5437d50e636feca023978950a232ead5e - -commit 5a0fcb77287342e2fc2ba1cee79b6af108973dc2 -Author: djm@openbsd.org -Date: Tue Feb 16 03:37:48 2016 +0000 - - upstream commit - - add a "Close session" log entry (at loglevel=verbose) to - correspond to the existing "Starting session" one. Also include the session - id number to make multiplexed sessions more apparent. - - feedback and ok dtucker@ - - Upstream-ID: e72d2ac080e02774376325136e532cb24c2e617c - -commit 624fd395b559820705171f460dd33d67743d13d6 -Author: djm@openbsd.org -Date: Wed Feb 17 02:24:17 2016 +0000 - - upstream commit - - include bad $SSH_CONNECTION in failure output - - Upstream-Regress-ID: b22d72edfde78c403aaec2b9c9753ef633cc0529 - -commit 60d860e54b4f199e5e89963b1c086981309753cb -Author: Darren Tucker -Date: Wed Feb 17 13:37:09 2016 +1100 - - Rollback addition of va_start. - - va_start was added in 0f754e29dd3760fc0b172c1220f18b753fb0957e, however - it has the wrong number of args and it's not usable in non-variadic - functions anyway so it breaks things (for example Solaris 2.6 as - reported by Tom G. Christensen).i ok djm@ - -commit 2fee909c3cee2472a98b26eb82696297b81e0d38 -Author: Darren Tucker -Date: Wed Feb 17 09:48:15 2016 +1100 - - Look for gethostbyname in libresolv and libnsl. - - Should fix build problem on Solaris 2.6 reported by Tom G. Christensen. - -commit 5ac712d81a84396aab441a272ec429af5b738302 -Author: Damien Miller -Date: Tue Feb 16 10:45:02 2016 +1100 - - make existing ssh_malloc_init only for __OpenBSD__ - -commit 24c9bded569d9f2449ded73f92fb6d12db7a9eec -Author: djm@openbsd.org -Date: Mon Feb 15 23:32:37 2016 +0000 - - upstream commit - - memleak of algorithm name in mm_answer_sign; reported by - Jakub Jelen - - Upstream-ID: ccd742cd25952240ebd23d7d4d6b605862584d08 - -commit ffb1e7e896139a42ceb78676f637658f44612411 -Author: dtucker@openbsd.org -Date: Mon Feb 15 09:47:49 2016 +0000 - - upstream commit - - Add a function to enable security-related malloc_options. - With and ok deraadt@, something similar has been in the snaps for a while. - - Upstream-ID: 43a95523b832b7f3b943d2908662191110c380ed - -commit ef39e8c0497ff0564990a4f9e8b7338b3ba3507c -Author: Damien Miller -Date: Tue Feb 16 10:34:39 2016 +1100 - - sync ssh-copy-id with upstream 783ef08b0a75 - -commit d2d772f55b19bb0e8d03c2fe1b9bb176d9779efd -Author: djm@openbsd.org -Date: Fri Feb 12 00:20:30 2016 +0000 - - upstream commit - - avoid fatal() for PKCS11 tokens that present empty key IDs - bz#1773, ok markus@ - - Upstream-ID: 044a764fee526f2c4a9d530bd10695422d01fc54 - -commit e4c918a6c721410792b287c9fd21356a1bed5805 -Author: djm@openbsd.org -Date: Thu Feb 11 02:56:32 2016 +0000 - - upstream commit - - sync crypto algorithm lists in ssh_config(5) and - sshd_config(5) with current reality. bz#2527 - - Upstream-ID: d7fd1b6c1ed848d866236bcb1d7049d2bb9b2ff6 - -commit e30cabfa4ab456a30b3224f7f545f1bdfc4a2517 -Author: djm@openbsd.org -Date: Thu Feb 11 02:21:34 2016 +0000 - - upstream commit - - fix regression in openssh-6.8 sftp client: existing - destination directories would incorrectly terminate recursive uploads; - bz#2528 - - Upstream-ID: 3306be469f41f26758e3d447987ac6d662623e18 - -commit 714e367226ded4dc3897078be48b961637350b05 -Author: djm@openbsd.org -Date: Tue Feb 9 05:30:04 2016 +0000 - - upstream commit - - turn off more old crypto in the client: hmac-md5, ripemd, - truncated HMACs, RC4, blowfish. ok markus@ dtucker@ - - Upstream-ID: 96aa11c2c082be45267a690c12f1d2aae6acd46e - -commit 5a622844ff7f78dcb75e223399f9ef0977e8d0a3 -Author: djm@openbsd.org -Date: Mon Feb 8 23:40:12 2016 +0000 - - upstream commit - - don't attempt to percent_expand() already-canonicalised - addresses, avoiding unnecessary failures when attempting to connect to scoped - IPv6 addresses (that naturally contain '%' characters) - - Upstream-ID: f24569cffa1a7cbde5f08dc739a72f4d78aa5c6a - -commit 19bcf2ea2d17413f2d9730dd2a19575ff86b9b6a -Author: djm@openbsd.org -Date: Mon Feb 8 10:57:07 2016 +0000 - - upstream commit - - refactor activation of rekeying - - This makes automatic rekeying internal to the packet code (previously - the server and client loops needed to assist). In doing to it makes - application of rekey limits more accurate by accounting for packets - about to be sent as well as packets queued during rekeying events - themselves. - - Based on a patch from dtucker@ which was in turn based on a patch - Aleksander Adamowski in bz#2521; ok markus@ - - Upstream-ID: a441227fd64f9739850ca97b4cf794202860fcd8 - -commit 603ba41179e4b53951c7b90ee95b6ef3faa3f15d -Author: naddy@openbsd.org -Date: Fri Feb 5 13:28:19 2016 +0000 - - upstream commit - - Only check errno if read() has returned an error. EOF is - not an error. This fixes a problem where the mux master would sporadically - fail to notice that the client had exited. ok mikeb@ djm@ - - Upstream-ID: 3c2dadc21fac6ef64665688aac8a75fffd57ae53 - -commit 56d7dac790693ce420d225119283bc355cff9185 -Author: jsg@openbsd.org -Date: Fri Feb 5 04:31:21 2016 +0000 - - upstream commit - - avoid an uninitialised value when NumberOfPasswordPrompts - is 0 ok markus@ djm@ - - Upstream-ID: 11b068d83c2865343aeb46acf1e9eec00f829b6b - -commit deae7d52d59c5019c528f977360d87fdda15d20b -Author: djm@openbsd.org -Date: Fri Feb 5 03:07:06 2016 +0000 - - upstream commit - - mention internal DH-GEX fallback groups; bz#2302 - - Upstream-ID: e7b395fcca3122cd825515f45a2e41c9a157e09e - -commit cac3b6665f884d46192c0dc98a64112e8b11a766 -Author: djm@openbsd.org -Date: Fri Feb 5 02:37:56 2016 +0000 - - upstream commit - - better description for MaxSessions; bz#2531 - - Upstream-ID: e2c0d74ee185cd1a3e9d4ca1f1b939b745b354da - -commit 5ef4b0fdcc7a239577a754829b50022b91ab4712 -Author: Damien Miller -Date: Wed Jan 27 17:45:56 2016 +1100 - - avoid FreeBSD RCS Id in comment - - Change old $FreeBSD version string in comment so it doesn't - become an RCS ident downstream; requested by des AT des.no - -commit 696d12683c90d20a0a9c5f4275fc916b7011fb04 -Author: djm@openbsd.org -Date: Thu Feb 4 23:43:48 2016 +0000 - - upstream commit - - printf argument casts to avoid warnings on strict - compilers - - Upstream-ID: 7b9f6712cef01865ad29070262d366cf13587c9c - -commit 5658ef2501e785fbbdf5de2dc33b1ff7a4dca73a -Author: millert@openbsd.org -Date: Mon Feb 1 21:18:17 2016 +0000 - - upstream commit - - Avoid ugly "DISPLAY "(null)" invalid; disabling X11 - forwarding" message when DISPLAY is not set. This could also result in a - crash on systems with a printf that doesn't handle NULL. OK djm@ - - Upstream-ID: 20ee0cfbda678a247264c20ed75362042b90b412 - -commit 537f88ec7bcf40bd444ac5584c707c5588c55c43 -Author: dtucker@openbsd.org -Date: Fri Jan 29 05:18:15 2016 +0000 - - upstream commit - - Add regression test for RekeyLimit parsing of >32bit values - (4G and 8G). - - Upstream-Regress-ID: 548390350c62747b6234f522a99c319eee401328 - -commit 4c6cb8330460f94e6c7ae28a364236d4188156a3 -Author: dtucker@openbsd.org -Date: Fri Jan 29 23:04:46 2016 +0000 - - upstream commit - - Remove leftover roaming dead code. ok djm markus. - - Upstream-ID: 13d1f9c8b65a5109756bcfd3b74df949d53615be - -commit 28136471809806d6246ef41e4341467a39fe2f91 -Author: djm@openbsd.org -Date: Fri Jan 29 05:46:01 2016 +0000 - - upstream commit - - include packet type of non-data packets in debug3 output; - ok markus dtucker - - Upstream-ID: 034eaf639acc96459b9c5ce782db9fcd8bd02d41 - -commit 6fd6e28daccafaa35f02741036abe64534c361a1 -Author: dtucker@openbsd.org -Date: Fri Jan 29 03:31:03 2016 +0000 - - upstream commit - - Revert "account for packets buffered but not yet - processed" change as it breaks for very small RekeyLimit values due to - continuous rekeying. ok djm@ - - Upstream-ID: 7e03f636cb45ab60db18850236ccf19079182a19 - -commit 921ff00b0ac429666fb361d2d6cb1c8fff0006cb -Author: dtucker@openbsd.org -Date: Fri Jan 29 02:54:45 2016 +0000 - - upstream commit - - Allow RekeyLimits in excess of 4G up to 2**63 bits - (limited by the return type of scan_scaled). Part of bz#2521, ok djm. - - Upstream-ID: 13bea82be566b9704821b1ea05bf7804335c7979 - -commit c0060a65296f01d4634f274eee184c0e93ba0f23 -Author: dtucker@openbsd.org -Date: Fri Jan 29 02:42:46 2016 +0000 - - upstream commit - - Account for packets buffered but not yet processed when - computing whether or not it is time to perform rekeying. bz#2521, based - loosely on a patch from olo at fb.com, ok djm@ - - Upstream-ID: 67e268b547f990ed220f3cb70a5624d9bda12b8c - -commit 44cf930e670488c85c9efeb373fa5f4b455692ac -Author: djm@openbsd.org -Date: Wed Jan 27 06:44:58 2016 +0000 - - upstream commit - - change old $FreeBSD version string in comment so it doesn't - become an RCS ident downstream; requested by des AT des.no - - Upstream-ID: 8ca558c01f184e596b45e4fc8885534b2c864722 - -commit ebacd377769ac07d1bf3c75169644336056b7060 -Author: djm@openbsd.org -Date: Wed Jan 27 00:53:12 2016 +0000 - - upstream commit - - make the debug messages a bit more useful here - - Upstream-ID: 478ccd4e897e0af8486b294aa63aa3f90ab78d64 - -commit 458abc2934e82034c5c281336d8dc0f910aecad3 -Author: jsg@openbsd.org -Date: Sat Jan 23 05:31:35 2016 +0000 - - upstream commit - - Zero a stack buffer with explicit_bzero() instead of - memset() when returning from client_loop() for consistency with - buffer_free()/sshbuf_free(). - - ok dtucker@ deraadt@ djm@ - - Upstream-ID: bc9975b2095339811c3b954694d7d15ea5c58f66 - -commit 65a3c0dacbc7dbb75ddb6a70ebe22d8de084d0b0 -Author: dtucker@openbsd.org -Date: Wed Jan 20 09:22:39 2016 +0000 - - upstream commit - - Include sys/time.h for gettimeofday. From sortie at - maxsi.org. - - Upstream-ID: 6ed0c33b836d9de0a664cd091e86523ecaa2fb3b - -commit fc77ccdc2ce6d5d06628b8da5048a6a5f6ffca5a -Author: markus@openbsd.org -Date: Thu Jan 14 22:56:56 2016 +0000 - - upstream commit - - fd leaks; report Qualys Security Advisory team; ok - deraadt@ - - Upstream-ID: 4ec0f12b9d8fa202293c9effa115464185aa071d - -commit a306863831c57ec5fad918687cc5d289ee8e2635 -Author: markus@openbsd.org -Date: Thu Jan 14 16:17:39 2016 +0000 - - upstream commit - - remove roaming support; ok djm@ - - Upstream-ID: 2cab8f4b197bc95776fb1c8dc2859dad0c64dc56 - -commit 6ef49e83e30688504552ac10875feabd5521565f -Author: deraadt@openbsd.org -Date: Thu Jan 14 14:34:34 2016 +0000 - - upstream commit - - Disable experimental client-side roaming support. Server - side was disabled/gutted for years already, but this aspect was surprisingly - forgotten. Thanks for report from Qualys - - Upstream-ID: 2328004b58f431a554d4c1bf67f5407eae3389df - -commit 8d7b523b96d3be180572d9d338cedaafc0570f60 -Author: Damien Miller -Date: Thu Jan 14 11:08:19 2016 +1100 - - bump version numbers - -commit 8c3d512a1fac8b9c83b4d0c9c3f2376290bd84ca -Author: Damien Miller -Date: Thu Jan 14 11:04:04 2016 +1100 - - openssh-7.1p2 - -commit e6c85f8889c5c9eb04796fdb76d2807636b9eef5 -Author: Damien Miller -Date: Fri Jan 15 01:30:36 2016 +1100 - - forcibly disable roaming support in the client - -commit ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c -Author: djm@openbsd.org -Date: Wed Jan 13 23:04:47 2016 +0000 - - upstream commit - - eliminate fallback from untrusted X11 forwarding to trusted - forwarding when the X server disables the SECURITY extension; Reported by - Thomas Hoger; ok deraadt@ - - Upstream-ID: f76195bd2064615a63ef9674a0e4096b0713f938 - -commit 9a728cc918fad67c8a9a71201088b1e150340ba4 -Author: djm@openbsd.org -Date: Tue Jan 12 23:42:54 2016 +0000 - - upstream commit - - use explicit_bzero() more liberally in the buffer code; ok - deraadt - - Upstream-ID: 0ece37069fd66bc6e4f55eb1321f93df372b65bf - -commit 4626cbaf78767fc8e9c86dd04785386c59ae0839 -Author: Damien Miller -Date: Fri Jan 8 14:24:56 2016 +1100 - - Support Illumos/Solaris fine-grained privileges - - Includes a pre-auth privsep sandbox and several pledge() - emulations. bz#2511, patch by Alex Wilson. - - ok dtucker@ - -commit 422d1b3ee977ff4c724b597fb2e437d38fc8de9d -Author: djm@openbsd.org -Date: Thu Dec 31 00:33:52 2015 +0000 - - upstream commit - - fix three bugs in KRL code related to (unused) signature - support: verification length was being incorrectly calculated, multiple - signatures were being incorrectly processed and a NULL dereference that - occurred when signatures were verified. Reported by Carl Jackson - - Upstream-ID: e705e97ad3ccce84291eaa651708dd1b9692576b - -commit 6074c84bf95d00f29cc7d5d3cd3798737851aa1a -Author: djm@openbsd.org -Date: Wed Dec 30 23:46:14 2015 +0000 - - upstream commit - - unused prototype - - Upstream-ID: f3eef4389d53ed6c0d5c77dcdcca3060c745da97 - -commit 6213f0e180e54122bb1ba928e11c784e2b4e5380 -Author: guenther@openbsd.org -Date: Sat Dec 26 20:51:35 2015 +0000 - - upstream commit - - Use pread/pwrite instead separate lseek+read/write for - lastlog. Cast to off_t before multiplication to avoid truncation on ILP32 - - ok kettenis@ mmcc@ - - Upstream-ID: fc40092568cd195719ddf1a00aa0742340d616cf - -commit d7d2bc95045a43dd56ea696cc1d030ac9d77e81f -Author: semarie@openbsd.org -Date: Sat Dec 26 07:46:03 2015 +0000 - - upstream commit - - adjust pledge promises for ControlMaster: when using - "ask" or "autoask", the process will use ssh-askpass for asking confirmation. - - problem found by halex@ - - ok halex@ - - Upstream-ID: 38a58b30ae3eef85051c74d3c247216ec0735f80 - -commit 271df8185d9689b3fb0523f58514481b858f6843 -Author: djm@openbsd.org -Date: Sun Dec 13 22:42:23 2015 +0000 - - upstream commit - - unbreak connections with peers that set - first_kex_follows; fix from Matt Johnston va bz#2515 - - Upstream-ID: decc88ec4fc7515594fdb42b04aa03189a44184b - -commit 43849a47c5f8687699eafbcb5604f6b9c395179f -Author: doug@openbsd.org -Date: Fri Dec 11 17:41:37 2015 +0000 - - upstream commit - - Add "id" to ssh-agent pledge for subprocess support. - - Found the hard way by Jan Johansson when using ssh-agent with X. Also, - rearranged proc/exec and retval to match other pledge calls in the tree. - - ok djm@ - - Upstream-ID: 914255f6850e5e7fa830a2de6c38605333b584db - -commit 52d7078421844b2f88329f5be3de370b0a938636 -Author: mmcc@openbsd.org -Date: Fri Dec 11 04:21:11 2015 +0000 - - upstream commit - - Remove NULL-checks before sshbuf_free(). - - ok djm@ - - Upstream-ID: 5ebed00ed5f9f03b119a345085e8774565466917 - -commit a4b9e0f4e4a6980a0eb8072f76ea611cab5b77e7 -Author: djm@openbsd.org -Date: Fri Dec 11 03:24:25 2015 +0000 - - upstream commit - - include remote port number in a few more messages; makes - tying log messages together into a session a bit easier; bz#2503 ok dtucker@ - - Upstream-ID: 9300dc354015f7a7368d94a8ff4a4266a69d237e - -commit 6091c362e89079397e68744ae30df121b0a72c07 -Author: djm@openbsd.org -Date: Fri Dec 11 03:20:09 2015 +0000 - - upstream commit - - don't try to load SSHv1 private key when compiled without - SSHv1 support. From Iain Morgan bz#2505 - - Upstream-ID: 8b8e7b02a448cf5e5635979df2d83028f58868a7 - -commit cce6a36bb95e81fa8bfb46daf22eabcf13afc352 -Author: djm@openbsd.org -Date: Fri Dec 11 03:19:09 2015 +0000 - - upstream commit - - use SSH_MAX_PUBKEY_BYTES consistently as buffer size when - reading key files. Increase it to match the size of the buffers already being - used. - - Upstream-ID: 1b60586b484b55a947d99a0b32bd25e0ced56fae - -commit 89540b6de025b80404a0cb8418c06377f3f98848 -Author: mmcc@openbsd.org -Date: Fri Dec 11 02:31:47 2015 +0000 - - upstream commit - - Remove NULL-checks before sshkey_free(). - - ok djm@ - - Upstream-ID: 3e35afe8a25e021216696b5d6cde7f5d2e5e3f52 - -commit 79394ed6d74572c2d2643d73937dad33727fc240 -Author: dtucker@openbsd.org -Date: Fri Dec 11 02:29:03 2015 +0000 - - upstream commit - - fflush stdout so that output is seen even when running in - debug mode when output may otherwise not be flushed. Patch from dustin at - null-ptr.net. - - Upstream-ID: b0c6b4cd2cdb01d7e9eefbffdc522e35b5bc4acc - -commit ee607cccb6636eb543282ba90e0677b0604d8b7a -Author: Darren Tucker -Date: Tue Dec 15 15:23:49 2015 +1100 - - Increase robustness of redhat/openssh.spec - - - remove configure --with-rsh, because this option isn't supported anymore - - replace last occurrence of BuildPreReq by BuildRequires - - update grep statement to query the krb5 include directory - - Patch from CarstenGrohmann via github, ok djm. - -commit b5fa0cd73555b991a543145603658d7088ec6b60 -Author: Darren Tucker -Date: Tue Dec 15 15:10:32 2015 +1100 - - Allow --without-ssl-engine with --without-openssl - - Patch from Mike Frysinger via github. - -commit c1d7e546f6029024f3257cc25c92f2bddf163125 -Author: Darren Tucker -Date: Tue Dec 15 14:27:09 2015 +1100 - - Include openssl crypto.h for SSLeay. - - Patch from doughdemon via github. - -commit c6f5f01651526e88c00d988ce59d71f481ebac62 -Author: Darren Tucker -Date: Tue Dec 15 13:59:12 2015 +1100 - - Add sys/time.h for gettimeofday. - - Should allow it it compile with MUSL libc. Based on patch from - doughdemon via github. - -commit 39736be06c7498ef57d6970f2d85cf066ae57c82 -Author: djm@openbsd.org -Date: Fri Dec 11 02:20:28 2015 +0000 - - upstream commit - - correct error messages; from Tomas Kuthan bz#2507 - - Upstream-ID: 7454a0affeab772398052954c79300aa82077093 - -commit 94141b7ade24afceeb6762a3f99e09e47a6c42b6 -Author: mmcc@openbsd.org -Date: Fri Dec 11 00:20:04 2015 +0000 - - upstream commit - - Pass (char *)NULL rather than (char *)0 to execl and - execlp. - - ok dtucker@ - - Upstream-ID: 56c955106cbddba86c3dd9bbf786ac0d1b361492 - -commit d59ce08811bf94111c2f442184cf7d1257ffae24 -Author: mmcc@openbsd.org -Date: Thu Dec 10 17:08:40 2015 +0000 - - upstream commit - - Remove NULL-checks before free(). - - ok dtucker@ - - Upstream-ID: e3d3cb1ce900179906af36517b5eea0fb15e6ef8 - -commit 8e56dd46cb37879c73bce2d6032cf5e7f82d5a71 -Author: mmcc@openbsd.org -Date: Thu Dec 10 07:01:35 2015 +0000 - - upstream commit - - Fix a couple "the the" typos. ok dtucker@ - - Upstream-ID: ec364c5af32031f013001fd28d1bd3dfacfe9a72 - -commit 6262a0522ddc2c0f2e9358dcb68d59b46e9c533e -Author: markus@openbsd.org -Date: Mon Dec 7 20:04:09 2015 +0000 - - upstream commit - - stricter encoding type checks for ssh-rsa; ok djm@ - - Upstream-ID: 8cca7c787599a5e8391e184d0b4f36fdc3665650 - -commit d86a3ba7af160c13496102aed861ae48a4297072 -Author: Damien Miller -Date: Wed Dec 9 09:18:45 2015 +1100 - - Don't set IPV6_V6ONLY on OpenBSD - - It isn't necessary and runs afoul of pledge(2) restrictions. - -commit da98c11d03d819a15429d8fff9688acd7505439f -Author: djm@openbsd.org -Date: Mon Dec 7 02:20:46 2015 +0000 - - upstream commit - - basic unit tests for rsa-sha2-* signature types - - Upstream-Regress-ID: 7dc4b9db809d578ff104d591b4d86560c3598d3c - -commit 3da893fdec9936dd2c23739cdb3c0c9d4c59fca0 -Author: markus@openbsd.org -Date: Sat Dec 5 20:53:21 2015 +0000 - - upstream commit - - prefer rsa-sha2-512 over -256 for hostkeys, too; noticed - by naddy@ - - Upstream-ID: 685f55f7ec566a8caca587750672723a0faf3ffe - -commit 8b56e59714d87181505e4678f0d6d39955caf10e -Author: tobias@openbsd.org -Date: Fri Dec 4 21:51:06 2015 +0000 - - upstream commit - - Properly handle invalid %-format by calling fatal. - - ok deraadt, djm - - Upstream-ID: 5692bce7d9f6eaa9c488cb93d3b55e758bef1eac - -commit 76c9fbbe35aabc1db977fb78e827644345e9442e -Author: markus@openbsd.org -Date: Fri Dec 4 16:41:28 2015 +0000 - - upstream commit - - implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures - (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and - draft-ssh-ext-info-04.txt; with & ok djm@ - - Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309 - -commit 6064a8b8295cb5a17b5ebcfade53053377714f40 -Author: djm@openbsd.org -Date: Fri Dec 4 00:24:55 2015 +0000 - - upstream commit - - clean up agent_fd handling; properly initialise it to -1 - and make tests consistent - - ok markus@ - - Upstream-ID: ac9554323d5065745caf17b5e37cb0f0d4825707 - -commit b91926a97620f3e51761c271ba57aa5db790f48d -Author: semarie@openbsd.org -Date: Thu Dec 3 17:00:18 2015 +0000 - - upstream commit - - pledges ssh client: - mux client: which is used when - ControlMaster is in use. will end with "stdio proc tty" (proc is to - permit sending SIGWINCH to mux master on window resize) - - - client loop: several levels of pledging depending of your used options - - ok deraadt@ - - Upstream-ID: 21676155a700e51f2ce911e33538e92a2cd1d94b - -commit bcce47466bbc974636f588b5e4a9a18ae386f64a -Author: doug@openbsd.org -Date: Wed Dec 2 08:30:50 2015 +0000 - - upstream commit - - Add "cpath" to the ssh-agent pledge so the cleanup - handler can unlink(). - - ok djm@ - - Upstream-ID: 9e632991d48241d56db645602d381253a3d8c29d - -commit a90d001543f46716b6590c6dcc681d5f5322f8cf -Author: djm@openbsd.org -Date: Wed Dec 2 08:00:58 2015 +0000 - - upstream commit - - ssh-agent pledge needs proc for askpass; spotted by todd@ - - Upstream-ID: 349aa261b29cc0e7de47ef56167769c432630b2a - -commit d952162b3c158a8f23220587bb6c8fcda75da551 -Author: djm@openbsd.org -Date: Tue Dec 1 23:29:24 2015 +0000 - - upstream commit - - basic pledge() for ssh-agent, more refinement needed - - Upstream-ID: 5b5b03c88162fce549e45e1b6dd833f20bbb5e13 - -commit f0191d7c8e76e30551084b79341886d9bb38e453 -Author: Damien Miller -Date: Mon Nov 30 10:53:25 2015 +1100 - - Revert "stub for pledge(2) for systems that lack it" - - This reverts commit 14c887c8393adde2d9fd437d498be30f8c98535c. - - dtucker beat me to it :/ - -commit 6283cc72eb0e49a3470d30e07ca99a1ba9e89676 -Author: Damien Miller -Date: Mon Nov 30 10:37:03 2015 +1100 - - revert 7d4c7513: bring back S/Key prototypes - - (but leave RCSID changes) - -commit 14c887c8393adde2d9fd437d498be30f8c98535c -Author: Damien Miller -Date: Mon Nov 30 09:45:29 2015 +1100 - - stub for pledge(2) for systems that lack it - -commit 452c0b6af5d14c37553e30059bf74456012493f3 -Author: djm@openbsd.org -Date: Sun Nov 29 22:18:37 2015 +0000 - - upstream commit - - pledge, better fatal() messages; feedback deraadt@ - - Upstream-ID: 3e00f6ccfe2b9a7a2d1dbba5409586180801488f - -commit 6da413c085dba37127687b2617a415602505729b -Author: deraadt@openbsd.org -Date: Sat Nov 28 06:50:52 2015 +0000 - - upstream commit - - do not leak temp file if there is no known_hosts file - from craig leres, ok djm - - Upstream-ID: c820497fd5574844c782e79405c55860f170e426 - -commit 3ddd15e1b63a4d4f06c8ab16fbdd8a5a61764f16 -Author: Darren Tucker -Date: Mon Nov 30 07:23:53 2015 +1100 - - Add a null implementation of pledge. - - Fixes builds on almost everything. - -commit b1d6b3971ef256a08692efc409fc9ada719111cc -Author: djm@openbsd.org -Date: Sat Nov 28 06:41:03 2015 +0000 - - upstream commit - - don't include port number in tcpip-forward replies for - requests that don't allocate a port; bz#2509 diagnosed by Ron Frederick ok - markus - - Upstream-ID: 77efad818addb61ec638b5a2362f1554e21a970a - -commit 9080bd0b9cf10d0f13b1f642f20cb84285cb8d65 -Author: deraadt@openbsd.org -Date: Fri Nov 27 00:49:31 2015 +0000 - - upstream commit - - pledge "stdio rpath wpath cpath fattr tty proc exec" - except for the -p option (which sadly has insane semantics...) ok semarie - dtucker - - Upstream-ID: 8854bbd58279abe00f6c33f8094bdc02c8c65059 - -commit 4d90625b229cf6b3551d81550a9861897509a65f -Author: halex@openbsd.org -Date: Fri Nov 20 23:04:01 2015 +0000 - - upstream commit - - allow comment change for all supported formats - - ok djm@ - - Upstream-ID: 5fc477cf2f119b2d44aa9c683af16cb00bb3744b - -commit 8ca915fc761519dd1f7766a550ec597a81db5646 -Author: djm@openbsd.org -Date: Fri Nov 20 01:45:29 2015 +0000 - - upstream commit - - add cast to make -Werror clean - - Upstream-ID: 288db4f8f810bd475be01320c198250a04ff064d - -commit ac9473580dcd401f8281305af98635cdaae9bf96 -Author: Damien Miller -Date: Fri Nov 20 12:35:41 2015 +1100 - - fix multiple authentication using S/Key w/ privsep - - bz#2502, patch from Kevin Korb and feandil_ - -commit 88b6fcdeb87a2fb76767854d9eb15006662dca57 -Author: djm@openbsd.org -Date: Thu Nov 19 08:23:27 2015 +0000 - - upstream commit - - ban ConnectionAttempts=0, it makes no sense and would cause - ssh_connect_direct() to print an uninitialised stack variable; bz#2500 - reported by dvw AT phas.ubc.ca - - Upstream-ID: 32b5134c608270583a90b93a07b3feb3cbd5f7d5 - -commit 964ab3ee7a8f96bdbc963d5b5a91933d6045ebe7 -Author: djm@openbsd.org -Date: Thu Nov 19 01:12:32 2015 +0000 - - upstream commit - - trailing whitespace - - Upstream-ID: 31fe0ad7c4d08e87f1d69c79372f5e3c5cd79051 - -commit f96516d052dbe38561f6b92b0e4365d8e24bb686 -Author: djm@openbsd.org -Date: Thu Nov 19 01:09:38 2015 +0000 - - upstream commit - - print host certificate contents at debug level - - Upstream-ID: 39354cdd8a2b32b308fd03f98645f877f540f00d - -commit 499cf36fecd6040e30e2912dd25655bc574739a7 -Author: djm@openbsd.org -Date: Thu Nov 19 01:08:55 2015 +0000 - - upstream commit - - move the certificate validity formatting code to - sshkey.[ch] - - Upstream-ID: f05f7c78fab20d02ff1d5ceeda533ef52e8fe523 - -commit bcb7bc77bbb1535d1008c7714085556f3065d99d -Author: djm@openbsd.org -Date: Wed Nov 18 08:37:28 2015 +0000 - - upstream commit - - fix "ssh-keygen -l" of private key, broken in support for - multiple plain keys on stdin - - Upstream-ID: 6b3132d2c62d03d0bad6f2bcd7e2d8b7dab5cd9d - -commit 259adb6179e23195c8f6913635ea71040d1ccd63 -Author: millert@openbsd.org -Date: Mon Nov 16 23:47:52 2015 +0000 - - upstream commit - - Replace remaining calls to index(3) with strchr(3). OK - jca@ krw@ - - Upstream-ID: 33837d767a0cf1db1489b96055f9e330bc0bab6d - -commit c56a255162c2166884539c0a1f7511575325b477 -Author: djm@openbsd.org -Date: Mon Nov 16 22:53:07 2015 +0000 - - upstream commit - - Allow fingerprinting from standard input "ssh-keygen -lf - -" - - Support fingerprinting multiple plain keys in a file and authorized_keys - files too (bz#1319) - - ok markus@ - - Upstream-ID: 903f8b4502929d6ccf53509e4e07eae084574b77 - -commit 5b4010d9b923cf1b46c9c7b1887c013c2967e204 -Author: djm@openbsd.org -Date: Mon Nov 16 22:51:05 2015 +0000 - - upstream commit - - always call privsep_preauth_child() regardless of whether - sshd was started by root; it does important priming before sandboxing and - failing to call it could result in sandbox violations later; ok markus@ - - Upstream-ID: c8a6d0d56c42f3faab38460dc917ca0d1705d383 - -commit 3a9f84b58b0534bbb485f1eeab75665e2d03371f -Author: djm@openbsd.org -Date: Mon Nov 16 22:50:01 2015 +0000 - - upstream commit - - improve sshkey_read() semantics; only update *cpp when a - key is successfully read; ok markus@ - - Upstream-ID: f371e78e8f4fab366cf69a42bdecedaed5d1b089 - -commit db6f8dc5dd5655b59368efd074994d4568bc3556 -Author: logan@openbsd.org -Date: Mon Nov 16 06:13:04 2015 +0000 - - upstream commit - - 1) Use xcalloc() instead of xmalloc() to check for - potential overflow. (Feedback from both mmcc@ and djm@) 2) move set_size - just before the for loop. (suggested by djm@) - - OK djm@ - - Upstream-ID: 013534c308187284756c3141f11d2c0f33c47213 - -commit 383f10fb84a0fee3c01f9d97594f3e22aa3cd5e0 -Author: djm@openbsd.org -Date: Mon Nov 16 00:30:02 2015 +0000 - - upstream commit - - Add a new authorized_keys option "restrict" that - includes all current and future key restrictions (no-*-forwarding, etc). Also - add permissive versions of the existing restrictions, e.g. "no-pty" -> "pty". - This simplifies the task of setting up restricted keys and ensures they are - maximally-restricted, regardless of any permissions we might implement in the - future. - - Example: - - restrict,pty,command="nethack" ssh-ed25519 AAAAC3NzaC1lZDI1... - - Idea from Jann Horn; ok markus@ - - Upstream-ID: 04ceb9d448e46e67e13887a7ae5ea45b4f1719d0 - -commit e41a071f7bda6af1fb3f081bed0151235fa61f15 -Author: jmc@openbsd.org -Date: Sun Nov 15 23:58:04 2015 +0000 - - upstream commit - - correct section number for ssh-agent; - - Upstream-ID: 44be72fd8bcc167635c49b357b1beea8d5674bd6 - -commit 1a11670286acddcc19f5eff0966c380831fc4638 -Author: jmc@openbsd.org -Date: Sun Nov 15 23:54:15 2015 +0000 - - upstream commit - - do not confuse mandoc by presenting "Dd"; - - Upstream-ID: 1470fce171c47b60bbc7ecd0fc717a442c2cfe65 - -commit f361df474c49a097bfcf16d1b7b5c36fcd844b4b -Author: jcs@openbsd.org -Date: Sun Nov 15 22:26:49 2015 +0000 - - upstream commit - - Add an AddKeysToAgent client option which can be set to - 'yes', 'no', 'ask', or 'confirm', and defaults to 'no'. When enabled, a - private key that is used during authentication will be added to ssh-agent if - it is running (with confirmation enabled if set to 'confirm'). - - Initial version from Joachim Schipper many years ago. - - ok markus@ - - Upstream-ID: a680db2248e8064ec55f8be72d539458c987d5f4 - -commit d87063d9baf5479b6e813d47dfb694a97df6f6f5 -Author: djm@openbsd.org -Date: Fri Nov 13 04:39:35 2015 +0000 - - upstream commit - - send SSH2_MSG_UNIMPLEMENTED replies to unexpected - messages during KEX; bz#2949, ok dtucker@ - - Upstream-ID: 2b3abdff344d53c8d505f45c83a7b12e84935786 - -commit 9fd04681a1e9b0af21e08ff82eb674cf0a499bfc -Author: djm@openbsd.org -Date: Fri Nov 13 04:38:06 2015 +0000 - - upstream commit - - Support "none" as an argument for sshd_config - ForceCommand and ChrootDirectory. Useful inside Match blocks to override a - global default. bz#2486 ok dtucker@ - - Upstream-ID: 7ef478d6592bc7db5c7376fc33b4443e63dccfa5 - -commit 94bc0b72c29e511cbbc5772190d43282e5acfdfe -Author: djm@openbsd.org -Date: Fri Nov 13 04:34:15 2015 +0000 - - upstream commit - - support multiple certificates (one per line) and - reading from standard input (using "-f -") for "ssh-keygen -L"; ok dtucker@ - - Upstream-ID: ecbadeeef3926e5be6281689b7250a32a80e88db - -commit b6b9108f5b561c83612cb97ece4134eb59fde071 -Author: djm@openbsd.org -Date: Fri Nov 13 02:57:46 2015 +0000 - - upstream commit - - list a couple more options usable in Match blocks; - bz#2489 - - Upstream-ID: e4d03f39d254db4c0cc54101921bb89fbda19879 - -commit a7994b3f5a5a5a33b52b0a6065d08e888f0a99fb -Author: djm@openbsd.org -Date: Wed Nov 11 04:56:39 2015 +0000 - - upstream commit - - improve PEEK/POKE macros: better casts, don't multiply - evaluate arguments; ok deraadt@ - - Upstream-ID: 9a1889e19647615ededbbabab89064843ba92d3e - -commit 7d4c7513a7f209cb303a608ac6e46b3f1dfc11ec -Author: djm@openbsd.org -Date: Wed Nov 11 01:48:01 2015 +0000 - - upstream commit - - remove prototypes for long-gone s/key support; ok - dtucker@ - - Upstream-ID: db5bed3c57118af986490ab23d399df807359a79 - -commit 07889c75926c040b8e095949c724e66af26441cb -Author: Damien Miller -Date: Sat Nov 14 18:44:49 2015 +1100 - - read back from libcrypto RAND when privdropping - - makes certain libcrypto implementations cache a /dev/urandom fd - in preparation of sandboxing. Based on patch by Greg Hartman. - -commit 1560596f44c01bb0cef977816410950ed17b8ecd -Author: Darren Tucker -Date: Tue Nov 10 11:14:47 2015 +1100 - - Fix compiler warnings in the openssl header check. - - Noted by Austin English. - -commit e72a8575ffe1d8adff42c9abe9ca36938acc036b -Author: jmc@openbsd.org -Date: Sun Nov 8 23:24:03 2015 +0000 - - upstream commit - - -c before -H, in SYNOPSIS and usage(); - - Upstream-ID: 25e8c58a69e1f37fcd54ac2cd1699370acb5e404 - -commit 3a424cdd21db08c7b0ded902f97b8f02af5aa485 -Author: djm@openbsd.org -Date: Sun Nov 8 22:30:20 2015 +0000 - - upstream commit - - Add "ssh-keyscan -c ..." flag to allow fetching - certificates instead of plain keys; ok markus@ - - Upstream-ID: 0947e2177dba92339eced9e49d3c5bf7dda69f82 - -commit 69fead5d7cdaa73bdece9fcba80f8e8e70b90346 -Author: jmc@openbsd.org -Date: Sun Nov 8 22:08:38 2015 +0000 - - upstream commit - - remove slogin links; ok deraadt markus djm - - Upstream-ID: 39ba08548acde4c54f2d4520c202c2a863a3c730 - -commit 2fecfd486bdba9f51b3a789277bb0733ca36e1c0 -Author: djm@openbsd.org -Date: Sun Nov 8 21:59:11 2015 +0000 - - upstream commit - - fix OOB read in packet code caused by missing return - statement found by Ben Hawkes; ok markus@ deraadt@ - - Upstream-ID: a3e3a85434ebfa0690d4879091959591f30efc62 - -commit 5e288923a303ca672b686908320bc5368ebec6e6 -Author: mmcc@openbsd.org -Date: Fri Nov 6 00:31:41 2015 +0000 - - upstream commit - - 1. rlogin and rsh are long gone 2. protocol version isn't - of core relevance here, and v1 is going away - - ok markus@, deraadt@ - - Upstream-ID: 8b46bc94cf1ca7c8c1a75b1c958b2bb38d7579c8 - -commit 8b29008bbe97f33381d9b4b93fcfa304168d0286 -Author: jmc@openbsd.org -Date: Thu Nov 5 09:48:05 2015 +0000 - - upstream commit - - "commandline" -> "command line", since there are so few - examples of the former in the pages, so many of the latter, and in some of - these pages we had multiple spellings; - - prompted by tj - - Upstream-ID: 78459d59bff74223f8139d9001ccd56fc4310659 - -commit 996b24cebf20077fbe5db07b3a2c20c2d9db736e -Author: Darren Tucker -Date: Thu Oct 29 20:57:34 2015 +1100 - - (re)wrap SYS_sendsyslog in ifdef. - - Replace ifdef that went missing in commit - c61b42f2678f21f05653ac2d3d241b48ab5d59ac. Fixes build on older - OpenBSDs. - -commit b67e2e76fcf1ae7c802eb27ca927e16c91a513ff -Author: djm@openbsd.org -Date: Thu Oct 29 08:05:17 2015 +0000 - - upstream commit - - regress test for "PubkeyAcceptedKeyTypes +..." inside a - Match block - - Upstream-Regress-ID: 246c37ed64a2e5704d4c158ccdca1ff700e10647 - -commit abd9dbc3c0d8c8c7561347cfa22166156e78c077 -Author: dtucker@openbsd.org -Date: Mon Oct 26 02:50:58 2015 +0000 - - upstream commit - - Fix typo certopt->certopts in shell variable. This would - cause the test to hang at a host key prompt if you have an A or CNAME for - "proxy" in your local domain. - - Upstream-Regress-ID: 6ea03bcd39443a83c89e2c5606392ceb9585836a - -commit ed08510d38aef930a061ae30d10f2a9cf233bafa -Author: djm@openbsd.org -Date: Thu Oct 29 08:05:01 2015 +0000 - - upstream commit - - Fix "PubkeyAcceptedKeyTypes +..." inside a Match block; - ok dtucker@ - - Upstream-ID: 853662c4036730b966aab77684390c47b9738c69 - -commit a4aef3ed29071719b2af82fdf1ac3c2514f82bc5 -Author: djm@openbsd.org -Date: Tue Oct 27 08:54:52 2015 +0000 - - upstream commit - - fix execv arguments in a way less likely to cause grief - for -portable; ok dtucker@ - - Upstream-ID: 5902bf0ea0371f39f1300698dc3b8e4105fc0fc5 - -commit 63d188175accea83305e89fafa011136ff3d96ad -Author: djm@openbsd.org -Date: Tue Oct 27 01:44:45 2015 +0000 - - upstream commit - - log certificate serial in verbose() messages to match the - main auth success/fail message; ok dtucker@ - - Upstream-ID: dfc48b417c320b97c36ff351d303c142f2186288 - -commit 2aaba0cfd560ecfe92aa50c00750e6143842cf1f -Author: djm@openbsd.org -Date: Tue Oct 27 00:49:53 2015 +0000 - - upstream commit - - avoid de-const warning & shrink; ok dtucker@ - - Upstream-ID: 69a85ef94832378952a22c172009cbf52aaa11db - -commit 03239c18312b9bab7d1c3b03062c61e8bbc1ca6e -Author: dtucker@openbsd.org -Date: Sun Oct 25 23:42:00 2015 +0000 - - upstream commit - - Expand tildes in filenames passed to -i before checking - whether or not the identity file exists. This means that if the shell - doesn't do the expansion (eg because the option and filename were given as a - single argument) then we'll still add the key. bz#2481, ok markus@ - - Upstream-ID: db1757178a14ac519e9a3e1a2dbd21113cb3bfc6 - -commit 97e184e508dd33c37860c732c0eca3fc57698b40 -Author: dtucker@openbsd.org -Date: Sun Oct 25 23:14:03 2015 +0000 - - upstream commit - - Do not prepend "exec" to the shell command run by "Match - exec" in a config file. It's an unnecessary optimization from repurposed - ProxyCommand code and prevents some things working with some shells. - bz#2471, pointed out by res at qoxp.net. ok markus@ - - Upstream-ID: a1ead25ae336bfa15fb58d8c6b5589f85b4c33a3 - -commit 8db134e7f457bcb069ec72bc4ee722e2af557c69 -Author: Darren Tucker -Date: Thu Oct 29 10:48:23 2015 +1100 - - Prevent name collisions with system glob (bz#2463) - - Move glob.h from includes.h to the only caller (sftp) and override the - names for the symbols. This prevents name collisions with the system glob - in the case where something other than ssh uses it (eg kerberos). With - jjelen at redhat.com, ok djm@ - -commit 86c10dbbef6a5800d2431a66cf7f41a954bb62b5 -Author: dtucker@openbsd.org -Date: Fri Oct 23 02:22:01 2015 +0000 - - upstream commit - - Update expected group sizes to match recent code changes. - - Upstream-Regress-ID: 0004f0ea93428969fe75bcfff0d521c553977794 - -commit 9ada37d36003a77902e90a3214981e417457cf13 -Author: djm@openbsd.org -Date: Sat Oct 24 22:56:19 2015 +0000 - - upstream commit - - fix keyscan output for multiple hosts/addrs on one line - when host hashing or a non standard port is in use; bz#2479 ok dtucker@ - - Upstream-ID: 5321dabfaeceba343da3c8a8b5754c6f4a0a307b - -commit 44fc7cd7dcef6c52c6b7e9ff830dfa32879bd319 -Author: djm@openbsd.org -Date: Sat Oct 24 22:52:22 2015 +0000 - - upstream commit - - skip "Could not chdir to home directory" message when - chrooted - - patch from Christian Hesse in bz#2485 ok dtucker@ - - Upstream-ID: 86783c1953da426dff5b03b03ce46e699d9e5431 - -commit a820a8618ec44735dabc688fab96fba38ad66bb2 -Author: sthen@openbsd.org -Date: Sat Oct 24 08:34:09 2015 +0000 - - upstream commit - - Handle the split of tun(4) "link0" into tap(4) in ssh - tun-forwarding. Adapted from portable (using separate devices for this is the - normal case in most OS). ok djm@ - - Upstream-ID: 90facf4c59ce73d6741db1bc926e578ef465cd39 - -commit 66d2e229baa9fe57b868c373b05f7ff3bb20055b -Author: gsoares@openbsd.org -Date: Wed Oct 21 11:33:03 2015 +0000 - - upstream commit - - fix memory leak in error path ok djm@ - - Upstream-ID: dd2f402b0a0029b755df029fc7f0679e1365ce35 - -commit 7d6c0362039ceacdc1366b5df29ad5d2693c13e5 -Author: mmcc@openbsd.org -Date: Tue Oct 20 23:24:25 2015 +0000 - - upstream commit - - Compare pointers to NULL rather than 0. - - ok djm@ - - Upstream-ID: 21616cfea27eda65a06e772cc887530b9a1a27f8 - -commit f98a09cacff7baad8748c9aa217afd155a4d493f -Author: mmcc@openbsd.org -Date: Tue Oct 20 03:36:35 2015 +0000 - - upstream commit - - Replace a function-local allocation with stack memory. - - ok djm@ - - Upstream-ID: c09fbbab637053a2ab9f33ca142b4e20a4c5a17e - -commit ac908c1eeacccfa85659594d92428659320fd57e -Author: Damien Miller -Date: Thu Oct 22 09:35:24 2015 +1100 - - turn off PrintLastLog when --disable-lastlog - - bz#2278 from Brent Paulson - -commit b56deb847f4a0115a8bf488bf6ee8524658162fd -Author: djm@openbsd.org -Date: Fri Oct 16 22:32:22 2015 +0000 - - upstream commit - - increase the minimum modulus that we will send or accept in - diffie-hellman-group-exchange to 2048 bits; ok markus@ - - Upstream-ID: 06dce7a24c17b999a0f5fadfe95de1ed6a1a9b6a - -commit 5ee0063f024bf5b3f3ffb275b8cd20055d62b4b9 -Author: djm@openbsd.org -Date: Fri Oct 16 18:40:49 2015 +0000 - - upstream commit - - better handle anchored FQDNs (e.g. 'cvs.openbsd.org.') in - hostname canonicalisation - treat them as already canonical and remove the - trailing '.' before matching ssh_config; ok markus@ - - Upstream-ID: f7619652e074ac3febe8363f19622aa4853b679a - -commit e92c499a75477ecfe94dd7b4aed89f20b1fac5a7 -Author: mmcc@openbsd.org -Date: Fri Oct 16 17:07:24 2015 +0000 - - upstream commit - - 0 -> NULL when comparing with a char*. - - ok dtucker@, djm@. - - Upstream-ID: a928e9c21c0a9020727d99738ff64027c1272300 - -commit b1d38a3cc6fe349feb8d16a5f520ef12d1de7cb2 -Author: djm@openbsd.org -Date: Thu Oct 15 23:51:40 2015 +0000 - - upstream commit - - fix some signed/unsigned integer type mismatches in - format strings; reported by Nicholas Lemonias - - Upstream-ID: 78cd55420a0eef68c4095bdfddd1af84afe5f95c - -commit 1a2663a15d356bb188196b6414b4c50dc12fd42b -Author: djm@openbsd.org -Date: Thu Oct 15 23:08:23 2015 +0000 - - upstream commit - - argument to sshkey_from_private() and sshkey_demote() - can't be NULL - - Upstream-ID: 0111245b1641d387977a9b38da15916820a5fd1f - -commit 0f754e29dd3760fc0b172c1220f18b753fb0957e -Author: Damien Miller -Date: Fri Oct 16 10:53:14 2015 +1100 - - need va_copy before va_start - - reported by Nicholas Lemonias - -commit eb6c50d82aa1f0d3fc95f5630ea69761e918bfcd -Author: Damien Miller -Date: Thu Oct 15 15:48:28 2015 -0700 - - fix compilation on systems without SYMLOOP_MAX - -commit fafe1d84a210fb3dae7744f268059cc583db8c12 -Author: Damien Miller -Date: Wed Oct 14 09:22:15 2015 -0700 - - s/SANDBOX_TAME/SANDBOX_PLEDGE/g - -commit 8f22911027ff6c17d7226d232ccd20727f389310 -Author: Damien Miller -Date: Wed Oct 14 08:28:19 2015 +1100 - - upstream commit - - revision 1.20 - date: 2015/10/13 20:55:37; author: millert; state: Exp; lines: +2 -2; commitid: X39sl5ay1czgFIgp; - In rev 1.15 the sizeof argument was fixed in a strlcat() call but - the truncation check immediately following it was not updated to - match. Not an issue in practice since the buffers are the same - size. OK deraadt@ - -commit 23fa695bb735f54f04d46123662609edb6c76767 -Author: Damien Miller -Date: Wed Oct 14 08:27:51 2015 +1100 - - upstream commit - - revision 1.19 - date: 2015/01/16 16:48:51; author: deraadt; state: Exp; lines: +3 -3; commitid: 0DYulI8hhujBHMcR; - Move to the universe. - review by millert, binary checking process with doug, concept with guenther - -commit c71be375a69af00c2d0a0c24d8752bec12d8fd1b -Author: Damien Miller -Date: Wed Oct 14 08:27:08 2015 +1100 - - upstream commit - - revision 1.18 - date: 2014/10/19 03:56:28; author: doug; state: Exp; lines: +9 -9; commitid: U6QxmtbXrGoc02S5; - Revert last commit due to changed semantics found by make release. - -commit c39ad23b06e9aecc3ff788e92f787a08472905b1 -Author: Damien Miller -Date: Wed Oct 14 08:26:24 2015 +1100 - - upstream commit - - revision 1.17 - date: 2014/10/18 20:43:52; author: doug; state: Exp; lines: +10 -10; commitid: I74hI1tVZtsspKEt; - Better POSIX compliance in realpath(3). - - millert@ made changes to realpath.c based on FreeBSD's version. I merged - Todd's changes into dl_realpath.c. - - ok millert@, guenther@ - -commit e929a43f957dbd1254aca2aaf85c8c00cbfc25f4 -Author: Damien Miller -Date: Wed Oct 14 08:25:55 2015 +1100 - - upstream commit - - revision 1.16 - date: 2013/04/05 12:59:54; author: kurt; state: Exp; lines: +3 -1; - - Add comments regarding copies of these files also in libexec/ld.so - okay guenther@ - -commit 5225db68e58a1048cb17f0e36e0d33bc4a8fc410 -Author: Damien Miller -Date: Wed Oct 14 08:25:32 2015 +1100 - - upstream commit - - revision 1.15 - date: 2012/09/13 15:39:05; author: deraadt; state: Exp; lines: +2 -2; - specify the bounds of the dst to strlcat (both values were static and - equal, but it is more correct) - from Michal Mazurek - -commit 7365fe5b4859de2305e40ea132da3823830fa710 -Author: Damien Miller -Date: Wed Oct 14 08:25:09 2015 +1100 - - upstream commit - - revision 1.14 - date: 2011/07/24 21:03:00; author: miod; state: Exp; lines: +35 -13; - Recent Single Unix will malloc memory if the second argument of realpath() - is NULL, and third-party software is starting to rely upon this. - Adapted from FreeBSD via Jona Joachim (jaj ; hcl-club , .lu), with minor - tweaks from nicm@ and yours truly. - -commit e679c09cd1951f963793aa3d9748d1c3fdcf808f -Author: djm@openbsd.org -Date: Tue Oct 13 16:15:21 2015 +0000 - - upstream commit - - apply PubkeyAcceptedKeyTypes filtering earlier, so all - skipped keys are noted before pubkey authentication starts. ok dtucker@ - - Upstream-ID: ba4f52f54268a421a2a5f98bb375403f4cb044b8 - -commit 179c353f564ec7ada64b87730b25fb41107babd7 -Author: djm@openbsd.org -Date: Tue Oct 13 00:21:27 2015 +0000 - - upstream commit - - free the correct IV length, don't assume it's always the - cipher blocksize; ok dtucker@ - - Upstream-ID: c260d9e5ec73628d9ff4b067fbb060eff5a7d298 - -commit 2539dce2a049a8f6bb0d44cac51f07ad48e691d3 -Author: deraadt@openbsd.org -Date: Fri Oct 9 01:37:08 2015 +0000 - - upstream commit - - Change all tame callers to namechange to pledge(2). - - Upstream-ID: 17e654fc27ceaf523c60f4ffd9ec7ae4e7efc7f2 - -commit 9846a2f4067383bb76b4e31a9d2303e0a9c13a73 -Author: Damien Miller -Date: Thu Oct 8 04:30:48 2015 +1100 - - hook tame(2) sandbox up to build - - OpenBSD only for now - -commit 0c46bbe68b70bdf0d6d20588e5847e71f3739fe6 -Author: djm@openbsd.org -Date: Wed Oct 7 15:59:12 2015 +0000 - - upstream commit - - include PubkeyAcceptedKeyTypes in ssh -G config dump - - Upstream-ID: 6c097ce6ffebf6fe393fb7988b5d152a5d6b36bb - -commit bdcb73fb7641b1cf73c0065d1a0dd57b1e8b778e -Author: sobrado@openbsd.org -Date: Wed Oct 7 14:45:30 2015 +0000 - - upstream commit - - UsePrivilegeSeparation defaults to sandbox now. - - ok djm@ - - Upstream-ID: bff136c38bcae89df82e044d2f42de21e1ad914f - -commit 2905d6f99c837bb699b6ebc61711b19acd030709 -Author: djm@openbsd.org -Date: Wed Oct 7 00:54:06 2015 +0000 - - upstream commit - - don't try to change tun device flags if they are already - what we need; makes it possible to use tun/tap networking as non- root user - if device permissions and interface flags are pre-established; based on patch - by Ossi Herrala - - Upstream-ID: 89099ac4634cd477b066865acf54cb230780fd21 - -commit 0dc74512bdb105b048883f07de538b37e5e024d4 -Author: Damien Miller -Date: Mon Oct 5 18:33:05 2015 -0700 - - unbreak merge botch - -commit fdd020e86439afa7f537e2429d29d4b744c94331 -Author: djm@openbsd.org -Date: Tue Oct 6 01:20:59 2015 +0000 - - upstream commit - - adapt to recent sshkey_parse_private_fileblob() API - change - - Upstream-Regress-ID: 5c0d818da511e33e0abf6a92a31bd7163b7ad988 - -commit 21ae8ee3b630b0925f973db647a1b9aa5fcdd4c5 -Author: djm@openbsd.org -Date: Thu Sep 24 07:15:39 2015 +0000 - - upstream commit - - fix command-line option to match what was actually - committed - - Upstream-Regress-ID: 3e8c24a2044e8afd37e7ce17b69002ca817ac699 - -commit e14ac43b75e68f1ffbd3e1a5e44143c8ae578dcd -Author: djm@openbsd.org -Date: Thu Sep 24 06:16:53 2015 +0000 - - upstream commit - - regress test for CertificateFile; patch from Meghana Bhat - via bz#2436 - - Upstream-Regress-ID: e7a6e980cbe0f8081ba2e83de40d06c17be8bd25 - -commit 905b054ed24e0d5b4ef226ebf2c8bfc02ae6d4ad -Author: djm@openbsd.org -Date: Mon Oct 5 17:11:21 2015 +0000 - - upstream commit - - some more bzero->explicit_bzero, from Michael McConville - - Upstream-ID: 17f19545685c33327db2efdc357c1c9225ff00d0 - -commit b007159a0acdbcf65814b3ee05dbe2cf4ea46011 -Author: deraadt@openbsd.org -Date: Fri Oct 2 15:52:55 2015 +0000 - - upstream commit - - fix email - - Upstream-ID: 72150f2d54b94de14ebef1ea054ef974281bf834 - -commit b19e1b4ab11884c4f62aee9f8ab53127a4732658 -Author: deraadt@openbsd.org -Date: Fri Oct 2 01:39:52 2015 +0000 - - upstream commit - - a sandbox using tame ok djm - - Upstream-ID: 4ca24e47895e72f5daaa02f3e3d3e5ca2d820fa3 - -commit c61b42f2678f21f05653ac2d3d241b48ab5d59ac -Author: deraadt@openbsd.org -Date: Fri Oct 2 01:39:26 2015 +0000 - - upstream commit - - re-order system calls in order of risk, ok i'll be - honest, ordered this way they look like tame... ok djm - - Upstream-ID: 42a1e6d251fd8be13c8262bee026059ae6328813 - -commit c5f7c0843cb6e6074a93c8ac34e49ce33a6f5546 -Author: jmc@openbsd.org -Date: Fri Sep 25 18:19:54 2015 +0000 - - upstream commit - - some certificatefile tweaks; ok djm - - Upstream-ID: 0e5a7852c28c05fc193419cc7e50e64c1c535af0 - -commit 4e44a79a07d4b88b6a4e5e8c1bed5f58c841b1b8 -Author: djm@openbsd.org -Date: Thu Sep 24 06:15:11 2015 +0000 - - upstream commit - - add ssh_config CertificateFile option to explicitly list - a certificate; patch from Meghana Bhat on bz#2436; ok markus@ - - Upstream-ID: 58648ec53c510b41c1f46d8fe293aadc87229ab8 - -commit e3cbb06ade83c72b640a53728d362bbefa0008e2 -Author: sobrado@openbsd.org -Date: Tue Sep 22 08:33:23 2015 +0000 - - upstream commit - - fix two typos. - - Upstream-ID: 424402c0d8863a11b51749bacd7f8d932083b709 diff --git a/INSTALL b/INSTALL index e4865bbb4d9a..7f552bf7683f 100644 --- a/INSTALL +++ b/INSTALL @@ -13,7 +13,7 @@ OpenSSL) Zlib 1.1.4 or 1.2.1.2 or greater (earlier 1.2.x versions have problems): http://www.gzip.org/zlib/ -libcrypto (LibreSSL or OpenSSL >= 0.9.8f < 1.1.0) +libcrypto (LibreSSL or OpenSSL >= 1.0.1 < 1.1.0) LibreSSL http://www.libressl.org/ ; or OpenSSL http://www.openssl.org/ @@ -91,7 +91,7 @@ http://nlnetlabs.nl/projects/ldns/ Autoconf: If you modify configure.ac or configure doesn't exist (eg if you checked -the code out of CVS yourself) then you will need autoconf-2.69 to rebuild +the code out of git yourself) then you will need autoconf-2.69 to rebuild the automatically generated files by running "autoreconf". Earlier versions may also work but this is not guaranteed. @@ -103,6 +103,13 @@ Native BSM support is known to exist in Solaris from at least 2.5.1, FreeBSD 6.1 and OS X. Alternatively, you may use the OpenBSM implementation (http://www.openbsm.org). +makedepend: + +https://www.x.org/archive/individual/util/ + +If you are making significant changes to the code you may need to rebuild +the dependency (.depend) file using "make depend", which requires the +"makedepend" tool from the X11 distribution. 2. Building / Installation -------------------------- @@ -162,13 +169,11 @@ also be enabled in sshd_config (refer to the UsePAM directive). --with-prngd-socket=/some/file allows you to enable EGD or PRNGD support and to specify a PRNGd socket. Use this if your Unix lacks -/dev/random and you don't want to use OpenSSH's builtin entropy -collection support. +/dev/random. --with-prngd-port=portnum allows you to enable EGD or PRNGD support and to specify a EGD localhost TCP port. Use this if your Unix lacks -/dev/random and you don't want to use OpenSSH's builtin entropy -collection support. +/dev/random. --with-lastlog=FILE will specify the location of the lastlog file. ./configure searches a few locations for lastlog, but may not find @@ -204,8 +209,7 @@ created. --with-xauth=PATH specifies the location of the xauth binary --with-ssl-dir=DIR allows you to specify where your Libre/OpenSSL -libraries -are installed. +libraries are installed. --with-ssl-engine enables Libre/OpenSSL's (hardware) ENGINE support diff --git a/Makefile.in b/Makefile.in index c52ce191fe95..04e1c8e5345b 100644 --- a/Makefile.in +++ b/Makefile.in @@ -1,5 +1,3 @@ -# $Id: Makefile.in,v 1.365 2014/08/30 06:23:07 djm Exp $ - # uncomment if you run a non bourne compatable shell. Ie. csh #SHELL = @SH@ @@ -54,16 +52,25 @@ AR=@AR@ AWK=@AWK@ RANLIB=@RANLIB@ INSTALL=@INSTALL@ -PERL=@PERL@ SED=@SED@ ENT=@ENT@ XAUTH_PATH=@XAUTH_PATH@ LDFLAGS=-L. -Lopenbsd-compat/ @LDFLAGS@ EXEEXT=@EXEEXT@ MANFMT=@MANFMT@ +MKDIR_P=@MKDIR_P@ TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) +XMSS_OBJS=\ + ssh-xmss.o \ + sshkey-xmss.o \ + xmss_commons.o \ + xmss_fast.o \ + xmss_hash.o \ + xmss_hash_address.o \ + xmss_wots.o + LIBOPENSSH_OBJS=\ ssh_api.o \ ssherr.o \ @@ -73,7 +80,8 @@ LIBOPENSSH_OBJS=\ sshbuf-misc.o \ sshbuf-getput-crypto.o \ krl.o \ - bitmap.o + bitmap.o \ + ${XMSS_OBJS} LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ authfd.o authfile.o bufaux.o bufbn.o bufec.o buffer.o \ @@ -88,7 +96,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ ssh-pkcs11.o smult_curve25519_ref.o \ poly1305.o chacha.o cipher-chachapoly.o \ ssh-ed25519.o digest-openssl.o digest-libc.o hmac.o \ - sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o \ + sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o \ kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o \ kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \ @@ -218,13 +226,6 @@ $(CONFIGFILES): $(CONFIGFILES_IN) moduli: echo -# special case target for umac128 -umac128.o: umac.c - $(CC) $(CFLAGS) $(CPPFLAGS) -o umac128.o -c $(srcdir)/umac.c \ - -DUMAC_OUTPUT_LEN=16 -Dumac_new=umac128_new \ - -Dumac_update=umac128_update -Dumac_final=umac128_final \ - -Dumac_delete=umac128_delete -Dumac_ctx=umac128_ctx - clean: regressclean rm -f *.o *.a $(TARGETS) logintest config.cache config.log rm -f *.out core survey @@ -298,9 +299,21 @@ catman-do: >$$base.0 ; \ done -distprep: catman-do +depend: depend-rebuild + rm -f .depend.bak + +depend-rebuild: + rm -f config.h + touch config.h + makedepend -w1000 -Y. -f .depend *.c 2>/dev/null + rm -f config.h + +depend-check: depend-rebuild + cmp .depend .depend.bak || (echo .depend stale && exit 1) + +distprep: catman-do depend-check $(AUTORECONF) - -rm -rf autom4te.cache + -rm -rf autom4te.cache .depend.bak install: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files install-sysconf host-key check-config install-nokeys: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files install-sysconf @@ -310,14 +323,13 @@ check-config: -$(DESTDIR)$(sbindir)/sshd -t -f $(DESTDIR)$(sysconfdir)/sshd_config install-files: - $(srcdir)/mkinstalldirs $(DESTDIR)$(bindir) - $(srcdir)/mkinstalldirs $(DESTDIR)$(sbindir) - $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir) - $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)1 - $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)5 - $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8 - $(srcdir)/mkinstalldirs $(DESTDIR)$(libexecdir) - (umask 022 ; $(srcdir)/mkinstalldirs $(DESTDIR)$(PRIVSEP_PATH)) + $(MKDIR_P) $(DESTDIR)$(bindir) + $(MKDIR_P) $(DESTDIR)$(sbindir) + $(MKDIR_P) $(DESTDIR)$(mandir)/$(mansubdir)1 + $(MKDIR_P) $(DESTDIR)$(mandir)/$(mansubdir)5 + $(MKDIR_P) $(DESTDIR)$(mandir)/$(mansubdir)8 + $(MKDIR_P) $(DESTDIR)$(libexecdir) + $(MKDIR_P) -m 0755 $(DESTDIR)$(PRIVSEP_PATH) $(INSTALL) -m 0755 $(STRIP_OPT) ssh$(EXEEXT) $(DESTDIR)$(bindir)/ssh$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) scp$(EXEEXT) $(DESTDIR)$(bindir)/scp$(EXEEXT) $(INSTALL) -m 0755 $(STRIP_OPT) ssh-add$(EXEEXT) $(DESTDIR)$(bindir)/ssh-add$(EXEEXT) @@ -345,9 +357,7 @@ install-files: $(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8 install-sysconf: - if [ ! -d $(DESTDIR)$(sysconfdir) ]; then \ - $(srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir); \ - fi + $(MKDIR_P) $(DESTDIR)$(sysconfdir) @if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_config ]; then \ $(INSTALL) -m 644 ssh_config.out $(DESTDIR)$(sysconfdir)/ssh_config; \ else \ @@ -375,9 +385,6 @@ host-key: ssh-keygen$(EXEEXT) fi host-key-force: ssh-keygen$(EXEEXT) ssh$(EXEEXT) - if ./ssh -Q protocol-version | grep '^1$$' >/dev/null; then \ - ./ssh-keygen -t rsa1 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N ""; \ - fi ./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N "" ./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N "" ./ssh-keygen -t ed25519 -f $(DESTDIR)$(sysconfdir)/ssh_host_ed25519_key -N "" @@ -421,28 +428,16 @@ uninstall: -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8 regress-prep: - [ -d `pwd`/regress ] || mkdir -p `pwd`/regress - [ -d `pwd`/regress/unittests ] || mkdir -p `pwd`/regress/unittests - [ -d `pwd`/regress/unittests/test_helper ] || \ - mkdir -p `pwd`/regress/unittests/test_helper - [ -d `pwd`/regress/unittests/sshbuf ] || \ - mkdir -p `pwd`/regress/unittests/sshbuf - [ -d `pwd`/regress/unittests/sshkey ] || \ - mkdir -p `pwd`/regress/unittests/sshkey - [ -d `pwd`/regress/unittests/bitmap ] || \ - mkdir -p `pwd`/regress/unittests/bitmap - [ -d `pwd`/regress/unittests/conversion ] || \ - mkdir -p `pwd`/regress/unittests/conversion - [ -d `pwd`/regress/unittests/hostkeys ] || \ - mkdir -p `pwd`/regress/unittests/hostkeys - [ -d `pwd`/regress/unittests/kex ] || \ - mkdir -p `pwd`/regress/unittests/kex - [ -d `pwd`/regress/unittests/match ] || \ - mkdir -p `pwd`/regress/unittests/match - [ -d `pwd`/regress/unittests/utf8 ] || \ - mkdir -p `pwd`/regress/unittests/utf8 - [ -d `pwd`/regress/misc/kexfuzz ] || \ - mkdir -p `pwd`/regress/misc/kexfuzz + $(MKDIR_P) `pwd`/regress/unittests/test_helper + $(MKDIR_P) `pwd`/regress/unittests/sshbuf + $(MKDIR_P) `pwd`/regress/unittests/sshkey + $(MKDIR_P) `pwd`/regress/unittests/bitmap + $(MKDIR_P) `pwd`/regress/unittests/conversion + $(MKDIR_P) `pwd`/regress/unittests/hostkeys + $(MKDIR_P) `pwd`/regress/unittests/kex + $(MKDIR_P) `pwd`/regress/unittests/match + $(MKDIR_P) `pwd`/regress/unittests/utf8 + $(MKDIR_P) `pwd`/regress/misc/kexfuzz [ -f `pwd`/regress/Makefile ] || \ ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile @@ -582,6 +577,8 @@ regress-binaries: regress/modpipe$(EXEEXT) \ regress/unittests/utf8/test_utf8$(EXEEXT) \ regress/misc/kexfuzz/kexfuzz$(EXEEXT) +REGRESSTMP = "$(PWD)/regress" + tests interop-tests t-exec unit: regress-prep regress-binaries $(TARGETS) BUILDDIR=`pwd`; \ TEST_SSH_SCP="$${BUILDDIR}/scp"; \ @@ -605,7 +602,7 @@ tests interop-tests t-exec unit: regress-prep regress-binaries $(TARGETS) .OBJDIR="$${BUILDDIR}/regress" \ .CURDIR="`pwd`" \ BUILDDIR="$${BUILDDIR}" \ - OBJ="$${BUILDDIR}/regress/" \ + OBJ="$(REGRESSTMP)" \ PATH="$${BUILDDIR}:$${PATH}" \ TEST_ENV=MALLOC_OPTIONS="@TEST_MALLOC_OPTIONS@" \ TEST_MALLOC_OPTIONS="@TEST_MALLOC_OPTIONS@" \ @@ -650,3 +647,5 @@ package: $(CONFIGFILES) $(MANPAGES) $(TARGETS) if [ "@MAKE_PACKAGE_SUPPORTED@" = yes ]; then \ sh buildpkg.sh; \ fi + +# @DEPEND@ diff --git a/PROTOCOL b/PROTOCOL index 4e9e8757566f..b1fc00691c0d 100644 --- a/PROTOCOL +++ b/PROTOCOL @@ -295,10 +295,14 @@ has completed. string[] hostkeys Upon receiving this message, a client should check which of the -supplied host keys are present in known_hosts. For keys that are -not present, it should send a "hostkeys-prove@openssh.com" message -to request the server prove ownership of the private half of the -key. +supplied host keys are present in known_hosts. + +Note that the server may send key types that the client does not +support. The client should disgregard such keys if they are received. + +If the client identifies any keys that are not present for the host, +it should send a "hostkeys-prove@openssh.com" message to request the +server prove ownership of the private half of the key. byte SSH_MSG_GLOBAL_REQUEST string "hostkeys-prove-00@openssh.com" @@ -454,4 +458,4 @@ respond with a SSH_FXP_STATUS message. This extension is advertised in the SSH_FXP_VERSION hello with version "1". -$OpenBSD: PROTOCOL,v 1.31 2017/05/26 01:40:07 djm Exp $ +$OpenBSD: PROTOCOL,v 1.32 2018/02/19 00:55:02 djm Exp $ diff --git a/PROTOCOL.certkeys b/PROTOCOL.certkeys index 42aa8c2a1734..64cb18700ee1 100644 --- a/PROTOCOL.certkeys +++ b/PROTOCOL.certkeys @@ -100,9 +100,9 @@ DSA certificate ECDSA certificate - string "ecdsa-sha2-nistp256-v01@openssh.com" | - "ecdsa-sha2-nistp384-v01@openssh.com" | - "ecdsa-sha2-nistp521-v01@openssh.com" + string "ecdsa-sha2-nistp256-cert-v01@openssh.com" | + "ecdsa-sha2-nistp384-cert-v01@openssh.com" | + "ecdsa-sha2-nistp521-cert-v01@openssh.com" string nonce string curve string public_key @@ -291,4 +291,4 @@ permit-user-rc empty Flag indicating that execution of of this script will not be permitted if this option is not present. -$OpenBSD: PROTOCOL.certkeys,v 1.12 2017/05/31 04:29:44 djm Exp $ +$OpenBSD: PROTOCOL.certkeys,v 1.13 2017/11/03 02:32:19 djm Exp $ diff --git a/README b/README index 103d43e9b7b7..fb8e21743b00 100644 --- a/README +++ b/README @@ -1,11 +1,11 @@ -See https://www.openssh.com/releasenotes.html#7.6p1 for the release notes. +See https://www.openssh.com/releasenotes.html#7.7p1 for the release notes. Please read https://www.openssh.com/report.html for bug reporting instructions and note that we do not use Github for bug reporting or patch/pull-request management. - A Japanese translation of this document and of the release notes is -- available at http://www.unixuser.org/~haruyama/security/openssh/index.html +- available at https://www.unixuser.org/~haruyama/security/openssh/index.html - Thanks to HARUYAMA Seigo This is the port of OpenBSD's excellent OpenSSH[0] to Linux and other @@ -22,7 +22,7 @@ This port consists of the re-introduction of autoconf support, PAM support, EGD[1]/PRNGD[2] support and replacements for OpenBSD library functions that are (regrettably) absent from other unices. This port has been best tested on AIX, Cygwin, HP-UX, Linux, MacOS/X, -NetBSD, OpenBSD, OpenServer, Solaris, Unicos, and UnixWare. +NetBSD, OpenBSD, OpenServer, Solaris and UnixWare. This version actively tracks changes in the OpenBSD CVS repository. @@ -56,11 +56,11 @@ References - [0] https://www.openssh.com/ [1] http://www.lothar.com/tech/crypto/ -[2] http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html -[3] http://www.gzip.org/zlib/ -[4] http://www.openssl.org/ -[5] http://www.openpam.org - http://www.kernel.org/pub/linux/libs/pam/ +[2] http://prngd.sourceforge.net/ +[3] https://www.zlib.net/ +[4] https://www.openssl.org/ +[5] https://www.openpam.org + https://www.kernel.org/pub/linux/libs/pam/ (PAM also is standard on Solaris and HP-UX 11) -[6] http://thrysoee.dk/editline/ (portable version) -[7] http://man.openbsd.org/style.9 +[6] https://thrysoee.dk/editline/ (portable version) +[7] https://man.openbsd.org/style.9 diff --git a/README.privsep b/README.privsep index 2120544c7973..460e90565202 100644 --- a/README.privsep +++ b/README.privsep @@ -34,8 +34,8 @@ privsep user and chroot directory: PAM-enabled OpenSSH is known to function with privsep on AIX, FreeBSD, HP-UX (including Trusted Mode), Linux, NetBSD and Solaris. -On Cygwin, Tru64 Unix, OpenServer, and Unicos only the pre-authentication -part of privsep is supported. Post-authentication privsep is disabled +On Cygwin, Tru64 Unix and OpenServer only the pre-authentication part +of privsep is supported. Post-authentication privsep is disabled automatically (so you won't see the additional process mentioned below). Note that for a normal interactive login with a shell, enabling privsep diff --git a/auth-options.c b/auth-options.c index bed00eef0fe3..b528c197ab26 100644 --- a/auth-options.c +++ b/auth-options.c @@ -1,13 +1,18 @@ -/* $OpenBSD: auth-options.c,v 1.74 2017/09/12 06:32:07 djm Exp $ */ +/* $OpenBSD: auth-options.c,v 1.78 2018/03/14 05:35:40 djm Exp $ */ /* - * Author: Tatu Ylonen - * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - * All rights reserved - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". + * Copyright (c) 2018 Damien Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include "includes.h" @@ -19,88 +24,33 @@ #include #include #include +#include +#include #include "openbsd-compat/sys-queue.h" -#include "key.h" /* XXX for typedef */ -#include "buffer.h" /* XXX for typedef */ #include "xmalloc.h" -#include "match.h" #include "ssherr.h" #include "log.h" -#include "canohost.h" -#include "packet.h" #include "sshbuf.h" #include "misc.h" -#include "channels.h" -#include "servconf.h" #include "sshkey.h" +#include "match.h" +#include "ssh2.h" #include "auth-options.h" -#include "hostfile.h" -#include "auth.h" - -/* Flags set authorized_keys flags */ -int no_port_forwarding_flag = 0; -int no_agent_forwarding_flag = 0; -int no_x11_forwarding_flag = 0; -int no_pty_flag = 0; -int no_user_rc = 0; -int key_is_cert_authority = 0; - -/* "command=" option. */ -char *forced_command = NULL; - -/* "environment=" options. */ -struct envstring *custom_environment = NULL; - -/* "tunnel=" option. */ -int forced_tun_device = -1; - -/* "principals=" option. */ -char *authorized_principals = NULL; - -extern ServerOptions options; - -/* XXX refactor to be stateless */ - -void -auth_clear_options(void) -{ - struct ssh *ssh = active_state; /* XXX */ - - no_agent_forwarding_flag = 0; - no_port_forwarding_flag = 0; - no_pty_flag = 0; - no_x11_forwarding_flag = 0; - no_user_rc = 0; - key_is_cert_authority = 0; - while (custom_environment) { - struct envstring *ce = custom_environment; - custom_environment = ce->next; - free(ce->s); - free(ce); - } - free(forced_command); - forced_command = NULL; - free(authorized_principals); - authorized_principals = NULL; - forced_tun_device = -1; - channel_clear_permitted_opens(ssh); -} /* * Match flag 'opt' in *optsp, and if allow_negate is set then also match * 'no-opt'. Returns -1 if option not matched, 1 if option matches or 0 - * if negated option matches. + * if negated option matches. * If the option or negated option matches, then *optsp is updated to - * point to the first character after the option and, if 'msg' is not NULL - * then a message based on it added via auth_debug_add(). + * point to the first character after the option. */ static int -match_flag(const char *opt, int allow_negate, char **optsp, const char *msg) +opt_flag(const char *opt, int allow_negate, const char **optsp) { size_t opt_len = strlen(opt); - char *opts = *optsp; + const char *opts = *optsp; int negate = 0; if (allow_negate && strncasecmp(opts, "no-", 3) == 0) { @@ -109,368 +59,92 @@ match_flag(const char *opt, int allow_negate, char **optsp, const char *msg) } if (strncasecmp(opts, opt, opt_len) == 0) { *optsp = opts + opt_len; - if (msg != NULL) { - auth_debug_add("%s %s.", msg, - negate ? "disabled" : "enabled"); - } return negate ? 0 : 1; } return -1; } -/* - * return 1 if access is granted, 0 if not. - * side effect: sets key option flags - * XXX remove side effects; fill structure instead. - */ -int -auth_parse_options(struct passwd *pw, char *opts, const char *file, - u_long linenum) +static char * +opt_dequote(const char **sp, const char **errstrp) { - struct ssh *ssh = active_state; /* XXX */ - const char *cp; - int i, r; + const char *s = *sp; + char *ret; + size_t i; - /* reset options */ - auth_clear_options(); - - if (!opts) - return 1; - - while (*opts && *opts != ' ' && *opts != '\t') { - if ((r = match_flag("cert-authority", 0, &opts, NULL)) != -1) { - key_is_cert_authority = r; - goto next_option; - } - if ((r = match_flag("restrict", 0, &opts, NULL)) != -1) { - auth_debug_add("Key is restricted."); - no_port_forwarding_flag = 1; - no_agent_forwarding_flag = 1; - no_x11_forwarding_flag = 1; - no_pty_flag = 1; - no_user_rc = 1; - goto next_option; - } - if ((r = match_flag("port-forwarding", 1, &opts, - "Port forwarding")) != -1) { - no_port_forwarding_flag = r != 1; - goto next_option; - } - if ((r = match_flag("agent-forwarding", 1, &opts, - "Agent forwarding")) != -1) { - no_agent_forwarding_flag = r != 1; - goto next_option; - } - if ((r = match_flag("x11-forwarding", 1, &opts, - "X11 forwarding")) != -1) { - no_x11_forwarding_flag = r != 1; - goto next_option; - } - if ((r = match_flag("pty", 1, &opts, - "PTY allocation")) != -1) { - no_pty_flag = r != 1; - goto next_option; - } - if ((r = match_flag("user-rc", 1, &opts, - "User rc execution")) != -1) { - no_user_rc = r != 1; - goto next_option; - } - cp = "command=\""; - if (strncasecmp(opts, cp, strlen(cp)) == 0) { - opts += strlen(cp); - free(forced_command); - forced_command = xmalloc(strlen(opts) + 1); - i = 0; - while (*opts) { - if (*opts == '"') - break; - if (*opts == '\\' && opts[1] == '"') { - opts += 2; - forced_command[i++] = '"'; - continue; - } - forced_command[i++] = *opts++; - } - if (!*opts) { - debug("%.100s, line %lu: missing end quote", - file, linenum); - auth_debug_add("%.100s, line %lu: missing end quote", - file, linenum); - free(forced_command); - forced_command = NULL; - goto bad_option; - } - forced_command[i] = '\0'; - auth_debug_add("Forced command."); - opts++; - goto next_option; - } - cp = "principals=\""; - if (strncasecmp(opts, cp, strlen(cp)) == 0) { - opts += strlen(cp); - free(authorized_principals); - authorized_principals = xmalloc(strlen(opts) + 1); - i = 0; - while (*opts) { - if (*opts == '"') - break; - if (*opts == '\\' && opts[1] == '"') { - opts += 2; - authorized_principals[i++] = '"'; - continue; - } - authorized_principals[i++] = *opts++; - } - if (!*opts) { - debug("%.100s, line %lu: missing end quote", - file, linenum); - auth_debug_add("%.100s, line %lu: missing end quote", - file, linenum); - free(authorized_principals); - authorized_principals = NULL; - goto bad_option; - } - authorized_principals[i] = '\0'; - auth_debug_add("principals: %.900s", - authorized_principals); - opts++; - goto next_option; - } - cp = "environment=\""; - if (strncasecmp(opts, cp, strlen(cp)) == 0) { - char *s; - struct envstring *new_envstring; - - opts += strlen(cp); - s = xmalloc(strlen(opts) + 1); - i = 0; - while (*opts) { - if (*opts == '"') - break; - if (*opts == '\\' && opts[1] == '"') { - opts += 2; - s[i++] = '"'; - continue; - } - s[i++] = *opts++; - } - if (!*opts) { - debug("%.100s, line %lu: missing end quote", - file, linenum); - auth_debug_add("%.100s, line %lu: missing end quote", - file, linenum); - free(s); - goto bad_option; - } - s[i] = '\0'; - opts++; - if (options.permit_user_env) { - auth_debug_add("Adding to environment: " - "%.900s", s); - debug("Adding to environment: %.900s", s); - new_envstring = xcalloc(1, - sizeof(*new_envstring)); - new_envstring->s = s; - new_envstring->next = custom_environment; - custom_environment = new_envstring; - s = NULL; - } - free(s); - goto next_option; - } - cp = "from=\""; - if (strncasecmp(opts, cp, strlen(cp)) == 0) { - const char *remote_ip = ssh_remote_ipaddr(ssh); - const char *remote_host = auth_get_canonical_hostname( - ssh, options.use_dns); - char *patterns = xmalloc(strlen(opts) + 1); - - opts += strlen(cp); - i = 0; - while (*opts) { - if (*opts == '"') - break; - if (*opts == '\\' && opts[1] == '"') { - opts += 2; - patterns[i++] = '"'; - continue; - } - patterns[i++] = *opts++; - } - if (!*opts) { - debug("%.100s, line %lu: missing end quote", - file, linenum); - auth_debug_add("%.100s, line %lu: missing end quote", - file, linenum); - free(patterns); - goto bad_option; - } - patterns[i] = '\0'; - opts++; - switch (match_host_and_ip(remote_host, remote_ip, - patterns)) { - case 1: - free(patterns); - /* Host name matches. */ - goto next_option; - case -1: - debug("%.100s, line %lu: invalid criteria", - file, linenum); - auth_debug_add("%.100s, line %lu: " - "invalid criteria", file, linenum); - /* FALLTHROUGH */ - case 0: - free(patterns); - logit("Authentication tried for %.100s with " - "correct key but not from a permitted " - "host (host=%.200s, ip=%.200s).", - pw->pw_name, remote_host, remote_ip); - auth_debug_add("Your host '%.200s' is not " - "permitted to use this key for login.", - remote_host); - break; - } - /* deny access */ - return 0; - } - cp = "permitopen=\""; - if (strncasecmp(opts, cp, strlen(cp)) == 0) { - char *host, *p; - int port; - char *patterns = xmalloc(strlen(opts) + 1); - - opts += strlen(cp); - i = 0; - while (*opts) { - if (*opts == '"') - break; - if (*opts == '\\' && opts[1] == '"') { - opts += 2; - patterns[i++] = '"'; - continue; - } - patterns[i++] = *opts++; - } - if (!*opts) { - debug("%.100s, line %lu: missing end quote", - file, linenum); - auth_debug_add("%.100s, line %lu: missing " - "end quote", file, linenum); - free(patterns); - goto bad_option; - } - patterns[i] = '\0'; - opts++; - p = patterns; - /* XXX - add streamlocal support */ - host = hpdelim(&p); - if (host == NULL || strlen(host) >= NI_MAXHOST) { - debug("%.100s, line %lu: Bad permitopen " - "specification <%.100s>", file, linenum, - patterns); - auth_debug_add("%.100s, line %lu: " - "Bad permitopen specification", file, - linenum); - free(patterns); - goto bad_option; - } - host = cleanhostname(host); - if (p == NULL || (port = permitopen_port(p)) < 0) { - debug("%.100s, line %lu: Bad permitopen port " - "<%.100s>", file, linenum, p ? p : ""); - auth_debug_add("%.100s, line %lu: " - "Bad permitopen port", file, linenum); - free(patterns); - goto bad_option; - } - if ((options.allow_tcp_forwarding & FORWARD_LOCAL) != 0) - channel_add_permitted_opens(ssh, host, port); - free(patterns); - goto next_option; - } - cp = "tunnel=\""; - if (strncasecmp(opts, cp, strlen(cp)) == 0) { - char *tun = NULL; - opts += strlen(cp); - tun = xmalloc(strlen(opts) + 1); - i = 0; - while (*opts) { - if (*opts == '"') - break; - tun[i++] = *opts++; - } - if (!*opts) { - debug("%.100s, line %lu: missing end quote", - file, linenum); - auth_debug_add("%.100s, line %lu: missing end quote", - file, linenum); - free(tun); - forced_tun_device = -1; - goto bad_option; - } - tun[i] = '\0'; - forced_tun_device = a2tun(tun, NULL); - free(tun); - if (forced_tun_device == SSH_TUNID_ERR) { - debug("%.100s, line %lu: invalid tun device", - file, linenum); - auth_debug_add("%.100s, line %lu: invalid tun device", - file, linenum); - forced_tun_device = -1; - goto bad_option; - } - auth_debug_add("Forced tun device: %d", forced_tun_device); - opts++; - goto next_option; - } -next_option: - /* - * Skip the comma, and move to the next option - * (or break out if there are no more). - */ - if (!*opts) - fatal("Bugs in auth-options.c option processing."); - if (*opts == ' ' || *opts == '\t') - break; /* End of options. */ - if (*opts != ',') - goto bad_option; - opts++; - /* Process the next option. */ + *errstrp = NULL; + if (*s != '"') { + *errstrp = "missing start quote"; + return NULL; } + s++; + if ((ret = malloc(strlen((s)) + 1)) == NULL) { + *errstrp = "memory allocation failed"; + return NULL; + } + for (i = 0; *s != '\0' && *s != '"';) { + if (s[0] == '\\' && s[1] == '"') + s++; + ret[i++] = *s++; + } + if (*s == '\0') { + *errstrp = "missing end quote"; + free(ret); + return NULL; + } + ret[i] = '\0'; + s++; + *sp = s; + return ret; +} - /* grant access */ - return 1; +static int +opt_match(const char **opts, const char *term) +{ + if (strncasecmp((*opts), term, strlen(term)) == 0 && + (*opts)[strlen(term)] == '=') { + *opts += strlen(term) + 1; + return 1; + } + return 0; +} -bad_option: - logit("Bad options in %.100s file, line %lu: %.50s", - file, linenum, opts); - auth_debug_add("Bad options in %.100s file, line %lu: %.50s", - file, linenum, opts); +static int +dup_strings(char ***dstp, size_t *ndstp, char **src, size_t nsrc) +{ + char **dst; + size_t i, j; - /* deny access */ + *dstp = NULL; + *ndstp = 0; + if (nsrc == 0) + return 0; + + if ((dst = calloc(nsrc, sizeof(*src))) == NULL) + return -1; + for (i = 0; i < nsrc; i++) { + if ((dst[i] = strdup(src[i])) == NULL) { + for (j = 0; j < i; j++) + free(dst[j]); + free(dst); + return -1; + } + } + /* success */ + *dstp = dst; + *ndstp = nsrc; return 0; } #define OPTIONS_CRITICAL 1 #define OPTIONS_EXTENSIONS 2 static int -parse_option_list(struct sshbuf *oblob, struct passwd *pw, - u_int which, int crit, - int *cert_no_port_forwarding_flag, - int *cert_no_agent_forwarding_flag, - int *cert_no_x11_forwarding_flag, - int *cert_no_pty_flag, - int *cert_no_user_rc, - char **cert_forced_command, - int *cert_source_address_done) +cert_option_list(struct sshauthopt *opts, struct sshbuf *oblob, + u_int which, int crit) { - struct ssh *ssh = active_state; /* XXX */ char *command, *allowed; - const char *remote_ip; char *name = NULL; struct sshbuf *c = NULL, *data = NULL; - int r, ret = -1, result, found; + int r, ret = -1, found; if ((c = sshbuf_fromb(oblob)) == NULL) { error("%s: sshbuf_fromb failed", __func__); @@ -491,21 +165,21 @@ parse_option_list(struct sshbuf *oblob, struct passwd *pw, found = 0; if ((which & OPTIONS_EXTENSIONS) != 0) { if (strcmp(name, "permit-X11-forwarding") == 0) { - *cert_no_x11_forwarding_flag = 0; + opts->permit_x11_forwarding_flag = 1; found = 1; } else if (strcmp(name, "permit-agent-forwarding") == 0) { - *cert_no_agent_forwarding_flag = 0; + opts->permit_agent_forwarding_flag = 1; found = 1; } else if (strcmp(name, "permit-port-forwarding") == 0) { - *cert_no_port_forwarding_flag = 0; + opts->permit_port_forwarding_flag = 1; found = 1; } else if (strcmp(name, "permit-pty") == 0) { - *cert_no_pty_flag = 0; + opts->permit_pty_flag = 1; found = 1; } else if (strcmp(name, "permit-user-rc") == 0) { - *cert_no_user_rc = 0; + opts->permit_user_rc = 1; found = 1; } } @@ -517,13 +191,13 @@ parse_option_list(struct sshbuf *oblob, struct passwd *pw, "section: %s", name, ssh_err(r)); goto out; } - if (*cert_forced_command != NULL) { + if (opts->force_command != NULL) { error("Certificate has multiple " "force-command options"); free(command); goto out; } - *cert_forced_command = command; + opts->force_command = command; found = 1; } if (strcmp(name, "source-address") == 0) { @@ -533,38 +207,19 @@ parse_option_list(struct sshbuf *oblob, struct passwd *pw, "section: %s", name, ssh_err(r)); goto out; } - if ((*cert_source_address_done)++) { + if (opts->required_from_host_cert != NULL) { error("Certificate has multiple " "source-address options"); free(allowed); goto out; } - remote_ip = ssh_remote_ipaddr(ssh); - result = addr_match_cidr_list(remote_ip, - allowed); - free(allowed); - switch (result) { - case 1: - /* accepted */ - break; - case 0: - /* no match */ - logit("Authentication tried for %.100s " - "with valid certificate but not " - "from a permitted host " - "(ip=%.200s).", pw->pw_name, - remote_ip); - auth_debug_add("Your address '%.200s' " - "is not permitted to use this " - "certificate for login.", - remote_ip); - goto out; - case -1: - default: + /* Check syntax */ + if (addr_match_cidr_list(NULL, allowed) == -1) { error("Certificate source-address " "contents invalid"); goto out; } + opts->required_from_host_cert = allowed; found = 1; } } @@ -590,74 +245,628 @@ parse_option_list(struct sshbuf *oblob, struct passwd *pw, ret = 0; out: - if (ret != 0 && - cert_forced_command != NULL && - *cert_forced_command != NULL) { - free(*cert_forced_command); - *cert_forced_command = NULL; - } free(name); sshbuf_free(data); sshbuf_free(c); return ret; } -/* - * Set options from critical certificate options. These supersede user key - * options so this must be called after auth_parse_options(). - */ -int -auth_cert_options(struct sshkey *k, struct passwd *pw, const char **reason) +struct sshauthopt * +sshauthopt_new(void) { - int cert_no_port_forwarding_flag = 1; - int cert_no_agent_forwarding_flag = 1; - int cert_no_x11_forwarding_flag = 1; - int cert_no_pty_flag = 1; - int cert_no_user_rc = 1; - char *cert_forced_command = NULL; - int cert_source_address_done = 0; + struct sshauthopt *ret; - *reason = "invalid certificate options"; + if ((ret = calloc(1, sizeof(*ret))) == NULL) + return NULL; + ret->force_tun_device = -1; + return ret; +} - /* Separate options and extensions for v01 certs */ - if (parse_option_list(k->cert->critical, pw, - OPTIONS_CRITICAL, 1, NULL, NULL, NULL, NULL, NULL, - &cert_forced_command, - &cert_source_address_done) == -1) - return -1; - if (parse_option_list(k->cert->extensions, pw, - OPTIONS_EXTENSIONS, 0, - &cert_no_port_forwarding_flag, - &cert_no_agent_forwarding_flag, - &cert_no_x11_forwarding_flag, - &cert_no_pty_flag, - &cert_no_user_rc, - NULL, NULL) == -1) - return -1; +void +sshauthopt_free(struct sshauthopt *opts) +{ + size_t i; - no_port_forwarding_flag |= cert_no_port_forwarding_flag; - no_agent_forwarding_flag |= cert_no_agent_forwarding_flag; - no_x11_forwarding_flag |= cert_no_x11_forwarding_flag; - no_pty_flag |= cert_no_pty_flag; - no_user_rc |= cert_no_user_rc; - /* - * Only permit both CA and key option forced-command if they match. - * Otherwise refuse the certificate. - */ - if (cert_forced_command != NULL && forced_command != NULL) { - if (strcmp(forced_command, cert_forced_command) == 0) { - free(forced_command); - forced_command = cert_forced_command; - } else { - *reason = "certificate and key options forced command " - "do not match"; - free(cert_forced_command); - return -1; + if (opts == NULL) + return; + + free(opts->cert_principals); + free(opts->force_command); + free(opts->required_from_host_cert); + free(opts->required_from_host_keys); + + for (i = 0; i < opts->nenv; i++) + free(opts->env[i]); + free(opts->env); + + for (i = 0; i < opts->npermitopen; i++) + free(opts->permitopen[i]); + free(opts->permitopen); + + explicit_bzero(opts, sizeof(*opts)); + free(opts); +} + +struct sshauthopt * +sshauthopt_new_with_keys_defaults(void) +{ + struct sshauthopt *ret = NULL; + + if ((ret = sshauthopt_new()) == NULL) + return NULL; + + /* Defaults for authorized_keys flags */ + ret->permit_port_forwarding_flag = 1; + ret->permit_agent_forwarding_flag = 1; + ret->permit_x11_forwarding_flag = 1; + ret->permit_pty_flag = 1; + ret->permit_user_rc = 1; + return ret; +} + +struct sshauthopt * +sshauthopt_parse(const char *opts, const char **errstrp) +{ + char **oarray, *opt, *cp, *tmp, *host; + int r; + struct sshauthopt *ret = NULL; + const char *errstr = "unknown error"; + uint64_t valid_before; + + if (errstrp != NULL) + *errstrp = NULL; + if ((ret = sshauthopt_new_with_keys_defaults()) == NULL) + goto alloc_fail; + + if (opts == NULL) + return ret; + + while (*opts && *opts != ' ' && *opts != '\t') { + /* flag options */ + if ((r = opt_flag("restrict", 0, &opts)) != -1) { + ret->restricted = 1; + ret->permit_port_forwarding_flag = 0; + ret->permit_agent_forwarding_flag = 0; + ret->permit_x11_forwarding_flag = 0; + ret->permit_pty_flag = 0; + ret->permit_user_rc = 0; + } else if ((r = opt_flag("cert-authority", 0, &opts)) != -1) { + ret->cert_authority = r; + } else if ((r = opt_flag("port-forwarding", 1, &opts)) != -1) { + ret->permit_port_forwarding_flag = r == 1; + } else if ((r = opt_flag("agent-forwarding", 1, &opts)) != -1) { + ret->permit_agent_forwarding_flag = r == 1; + } else if ((r = opt_flag("x11-forwarding", 1, &opts)) != -1) { + ret->permit_x11_forwarding_flag = r == 1; + } else if ((r = opt_flag("pty", 1, &opts)) != -1) { + ret->permit_pty_flag = r == 1; + } else if ((r = opt_flag("user-rc", 1, &opts)) != -1) { + ret->permit_user_rc = r == 1; + } else if (opt_match(&opts, "command")) { + if (ret->force_command != NULL) { + errstr = "multiple \"command\" clauses"; + goto fail; + } + ret->force_command = opt_dequote(&opts, &errstr); + if (ret->force_command == NULL) + goto fail; + } else if (opt_match(&opts, "principals")) { + if (ret->cert_principals != NULL) { + errstr = "multiple \"principals\" clauses"; + goto fail; + } + ret->cert_principals = opt_dequote(&opts, &errstr); + if (ret->cert_principals == NULL) + goto fail; + } else if (opt_match(&opts, "from")) { + if (ret->required_from_host_keys != NULL) { + errstr = "multiple \"from\" clauses"; + goto fail; + } + ret->required_from_host_keys = opt_dequote(&opts, + &errstr); + if (ret->required_from_host_keys == NULL) + goto fail; + } else if (opt_match(&opts, "expiry-time")) { + if ((opt = opt_dequote(&opts, &errstr)) == NULL) + goto fail; + if (parse_absolute_time(opt, &valid_before) != 0 || + valid_before == 0) { + free(opt); + errstr = "invalid expires time"; + goto fail; + } + free(opt); + if (ret->valid_before == 0 || + valid_before < ret->valid_before) + ret->valid_before = valid_before; + } else if (opt_match(&opts, "environment")) { + if (ret->nenv > INT_MAX) { + errstr = "too many environment strings"; + goto fail; + } + if ((opt = opt_dequote(&opts, &errstr)) == NULL) + goto fail; + /* env name must be alphanumeric and followed by '=' */ + if ((tmp = strchr(opt, '=')) == NULL) { + free(opt); + errstr = "invalid environment string"; + goto fail; + } + for (cp = opt; cp < tmp; cp++) { + if (!isalnum((u_char)*cp)) { + free(opt); + errstr = "invalid environment string"; + goto fail; + } + } + /* Append it. */ + oarray = ret->env; + if ((ret->env = recallocarray(ret->env, ret->nenv, + ret->nenv + 1, sizeof(*ret->env))) == NULL) { + free(opt); + ret->env = oarray; /* put it back for cleanup */ + goto alloc_fail; + } + ret->env[ret->nenv++] = opt; + } else if (opt_match(&opts, "permitopen")) { + if (ret->npermitopen > INT_MAX) { + errstr = "too many permitopens"; + goto fail; + } + if ((opt = opt_dequote(&opts, &errstr)) == NULL) + goto fail; + if ((tmp = strdup(opt)) == NULL) { + free(opt); + goto alloc_fail; + } + cp = tmp; + /* validate syntax of permitopen before recording it. */ + host = hpdelim(&cp); + if (host == NULL || strlen(host) >= NI_MAXHOST) { + free(tmp); + free(opt); + errstr = "invalid permitopen hostname"; + goto fail; + } + /* + * don't want to use permitopen_port to avoid + * dependency on channels.[ch] here. + */ + if (cp == NULL || + (strcmp(cp, "*") != 0 && a2port(cp) <= 0)) { + free(tmp); + free(opt); + errstr = "invalid permitopen port"; + goto fail; + } + /* XXX - add streamlocal support */ + free(tmp); + /* Record it */ + oarray = ret->permitopen; + if ((ret->permitopen = recallocarray(ret->permitopen, + ret->npermitopen, ret->npermitopen + 1, + sizeof(*ret->permitopen))) == NULL) { + free(opt); + ret->permitopen = oarray; + goto alloc_fail; + } + ret->permitopen[ret->npermitopen++] = opt; + } else if (opt_match(&opts, "tunnel")) { + if ((opt = opt_dequote(&opts, &errstr)) == NULL) + goto fail; + ret->force_tun_device = a2tun(opt, NULL); + free(opt); + if (ret->force_tun_device == SSH_TUNID_ERR) { + errstr = "invalid tun device"; + goto fail; + } } - } else if (cert_forced_command != NULL) - forced_command = cert_forced_command; + /* + * Skip the comma, and move to the next option + * (or break out if there are no more). + */ + if (*opts == '\0' || *opts == ' ' || *opts == '\t') + break; /* End of options. */ + /* Anything other than a comma is an unknown option */ + if (*opts != ',') { + errstr = "unknown key option"; + goto fail; + } + opts++; + if (*opts == '\0') { + errstr = "unexpected end-of-options"; + goto fail; + } + } + + /* success */ + if (errstrp != NULL) + *errstrp = NULL; + return ret; + +alloc_fail: + errstr = "memory allocation failed"; +fail: + sshauthopt_free(ret); + if (errstrp != NULL) + *errstrp = errstr; + return NULL; +} + +struct sshauthopt * +sshauthopt_from_cert(struct sshkey *k) +{ + struct sshauthopt *ret; + + if (k == NULL || !sshkey_type_is_cert(k->type) || k->cert == NULL || + k->cert->type != SSH2_CERT_TYPE_USER) + return NULL; + + if ((ret = sshauthopt_new()) == NULL) + return NULL; + + /* Handle options and critical extensions separately */ + if (cert_option_list(ret, k->cert->critical, + OPTIONS_CRITICAL, 1) == -1) { + sshauthopt_free(ret); + return NULL; + } + if (cert_option_list(ret, k->cert->extensions, + OPTIONS_EXTENSIONS, 0) == -1) { + sshauthopt_free(ret); + return NULL; + } + /* success */ + return ret; +} + +/* + * Merges "additional" options to "primary" and returns the result. + * NB. Some options from primary have primacy. + */ +struct sshauthopt * +sshauthopt_merge(const struct sshauthopt *primary, + const struct sshauthopt *additional, const char **errstrp) +{ + struct sshauthopt *ret; + const char *errstr = "internal error"; + const char *tmp; + + if (errstrp != NULL) + *errstrp = NULL; + + if ((ret = sshauthopt_new()) == NULL) + goto alloc_fail; + + /* cert_authority and cert_principals are cleared in result */ + + /* Prefer access lists from primary. */ + /* XXX err is both set and mismatch? */ + tmp = primary->required_from_host_cert; + if (tmp == NULL) + tmp = additional->required_from_host_cert; + if (tmp != NULL && (ret->required_from_host_cert = strdup(tmp)) == NULL) + goto alloc_fail; + tmp = primary->required_from_host_keys; + if (tmp == NULL) + tmp = additional->required_from_host_keys; + if (tmp != NULL && (ret->required_from_host_keys = strdup(tmp)) == NULL) + goto alloc_fail; + + /* force_tun_device, permitopen and environment prefer the primary. */ + ret->force_tun_device = primary->force_tun_device; + if (ret->force_tun_device == -1) + ret->force_tun_device = additional->force_tun_device; + if (primary->nenv > 0) { + if (dup_strings(&ret->env, &ret->nenv, + primary->env, primary->nenv) != 0) + goto alloc_fail; + } else if (additional->nenv) { + if (dup_strings(&ret->env, &ret->nenv, + additional->env, additional->nenv) != 0) + goto alloc_fail; + } + if (primary->npermitopen > 0) { + if (dup_strings(&ret->permitopen, &ret->npermitopen, + primary->permitopen, primary->npermitopen) != 0) + goto alloc_fail; + } else if (additional->npermitopen > 0) { + if (dup_strings(&ret->permitopen, &ret->npermitopen, + additional->permitopen, additional->npermitopen) != 0) + goto alloc_fail; + } + + /* Flags are logical-AND (i.e. must be set in both for permission) */ +#define OPTFLAG(x) ret->x = (primary->x == 1) && (additional->x == 1) + OPTFLAG(permit_port_forwarding_flag); + OPTFLAG(permit_agent_forwarding_flag); + OPTFLAG(permit_x11_forwarding_flag); + OPTFLAG(permit_pty_flag); + OPTFLAG(permit_user_rc); +#undef OPTFLAG + + /* Earliest expiry time should win */ + if (primary->valid_before != 0) + ret->valid_before = primary->valid_before; + if (additional->valid_before != 0 && + additional->valid_before < ret->valid_before) + ret->valid_before = additional->valid_before; + + /* + * When both multiple forced-command are specified, only + * proceed if they are identical, otherwise fail. + */ + if (primary->force_command != NULL && + additional->force_command != NULL) { + if (strcmp(primary->force_command, + additional->force_command) == 0) { + /* ok */ + ret->force_command = strdup(primary->force_command); + if (ret->force_command == NULL) + goto alloc_fail; + } else { + errstr = "forced command options do not match"; + goto fail; + } + } else if (primary->force_command != NULL) { + if ((ret->force_command = strdup( + primary->force_command)) == NULL) + goto alloc_fail; + } else if (additional->force_command != NULL) { + if ((ret->force_command = strdup( + additional->force_command)) == NULL) + goto alloc_fail; + } + /* success */ + if (errstrp != NULL) + *errstrp = NULL; + return ret; + + alloc_fail: + errstr = "memory allocation failed"; + fail: + if (errstrp != NULL) + *errstrp = errstr; + sshauthopt_free(ret); + return NULL; +} + +/* + * Copy options + */ +struct sshauthopt * +sshauthopt_copy(const struct sshauthopt *orig) +{ + struct sshauthopt *ret; + + if ((ret = sshauthopt_new()) == NULL) + return NULL; + +#define OPTSCALAR(x) ret->x = orig->x + OPTSCALAR(permit_port_forwarding_flag); + OPTSCALAR(permit_agent_forwarding_flag); + OPTSCALAR(permit_x11_forwarding_flag); + OPTSCALAR(permit_pty_flag); + OPTSCALAR(permit_user_rc); + OPTSCALAR(restricted); + OPTSCALAR(cert_authority); + OPTSCALAR(force_tun_device); + OPTSCALAR(valid_before); +#undef OPTSCALAR +#define OPTSTRING(x) \ + do { \ + if (orig->x != NULL && (ret->x = strdup(orig->x)) == NULL) { \ + sshauthopt_free(ret); \ + return NULL; \ + } \ + } while (0) + OPTSTRING(cert_principals); + OPTSTRING(force_command); + OPTSTRING(required_from_host_cert); + OPTSTRING(required_from_host_keys); +#undef OPTSTRING + + if (dup_strings(&ret->env, &ret->nenv, orig->env, orig->nenv) != 0 || + dup_strings(&ret->permitopen, &ret->npermitopen, + orig->permitopen, orig->npermitopen) != 0) { + sshauthopt_free(ret); + return NULL; + } + return ret; +} + +static int +serialise_array(struct sshbuf *m, char **a, size_t n) +{ + struct sshbuf *b; + size_t i; + int r; + + if (n > INT_MAX) + return SSH_ERR_INTERNAL_ERROR; + + if ((b = sshbuf_new()) == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + for (i = 0; i < n; i++) { + if ((r = sshbuf_put_cstring(b, a[i])) != 0) { + sshbuf_free(b); + return r; + } + } + if ((r = sshbuf_put_u32(m, n)) != 0 || + (r = sshbuf_put_stringb(m, b)) != 0) { + sshbuf_free(b); + return r; + } /* success */ - *reason = NULL; return 0; } +static int +deserialise_array(struct sshbuf *m, char ***ap, size_t *np) +{ + char **a = NULL; + size_t i, n = 0; + struct sshbuf *b = NULL; + u_int tmp; + int r = SSH_ERR_INTERNAL_ERROR; + + if ((r = sshbuf_get_u32(m, &tmp)) != 0 || + (r = sshbuf_froms(m, &b)) != 0) + goto out; + if (tmp > INT_MAX) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } + n = tmp; + if (n > 0 && (a = calloc(n, sizeof(*a))) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto out; + } + for (i = 0; i < n; i++) { + if ((r = sshbuf_get_cstring(b, &a[i], NULL)) != 0) + goto out; + } + /* success */ + r = 0; + *ap = a; + a = NULL; + *np = n; + n = 0; + out: + for (i = 0; i < n; i++) + free(a[i]); + free(a); + sshbuf_free(b); + return r; +} + +static int +serialise_nullable_string(struct sshbuf *m, const char *s) +{ + int r; + + if ((r = sshbuf_put_u8(m, s == NULL)) != 0 || + (r = sshbuf_put_cstring(m, s)) != 0) + return r; + return 0; +} + +static int +deserialise_nullable_string(struct sshbuf *m, char **sp) +{ + int r; + u_char flag; + + *sp = NULL; + if ((r = sshbuf_get_u8(m, &flag)) != 0 || + (r = sshbuf_get_cstring(m, flag ? NULL : sp, NULL)) != 0) + return r; + return 0; +} + +int +sshauthopt_serialise(const struct sshauthopt *opts, struct sshbuf *m, + int untrusted) +{ + int r = SSH_ERR_INTERNAL_ERROR; + + /* Flag and simple integer options */ + if ((r = sshbuf_put_u8(m, opts->permit_port_forwarding_flag)) != 0 || + (r = sshbuf_put_u8(m, opts->permit_agent_forwarding_flag)) != 0 || + (r = sshbuf_put_u8(m, opts->permit_x11_forwarding_flag)) != 0 || + (r = sshbuf_put_u8(m, opts->permit_pty_flag)) != 0 || + (r = sshbuf_put_u8(m, opts->permit_user_rc)) != 0 || + (r = sshbuf_put_u8(m, opts->restricted)) != 0 || + (r = sshbuf_put_u8(m, opts->cert_authority)) != 0 || + (r = sshbuf_put_u64(m, opts->valid_before)) != 0) + return r; + + /* tunnel number can be negative to indicate "unset" */ + if ((r = sshbuf_put_u8(m, opts->force_tun_device == -1)) != 0 || + (r = sshbuf_put_u32(m, (opts->force_tun_device < 0) ? + 0 : (u_int)opts->force_tun_device)) != 0) + return r; + + /* String options; these may be NULL */ + if ((r = serialise_nullable_string(m, + untrusted ? "yes" : opts->cert_principals)) != 0 || + (r = serialise_nullable_string(m, + untrusted ? "true" : opts->force_command)) != 0 || + (r = serialise_nullable_string(m, + untrusted ? NULL : opts->required_from_host_cert)) != 0 || + (r = serialise_nullable_string(m, + untrusted ? NULL : opts->required_from_host_keys)) != 0) + return r; + + /* Array options */ + if ((r = serialise_array(m, opts->env, + untrusted ? 0 : opts->nenv)) != 0 || + (r = serialise_array(m, opts->permitopen, + untrusted ? 0 : opts->npermitopen)) != 0) + return r; + + /* success */ + return 0; +} + +int +sshauthopt_deserialise(struct sshbuf *m, struct sshauthopt **optsp) +{ + struct sshauthopt *opts = NULL; + int r = SSH_ERR_INTERNAL_ERROR; + u_char f; + u_int tmp; + + if ((opts = calloc(1, sizeof(*opts))) == NULL) + return SSH_ERR_ALLOC_FAIL; + +#define OPT_FLAG(x) \ + do { \ + if ((r = sshbuf_get_u8(m, &f)) != 0) \ + goto out; \ + opts->x = f; \ + } while (0) + OPT_FLAG(permit_port_forwarding_flag); + OPT_FLAG(permit_agent_forwarding_flag); + OPT_FLAG(permit_x11_forwarding_flag); + OPT_FLAG(permit_pty_flag); + OPT_FLAG(permit_user_rc); + OPT_FLAG(restricted); + OPT_FLAG(cert_authority); +#undef OPT_FLAG + + if ((r = sshbuf_get_u64(m, &opts->valid_before)) != 0) + goto out; + + /* tunnel number can be negative to indicate "unset" */ + if ((r = sshbuf_get_u8(m, &f)) != 0 || + (r = sshbuf_get_u32(m, &tmp)) != 0) + goto out; + opts->force_tun_device = f ? -1 : (int)tmp; + + /* String options may be NULL */ + if ((r = deserialise_nullable_string(m, &opts->cert_principals)) != 0 || + (r = deserialise_nullable_string(m, &opts->force_command)) != 0 || + (r = deserialise_nullable_string(m, + &opts->required_from_host_cert)) != 0 || + (r = deserialise_nullable_string(m, + &opts->required_from_host_keys)) != 0) + goto out; + + /* Array options */ + if ((r = deserialise_array(m, &opts->env, &opts->nenv)) != 0 || + (r = deserialise_array(m, + &opts->permitopen, &opts->npermitopen)) != 0) + goto out; + + /* success */ + r = 0; + *optsp = opts; + opts = NULL; + out: + sshauthopt_free(opts); + return r; +} diff --git a/auth-options.h b/auth-options.h index 547f016355a9..bf59b30be138 100644 --- a/auth-options.h +++ b/auth-options.h @@ -1,40 +1,91 @@ -/* $OpenBSD: auth-options.h,v 1.23 2017/05/31 10:54:00 markus Exp $ */ +/* $OpenBSD: auth-options.h,v 1.26 2018/03/12 00:52:01 djm Exp $ */ /* - * Author: Tatu Ylonen - * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - * All rights reserved + * Copyright (c) 2018 Damien Miller * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #ifndef AUTH_OPTIONS_H #define AUTH_OPTIONS_H -/* Linked list of custom environment strings */ -struct envstring { - struct envstring *next; - char *s; +struct passwd; +struct sshkey; + +/* + * sshauthopt represents key options parsed from authorized_keys or + * from certificate extensions/options. + */ +struct sshauthopt { + /* Feature flags */ + int permit_port_forwarding_flag; + int permit_agent_forwarding_flag; + int permit_x11_forwarding_flag; + int permit_pty_flag; + int permit_user_rc; + + /* "restrict" keyword was invoked */ + int restricted; + + /* key/principal expiry date */ + uint64_t valid_before; + + /* Certificate-related options */ + int cert_authority; + char *cert_principals; + + int force_tun_device; + char *force_command; + + /* Custom environment */ + size_t nenv; + char **env; + + /* Permitted port forwardings */ + size_t npermitopen; + char **permitopen; + + /* + * Permitted host/addresses (comma-separated) + * Caller must check source address matches both lists (if present). + */ + char *required_from_host_cert; + char *required_from_host_keys; }; -/* Flags that may be set in authorized_keys options. */ -extern int no_port_forwarding_flag; -extern int no_agent_forwarding_flag; -extern int no_x11_forwarding_flag; -extern int no_pty_flag; -extern int no_user_rc; -extern char *forced_command; -extern struct envstring *custom_environment; -extern int forced_tun_device; -extern int key_is_cert_authority; -extern char *authorized_principals; +struct sshauthopt *sshauthopt_new(void); +struct sshauthopt *sshauthopt_new_with_keys_defaults(void); +void sshauthopt_free(struct sshauthopt *opts); +struct sshauthopt *sshauthopt_copy(const struct sshauthopt *orig); +int sshauthopt_serialise(const struct sshauthopt *opts, struct sshbuf *m, int); +int sshauthopt_deserialise(struct sshbuf *m, struct sshauthopt **opts); -int auth_parse_options(struct passwd *, char *, const char *, u_long); -void auth_clear_options(void); -int auth_cert_options(struct sshkey *, struct passwd *, const char **); +/* + * Parse authorized_keys options. Returns an options structure on success + * or NULL on failure. Will set errstr on failure. + */ +struct sshauthopt *sshauthopt_parse(const char *s, const char **errstr); + +/* + * Parse certification options to a struct sshauthopt. + * Returns options on success or NULL on failure. + */ +struct sshauthopt *sshauthopt_from_cert(struct sshkey *k); + +/* + * Merge key options. + */ +struct sshauthopt *sshauthopt_merge(const struct sshauthopt *primary, + const struct sshauthopt *additional, const char **errstrp); #endif diff --git a/auth-pam.c b/auth-pam.c index de29c04c9c81..00ba87775511 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -287,18 +287,27 @@ sshpam_chauthtok_ruid(pam_handle_t *pamh, int flags) void sshpam_password_change_required(int reqd) { + extern struct sshauthopt *auth_opts; + static int saved_port, saved_agent, saved_x11; + debug3("%s %d", __func__, reqd); if (sshpam_authctxt == NULL) fatal("%s: PAM authctxt not initialized", __func__); sshpam_authctxt->force_pwchange = reqd; if (reqd) { - no_port_forwarding_flag |= 2; - no_agent_forwarding_flag |= 2; - no_x11_forwarding_flag |= 2; + saved_port = auth_opts->permit_port_forwarding_flag; + saved_agent = auth_opts->permit_agent_forwarding_flag; + saved_x11 = auth_opts->permit_x11_forwarding_flag; + auth_opts->permit_port_forwarding_flag = 0; + auth_opts->permit_agent_forwarding_flag = 0; + auth_opts->permit_x11_forwarding_flag = 0; } else { - no_port_forwarding_flag &= ~2; - no_agent_forwarding_flag &= ~2; - no_x11_forwarding_flag &= ~2; + if (saved_port) + auth_opts->permit_port_forwarding_flag = saved_port; + if (saved_agent) + auth_opts->permit_agent_forwarding_flag = saved_agent; + if (saved_x11) + auth_opts->permit_x11_forwarding_flag = saved_x11; } } @@ -1077,7 +1086,7 @@ do_pam_chauthtok(void) } void -do_pam_session(void) +do_pam_session(struct ssh *ssh) { debug3("PAM: opening session"); @@ -1093,7 +1102,7 @@ do_pam_session(void) sshpam_session_open = 1; else { sshpam_session_open = 0; - disable_forwarding(); + auth_restrict_session(ssh); error("PAM: pam_open_session(): %s", pam_strerror(sshpam_handle, sshpam_err)); } diff --git a/auth-pam.h b/auth-pam.h index c47b442e48a5..4198607454fb 100644 --- a/auth-pam.h +++ b/auth-pam.h @@ -25,10 +25,12 @@ #include "includes.h" #ifdef USE_PAM +struct ssh; + void start_pam(Authctxt *); void finish_pam(void); u_int do_pam_account(void); -void do_pam_session(void); +void do_pam_session(struct ssh *); void do_pam_setcred(int ); void do_pam_chauthtok(void); int do_pam_putenv(char *, char *); diff --git a/auth-passwd.c b/auth-passwd.c index 996c2cf71b00..6097fdd243ea 100644 --- a/auth-passwd.c +++ b/auth-passwd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-passwd.c,v 1.45 2016/07/21 01:39:35 dtucker Exp $ */ +/* $OpenBSD: auth-passwd.c,v 1.46 2018/03/03 03:15:51 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -68,22 +68,15 @@ extern login_cap_t *lc; #define MAX_PASSWORD_LEN 1024 -void -disable_forwarding(void) -{ - no_port_forwarding_flag = 1; - no_agent_forwarding_flag = 1; - no_x11_forwarding_flag = 1; -} - /* * Tries to authenticate the user using password. Returns true if * authentication succeeds. */ int -auth_password(Authctxt *authctxt, const char *password) +auth_password(struct ssh *ssh, const char *password) { - struct passwd * pw = authctxt->pw; + Authctxt *authctxt = ssh->authctxt; + struct passwd *pw = authctxt->pw; int result, ok = authctxt->valid; #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE) static int expire_checked = 0; @@ -128,9 +121,9 @@ auth_password(Authctxt *authctxt, const char *password) authctxt->force_pwchange = 1; } #endif - result = sys_auth_passwd(authctxt, password); + result = sys_auth_passwd(ssh, password); if (authctxt->force_pwchange) - disable_forwarding(); + auth_restrict_session(ssh); return (result && ok); } @@ -170,19 +163,19 @@ warn_expiry(Authctxt *authctxt, auth_session_t *as) } int -sys_auth_passwd(Authctxt *authctxt, const char *password) +sys_auth_passwd(struct ssh *ssh, const char *password) { - struct passwd *pw = authctxt->pw; + Authctxt *authctxt = ssh->authctxt; auth_session_t *as; static int expire_checked = 0; - as = auth_usercheck(pw->pw_name, authctxt->style, "auth-ssh", + as = auth_usercheck(authctxt->pw->pw_name, authctxt->style, "auth-ssh", (char *)password); if (as == NULL) return (0); if (auth_getstate(as) & AUTH_PWEXPIRED) { auth_close(as); - disable_forwarding(); + auth_restrict_session(ssh); authctxt->force_pwchange = 1; return (1); } else { @@ -195,8 +188,9 @@ sys_auth_passwd(Authctxt *authctxt, const char *password) } #elif !defined(CUSTOM_SYS_AUTH_PASSWD) int -sys_auth_passwd(Authctxt *authctxt, const char *password) +sys_auth_passwd(struct ssh *ssh, const char *password) { + Authctxt *authctxt = ssh->authctxt; struct passwd *pw = authctxt->pw; char *encrypted_password, *salt = NULL; diff --git a/auth-sia.c b/auth-sia.c index a9e1c258ca61..7c97f03e51e6 100644 --- a/auth-sia.c +++ b/auth-sia.c @@ -36,6 +36,7 @@ #include #include "ssh.h" +#include "ssh_api.h" #include "key.h" #include "hostfile.h" #include "auth.h" @@ -50,11 +51,12 @@ extern int saved_argc; extern char **saved_argv; int -sys_auth_passwd(Authctxt *authctxt, const char *pass) +sys_auth_passwd(struct ssh *ssh, const char *pass) { int ret; SIAENTITY *ent = NULL; const char *host; + Authctxt *authctxt = ssh->authctxt; host = get_canonical_hostname(options.use_dns); diff --git a/auth.c b/auth.c index a449061741af..63366768a019 100644 --- a/auth.c +++ b/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.124 2017/09/12 06:32:07 djm Exp $ */ +/* $OpenBSD: auth.c,v 1.127 2018/03/12 00:52:01 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -28,6 +28,7 @@ #include #include #include +#include #include @@ -73,12 +74,14 @@ #include "authfile.h" #include "ssherr.h" #include "compat.h" +#include "channels.h" /* import */ extern ServerOptions options; extern int use_privsep; extern Buffer loginmsg; extern struct passwd *privsep_pw; +extern struct sshauthopt *auth_opts; /* Debugging messages */ Buffer auth_debug; @@ -385,10 +388,8 @@ auth_maxtries_exceeded(Authctxt *authctxt) * Check whether root logins are disallowed. */ int -auth_root_allowed(const char *method) +auth_root_allowed(struct ssh *ssh, const char *method) { - struct ssh *ssh = active_state; /* XXX */ - switch (options.permit_root_login) { case PERMIT_YES: return 1; @@ -399,7 +400,7 @@ auth_root_allowed(const char *method) return 1; break; case PERMIT_FORCED_ONLY: - if (forced_command) { + if (auth_opts->force_command != NULL) { logit("Root login accepted for forced command."); return 1; } @@ -840,3 +841,343 @@ auth_get_canonical_hostname(struct ssh *ssh, int use_dns) return dnsname; } } + +/* + * Runs command in a subprocess wuth a minimal environment. + * Returns pid on success, 0 on failure. + * The child stdout and stderr maybe captured, left attached or sent to + * /dev/null depending on the contents of flags. + * "tag" is prepended to log messages. + * NB. "command" is only used for logging; the actual command executed is + * av[0]. + */ +pid_t +subprocess(const char *tag, struct passwd *pw, const char *command, + int ac, char **av, FILE **child, u_int flags) +{ + FILE *f = NULL; + struct stat st; + int fd, devnull, p[2], i; + pid_t pid; + char *cp, errmsg[512]; + u_int envsize; + char **child_env; + + if (child != NULL) + *child = NULL; + + debug3("%s: %s command \"%s\" running as %s (flags 0x%x)", __func__, + tag, command, pw->pw_name, flags); + + /* Check consistency */ + if ((flags & SSH_SUBPROCESS_STDOUT_DISCARD) != 0 && + (flags & SSH_SUBPROCESS_STDOUT_CAPTURE) != 0) { + error("%s: inconsistent flags", __func__); + return 0; + } + if (((flags & SSH_SUBPROCESS_STDOUT_CAPTURE) == 0) != (child == NULL)) { + error("%s: inconsistent flags/output", __func__); + return 0; + } + + /* + * If executing an explicit binary, then verify the it exists + * and appears safe-ish to execute + */ + if (*av[0] != '/') { + error("%s path is not absolute", tag); + return 0; + } + temporarily_use_uid(pw); + if (stat(av[0], &st) < 0) { + error("Could not stat %s \"%s\": %s", tag, + av[0], strerror(errno)); + restore_uid(); + return 0; + } + if (safe_path(av[0], &st, NULL, 0, errmsg, sizeof(errmsg)) != 0) { + error("Unsafe %s \"%s\": %s", tag, av[0], errmsg); + restore_uid(); + return 0; + } + /* Prepare to keep the child's stdout if requested */ + if (pipe(p) != 0) { + error("%s: pipe: %s", tag, strerror(errno)); + restore_uid(); + return 0; + } + restore_uid(); + + switch ((pid = fork())) { + case -1: /* error */ + error("%s: fork: %s", tag, strerror(errno)); + close(p[0]); + close(p[1]); + return 0; + case 0: /* child */ + /* Prepare a minimal environment for the child. */ + envsize = 5; + child_env = xcalloc(sizeof(*child_env), envsize); + child_set_env(&child_env, &envsize, "PATH", _PATH_STDPATH); + child_set_env(&child_env, &envsize, "USER", pw->pw_name); + child_set_env(&child_env, &envsize, "LOGNAME", pw->pw_name); + child_set_env(&child_env, &envsize, "HOME", pw->pw_dir); + if ((cp = getenv("LANG")) != NULL) + child_set_env(&child_env, &envsize, "LANG", cp); + + for (i = 0; i < NSIG; i++) + signal(i, SIG_DFL); + + if ((devnull = open(_PATH_DEVNULL, O_RDWR)) == -1) { + error("%s: open %s: %s", tag, _PATH_DEVNULL, + strerror(errno)); + _exit(1); + } + if (dup2(devnull, STDIN_FILENO) == -1) { + error("%s: dup2: %s", tag, strerror(errno)); + _exit(1); + } + + /* Set up stdout as requested; leave stderr in place for now. */ + fd = -1; + if ((flags & SSH_SUBPROCESS_STDOUT_CAPTURE) != 0) + fd = p[1]; + else if ((flags & SSH_SUBPROCESS_STDOUT_DISCARD) != 0) + fd = devnull; + if (fd != -1 && dup2(fd, STDOUT_FILENO) == -1) { + error("%s: dup2: %s", tag, strerror(errno)); + _exit(1); + } + closefrom(STDERR_FILENO + 1); + + /* Don't use permanently_set_uid() here to avoid fatal() */ + if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) != 0) { + error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid, + strerror(errno)); + _exit(1); + } + if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) != 0) { + error("%s: setresuid %u: %s", tag, (u_int)pw->pw_uid, + strerror(errno)); + _exit(1); + } + /* stdin is pointed to /dev/null at this point */ + if ((flags & SSH_SUBPROCESS_STDOUT_DISCARD) != 0 && + dup2(STDIN_FILENO, STDERR_FILENO) == -1) { + error("%s: dup2: %s", tag, strerror(errno)); + _exit(1); + } + + execve(av[0], av, child_env); + error("%s exec \"%s\": %s", tag, command, strerror(errno)); + _exit(127); + default: /* parent */ + break; + } + + close(p[1]); + if ((flags & SSH_SUBPROCESS_STDOUT_CAPTURE) == 0) + close(p[0]); + else if ((f = fdopen(p[0], "r")) == NULL) { + error("%s: fdopen: %s", tag, strerror(errno)); + close(p[0]); + /* Don't leave zombie child */ + kill(pid, SIGTERM); + while (waitpid(pid, NULL, 0) == -1 && errno == EINTR) + ; + return 0; + } + /* Success */ + debug3("%s: %s pid %ld", __func__, tag, (long)pid); + if (child != NULL) + *child = f; + return pid; +} + +/* These functions link key/cert options to the auth framework */ + +/* Log sshauthopt options locally and (optionally) for remote transmission */ +void +auth_log_authopts(const char *loc, const struct sshauthopt *opts, int do_remote) +{ + int do_env = options.permit_user_env && opts->nenv > 0; + int do_permitopen = opts->npermitopen > 0 && + (options.allow_tcp_forwarding & FORWARD_LOCAL) != 0; + size_t i; + char msg[1024], buf[64]; + + snprintf(buf, sizeof(buf), "%d", opts->force_tun_device); + /* Try to keep this alphabetically sorted */ + snprintf(msg, sizeof(msg), "key options:%s%s%s%s%s%s%s%s%s%s%s%s", + opts->permit_agent_forwarding_flag ? " agent-forwarding" : "", + opts->force_command == NULL ? "" : " command", + do_env ? " environment" : "", + opts->valid_before == 0 ? "" : "expires", + do_permitopen ? " permitopen" : "", + opts->permit_port_forwarding_flag ? " port-forwarding" : "", + opts->cert_principals == NULL ? "" : " principals", + opts->permit_pty_flag ? " pty" : "", + opts->force_tun_device == -1 ? "" : " tun=", + opts->force_tun_device == -1 ? "" : buf, + opts->permit_user_rc ? " user-rc" : "", + opts->permit_x11_forwarding_flag ? " x11-forwarding" : ""); + + debug("%s: %s", loc, msg); + if (do_remote) + auth_debug_add("%s: %s", loc, msg); + + if (options.permit_user_env) { + for (i = 0; i < opts->nenv; i++) { + debug("%s: environment: %s", loc, opts->env[i]); + if (do_remote) { + auth_debug_add("%s: environment: %s", + loc, opts->env[i]); + } + } + } + + /* Go into a little more details for the local logs. */ + if (opts->valid_before != 0) { + format_absolute_time(opts->valid_before, buf, sizeof(buf)); + debug("%s: expires at %s", loc, buf); + } + if (opts->cert_principals != NULL) { + debug("%s: authorized principals: \"%s\"", + loc, opts->cert_principals); + } + if (opts->force_command != NULL) + debug("%s: forced command: \"%s\"", loc, opts->force_command); + if ((options.allow_tcp_forwarding & FORWARD_LOCAL) != 0) { + for (i = 0; i < opts->npermitopen; i++) { + debug("%s: permitted open: %s", + loc, opts->permitopen[i]); + } + } +} + +/* Activate a new set of key/cert options; merging with what is there. */ +int +auth_activate_options(struct ssh *ssh, struct sshauthopt *opts) +{ + struct sshauthopt *old = auth_opts; + const char *emsg = NULL; + + debug("%s: setting new authentication options", __func__); + if ((auth_opts = sshauthopt_merge(old, opts, &emsg)) == NULL) { + error("Inconsistent authentication options: %s", emsg); + return -1; + } + return 0; +} + +/* Disable forwarding, etc for the session */ +void +auth_restrict_session(struct ssh *ssh) +{ + struct sshauthopt *restricted; + + debug("%s: restricting session", __func__); + + /* A blank sshauthopt defaults to permitting nothing */ + restricted = sshauthopt_new(); + restricted->restricted = 1; + + if (auth_activate_options(ssh, restricted) != 0) + fatal("%s: failed to restrict session", __func__); + sshauthopt_free(restricted); +} + +int +auth_authorise_keyopts(struct ssh *ssh, struct passwd *pw, + struct sshauthopt *opts, int allow_cert_authority, const char *loc) +{ + const char *remote_ip = ssh_remote_ipaddr(ssh); + const char *remote_host = auth_get_canonical_hostname(ssh, + options.use_dns); + time_t now = time(NULL); + char buf[64]; + + /* + * Check keys/principals file expiry time. + * NB. validity interval in certificate is handled elsewhere. + */ + if (opts->valid_before && now > 0 && + opts->valid_before < (uint64_t)now) { + format_absolute_time(opts->valid_before, buf, sizeof(buf)); + debug("%s: entry expired at %s", loc, buf); + auth_debug_add("%s: entry expired at %s", loc, buf); + return -1; + } + /* Consistency checks */ + if (opts->cert_principals != NULL && !opts->cert_authority) { + debug("%s: principals on non-CA key", loc); + auth_debug_add("%s: principals on non-CA key", loc); + /* deny access */ + return -1; + } + /* cert-authority flag isn't valid in authorized_principals files */ + if (!allow_cert_authority && opts->cert_authority) { + debug("%s: cert-authority flag invalid here", loc); + auth_debug_add("%s: cert-authority flag invalid here", loc); + /* deny access */ + return -1; + } + + /* Perform from= checks */ + if (opts->required_from_host_keys != NULL) { + switch (match_host_and_ip(remote_host, remote_ip, + opts->required_from_host_keys )) { + case 1: + /* Host name matches. */ + break; + case -1: + default: + debug("%s: invalid from criteria", loc); + auth_debug_add("%s: invalid from criteria", loc); + /* FALLTHROUGH */ + case 0: + logit("%s: Authentication tried for %.100s with " + "correct key but not from a permitted " + "host (host=%.200s, ip=%.200s, required=%.200s).", + loc, pw->pw_name, remote_host, remote_ip, + opts->required_from_host_keys); + auth_debug_add("%s: Your host '%.200s' is not " + "permitted to use this key for login.", + loc, remote_host); + /* deny access */ + return -1; + } + } + /* Check source-address restriction from certificate */ + if (opts->required_from_host_cert != NULL) { + switch (addr_match_cidr_list(remote_ip, + opts->required_from_host_cert)) { + case 1: + /* accepted */ + break; + case -1: + default: + /* invalid */ + error("%s: Certificate source-address invalid", + loc); + /* FALLTHROUGH */ + case 0: + logit("%s: Authentication tried for %.100s with valid " + "certificate but not from a permitted source " + "address (%.200s).", loc, pw->pw_name, remote_ip); + auth_debug_add("%s: Your address '%.200s' is not " + "permitted to use this certificate for login.", + loc, remote_ip); + return -1; + } + } + /* + * + * XXX this is spammy. We should report remotely only for keys + * that are successful in actual auth attempts, and not PK_OK + * tests. + */ + auth_log_authopts(loc, opts, 1); + + return 0; +} diff --git a/auth.h b/auth.h index 29835ae92750..23ce67cafe41 100644 --- a/auth.h +++ b/auth.h @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.h,v 1.93 2017/08/18 05:36:45 djm Exp $ */ +/* $OpenBSD: auth.h,v 1.95 2018/03/03 03:15:51 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -42,9 +42,11 @@ #include #endif +struct passwd; struct ssh; -struct sshkey; struct sshbuf; +struct sshkey; +struct sshauthopt; typedef struct Authctxt Authctxt; typedef struct Authmethod Authmethod; @@ -128,11 +130,12 @@ struct KbdintDevice int auth_rhosts2(struct passwd *, const char *, const char *, const char *); -int auth_password(Authctxt *, const char *); +int auth_password(struct ssh *, const char *); int hostbased_key_allowed(struct passwd *, const char *, char *, struct sshkey *); -int user_key_allowed(struct passwd *, struct sshkey *, int); +int user_key_allowed(struct ssh *, struct passwd *, struct sshkey *, int, + struct sshauthopt **); int auth2_key_already_used(Authctxt *, const struct sshkey *); /* @@ -163,14 +166,12 @@ int auth_shadow_pwexpired(Authctxt *); #include "audit.h" void remove_kbdint_device(const char *); -void disable_forwarding(void); - void do_authentication2(Authctxt *); void auth_log(Authctxt *, int, int, const char *, const char *); void auth_maxtries_exceeded(Authctxt *) __attribute__((noreturn)); void userauth_finish(struct ssh *, int, const char *, const char *); -int auth_root_allowed(const char *); +int auth_root_allowed(struct ssh *, const char *); void userauth_send_banner(const char *); @@ -214,14 +215,29 @@ int get_hostkey_index(struct sshkey *, int, struct ssh *); int sshd_hostkey_sign(struct sshkey *, struct sshkey *, u_char **, size_t *, const u_char *, size_t, const char *, u_int); +/* Key / cert options linkage to auth layer */ +const struct sshauthopt *auth_options(struct ssh *); +int auth_activate_options(struct ssh *, struct sshauthopt *); +void auth_restrict_session(struct ssh *); +int auth_authorise_keyopts(struct ssh *, struct passwd *pw, + struct sshauthopt *, int, const char *); +void auth_log_authopts(const char *, const struct sshauthopt *, int); + /* debug messages during authentication */ -void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2))); +void auth_debug_add(const char *fmt,...) + __attribute__((format(printf, 1, 2))); void auth_debug_send(void); void auth_debug_reset(void); struct passwd *fakepw(void); -int sys_auth_passwd(Authctxt *, const char *); +#define SSH_SUBPROCESS_STDOUT_DISCARD (1) /* Discard stdout */ +#define SSH_SUBPROCESS_STDOUT_CAPTURE (1<<1) /* Redirect stdout */ +#define SSH_SUBPROCESS_STDERR_DISCARD (1<<2) /* Discard stderr */ +pid_t subprocess(const char *, struct passwd *, + const char *, int, char **, FILE **, u_int flags); + +int sys_auth_passwd(struct ssh *, const char *); #define SKEY_PROMPT "\nS/Key Password: " diff --git a/auth2-hostbased.c b/auth2-hostbased.c index 92758b38c19d..8996f7e05211 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-hostbased.c,v 1.31 2017/06/24 06:34:38 djm Exp $ */ +/* $OpenBSD: auth2-hostbased.c,v 1.33 2018/01/23 05:27:21 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -62,7 +62,7 @@ userauth_hostbased(struct ssh *ssh) Authctxt *authctxt = ssh->authctxt; struct sshbuf *b; struct sshkey *key = NULL; - char *pkalg, *cuser, *chost, *service; + char *pkalg, *cuser, *chost; u_char *pkblob, *sig; size_t alen, blen, slen; int r, pktype, authenticated = 0; @@ -118,15 +118,13 @@ userauth_hostbased(struct ssh *ssh) goto done; } - service = ssh->compat & SSH_BUG_HBSERVICE ? "ssh-userauth" : - authctxt->service; if ((b = sshbuf_new()) == NULL) fatal("%s: sshbuf_new failed", __func__); /* reconstruct packet */ if ((r = sshbuf_put_string(b, session_id2, session_id2_len)) != 0 || (r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 || (r = sshbuf_put_cstring(b, authctxt->user)) != 0 || - (r = sshbuf_put_cstring(b, service)) != 0 || + (r = sshbuf_put_cstring(b, authctxt->service)) != 0 || (r = sshbuf_put_cstring(b, "hostbased")) != 0 || (r = sshbuf_put_string(b, pkalg, alen)) != 0 || (r = sshbuf_put_string(b, pkblob, blen)) != 0 || @@ -144,7 +142,7 @@ userauth_hostbased(struct ssh *ssh) authenticated = 0; if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) && PRIVSEP(sshkey_verify(key, sig, slen, - sshbuf_ptr(b), sshbuf_len(b), ssh->compat)) == 0) + sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat)) == 0) authenticated = 1; auth2_record_key(authctxt, authenticated, key); diff --git a/auth2-none.c b/auth2-none.c index 35d25fa6349f..8d4e9bb8c815 100644 --- a/auth2-none.c +++ b/auth2-none.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-none.c,v 1.20 2017/05/30 14:29:59 markus Exp $ */ +/* $OpenBSD: auth2-none.c,v 1.21 2018/03/03 03:15:51 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -68,7 +68,7 @@ userauth_none(struct ssh *ssh) if ((r = sshpkt_get_end(ssh)) != 0) fatal("%s: %s", __func__, ssh_err(r)); if (options.permit_empty_passwd && options.password_authentication) - return (PRIVSEP(auth_password(ssh->authctxt, ""))); + return (PRIVSEP(auth_password(ssh, ""))); return (0); } diff --git a/auth2-passwd.c b/auth2-passwd.c index 5f7ba32440b0..445016aec477 100644 --- a/auth2-passwd.c +++ b/auth2-passwd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-passwd.c,v 1.14 2017/05/30 14:29:59 markus Exp $ */ +/* $OpenBSD: auth2-passwd.c,v 1.15 2018/03/03 03:15:51 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -63,7 +63,7 @@ userauth_passwd(struct ssh *ssh) if (change) logit("password change not supported"); - else if (PRIVSEP(auth_password(ssh->authctxt, password)) == 1) + else if (PRIVSEP(auth_password(ssh, password)) == 1) authenticated = 1; explicit_bzero(password, len); free(password); diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 169839b01ed7..8024b1d6a976 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.71 2017/09/07 23:48:09 djm Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.77 2018/03/03 03:15:51 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -73,42 +73,39 @@ extern ServerOptions options; extern u_char *session_id2; extern u_int session_id2_len; +static char * +format_key(const struct sshkey *key) +{ + char *ret, *fp = sshkey_fingerprint(key, + options.fingerprint_hash, SSH_FP_DEFAULT); + + xasprintf(&ret, "%s %s", sshkey_type(key), fp); + free(fp); + return ret; +} + static int userauth_pubkey(struct ssh *ssh) { Authctxt *authctxt = ssh->authctxt; + struct passwd *pw = authctxt->pw; struct sshbuf *b; struct sshkey *key = NULL; - char *pkalg, *userstyle = NULL, *fp = NULL; + char *pkalg, *userstyle = NULL, *key_s = NULL, *ca_s = NULL; u_char *pkblob, *sig, have_sig; size_t blen, slen; int r, pktype; int authenticated = 0; + struct sshauthopt *authopts = NULL; if (!authctxt->valid) { debug2("%s: disabled because of invalid user", __func__); return 0; } - if ((r = sshpkt_get_u8(ssh, &have_sig)) != 0) - fatal("%s: sshpkt_get_u8 failed: %s", __func__, ssh_err(r)); - if (ssh->compat & SSH_BUG_PKAUTH) { - debug2("%s: SSH_BUG_PKAUTH", __func__); - if ((b = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); - /* no explicit pkalg given */ - /* so we have to extract the pkalg from the pkblob */ - /* XXX use sshbuf_from() */ - if ((r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0 || - (r = sshbuf_put(b, pkblob, blen)) != 0 || - (r = sshbuf_get_cstring(b, &pkalg, NULL)) != 0) - fatal("%s: failed: %s", __func__, ssh_err(r)); - sshbuf_free(b); - } else { - if ((r = sshpkt_get_cstring(ssh, &pkalg, NULL)) != 0 || - (r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0) - fatal("%s: sshpkt_get_cstring failed: %s", - __func__, ssh_err(r)); - } + if ((r = sshpkt_get_u8(ssh, &have_sig)) != 0 || + (r = sshpkt_get_cstring(ssh, &pkalg, NULL)) != 0 || + (r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0) + fatal("%s: parse request failed: %s", __func__, ssh_err(r)); pktype = sshkey_type_from_name(pkalg); if (pktype == KEY_UNSPEC) { /* this is perfectly legal */ @@ -135,7 +132,6 @@ userauth_pubkey(struct ssh *ssh) "signature scheme"); goto done; } - fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_DEFAULT); if (auth2_key_already_used(authctxt, key)) { logit("refusing previously-used %s key", sshkey_type(key)); goto done; @@ -147,9 +143,15 @@ userauth_pubkey(struct ssh *ssh) goto done; } + key_s = format_key(key); + if (sshkey_is_cert(key)) + ca_s = format_key(key->cert->signature_key); + if (have_sig) { - debug3("%s: have signature for %s %s", - __func__, sshkey_type(key), fp); + debug3("%s: have %s signature for %s%s%s", + __func__, pkalg, key_s, + ca_s == NULL ? "" : " CA ", + ca_s == NULL ? "" : ca_s); if ((r = sshpkt_get_string(ssh, &sig, &slen)) != 0 || (r = sshpkt_get_end(ssh)) != 0) fatal("%s: %s", __func__, ssh_err(r)); @@ -172,22 +174,11 @@ userauth_pubkey(struct ssh *ssh) authctxt->style ? authctxt->style : ""); if ((r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 || (r = sshbuf_put_cstring(b, userstyle)) != 0 || - (r = sshbuf_put_cstring(b, ssh->compat & SSH_BUG_PKSERVICE ? - "ssh-userauth" : authctxt->service)) != 0) - fatal("%s: build packet failed: %s", - __func__, ssh_err(r)); - if (ssh->compat & SSH_BUG_PKAUTH) { - if ((r = sshbuf_put_u8(b, have_sig)) != 0) - fatal("%s: build packet failed: %s", - __func__, ssh_err(r)); - } else { - if ((r = sshbuf_put_cstring(b, "publickey")) != 0 || - (r = sshbuf_put_u8(b, have_sig)) != 0 || - (r = sshbuf_put_cstring(b, pkalg) != 0)) - fatal("%s: build packet failed: %s", - __func__, ssh_err(r)); - } - if ((r = sshbuf_put_string(b, pkblob, blen)) != 0) + (r = sshbuf_put_cstring(b, authctxt->service)) != 0 || + (r = sshbuf_put_cstring(b, "publickey")) != 0 || + (r = sshbuf_put_u8(b, have_sig)) != 0 || + (r = sshbuf_put_cstring(b, pkalg) != 0) || + (r = sshbuf_put_string(b, pkblob, blen)) != 0) fatal("%s: build packet failed: %s", __func__, ssh_err(r)); #ifdef DEBUG_PK @@ -196,17 +187,20 @@ userauth_pubkey(struct ssh *ssh) /* test for correct signature */ authenticated = 0; - if (PRIVSEP(user_key_allowed(authctxt->pw, key, 1)) && + if (PRIVSEP(user_key_allowed(ssh, pw, key, 1, &authopts)) && PRIVSEP(sshkey_verify(key, sig, slen, sshbuf_ptr(b), - sshbuf_len(b), ssh->compat)) == 0) { + sshbuf_len(b), NULL, ssh->compat)) == 0) { authenticated = 1; } sshbuf_free(b); free(sig); auth2_record_key(authctxt, authenticated, key); } else { - debug("%s: test whether pkalg/pkblob are acceptable for %s %s", - __func__, sshkey_type(key), fp); + debug("%s: test pkalg %s pkblob %s%s%s", + __func__, pkalg, key_s, + ca_s == NULL ? "" : " CA ", + ca_s == NULL ? "" : ca_s); + if ((r = sshpkt_get_end(ssh)) != 0) fatal("%s: %s", __func__, ssh_err(r)); @@ -218,7 +212,7 @@ userauth_pubkey(struct ssh *ssh) * if a user is not allowed to login. is this an * issue? -markus */ - if (PRIVSEP(user_key_allowed(authctxt->pw, key, 0))) { + if (PRIVSEP(user_key_allowed(ssh, pw, key, 0, NULL))) { if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_PK_OK)) != 0 || (r = sshpkt_put_cstring(ssh, pkalg)) != 0 || @@ -229,15 +223,20 @@ userauth_pubkey(struct ssh *ssh) authctxt->postponed = 1; } } - if (authenticated != 1) - auth_clear_options(); done: + if (authenticated == 1 && auth_activate_options(ssh, authopts) != 0) { + debug("%s: key options inconsistent with existing", __func__); + authenticated = 0; + } debug2("%s: authenticated %d pkalg %s", __func__, authenticated, pkalg); + + sshauthopt_free(authopts); sshkey_free(key); free(userstyle); free(pkalg); free(pkblob); - free(fp); + free(key_s); + free(ca_s); return authenticated; } @@ -261,18 +260,77 @@ match_principals_option(const char *principal_list, struct sshkey_cert *cert) return 0; } +/* + * Process a single authorized_principals format line. Returns 0 and sets + * authoptsp is principal is authorised, -1 otherwise. "loc" is used as a + * log preamble for file/line information. + */ static int -process_principals(FILE *f, const char *file, struct passwd *pw, - const struct sshkey_cert *cert) +check_principals_line(struct ssh *ssh, char *cp, const struct sshkey_cert *cert, + const char *loc, struct sshauthopt **authoptsp) { - char line[SSH_MAX_PUBKEY_BYTES], *cp, *ep, *line_opts; + u_int i, found = 0; + char *ep, *line_opts; + const char *reason = NULL; + struct sshauthopt *opts = NULL; + + if (authoptsp != NULL) + *authoptsp = NULL; + + /* Trim trailing whitespace. */ + ep = cp + strlen(cp) - 1; + while (ep > cp && (*ep == '\n' || *ep == ' ' || *ep == '\t')) + *ep-- = '\0'; + + /* + * If the line has internal whitespace then assume it has + * key options. + */ + line_opts = NULL; + if ((ep = strrchr(cp, ' ')) != NULL || + (ep = strrchr(cp, '\t')) != NULL) { + for (; *ep == ' ' || *ep == '\t'; ep++) + ; + line_opts = cp; + cp = ep; + } + if ((opts = sshauthopt_parse(line_opts, &reason)) == NULL) { + debug("%s: bad principals options: %s", loc, reason); + auth_debug_add("%s: bad principals options: %s", loc, reason); + return -1; + } + /* Check principals in cert against those on line */ + for (i = 0; i < cert->nprincipals; i++) { + if (strcmp(cp, cert->principals[i]) != 0) + continue; + debug3("%s: matched principal \"%.100s\"", + loc, cert->principals[i]); + found = 1; + } + if (found && authoptsp != NULL) { + *authoptsp = opts; + opts = NULL; + } + sshauthopt_free(opts); + return found ? 0 : -1; +} + +static int +process_principals(struct ssh *ssh, FILE *f, const char *file, + const struct sshkey_cert *cert, struct sshauthopt **authoptsp) +{ + char loc[256], line[SSH_MAX_PUBKEY_BYTES], *cp, *ep; u_long linenum = 0; - u_int i, found_principal = 0; + u_int found_principal = 0; + + if (authoptsp != NULL) + *authoptsp = NULL; while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { /* Always consume entire input */ if (found_principal) continue; + /* Skip leading whitespace. */ for (cp = line; *cp == ' ' || *cp == '\t'; cp++) ; @@ -281,50 +339,33 @@ process_principals(FILE *f, const char *file, struct passwd *pw, *ep = '\0'; if (!*cp || *cp == '\n') continue; - /* Trim trailing whitespace. */ - ep = cp + strlen(cp) - 1; - while (ep > cp && (*ep == '\n' || *ep == ' ' || *ep == '\t')) - *ep-- = '\0'; - /* - * If the line has internal whitespace then assume it has - * key options. - */ - line_opts = NULL; - if ((ep = strrchr(cp, ' ')) != NULL || - (ep = strrchr(cp, '\t')) != NULL) { - for (; *ep == ' ' || *ep == '\t'; ep++) - ; - line_opts = cp; - cp = ep; - } - for (i = 0; i < cert->nprincipals; i++) { - if (strcmp(cp, cert->principals[i]) == 0) { - debug3("%s:%lu: matched principal \"%.100s\"", - file, linenum, cert->principals[i]); - if (auth_parse_options(pw, line_opts, - file, linenum) != 1) - continue; - found_principal = 1; - continue; - } - } + + snprintf(loc, sizeof(loc), "%.200s:%lu", file, linenum); + if (check_principals_line(ssh, cp, cert, loc, authoptsp) == 0) + found_principal = 1; } return found_principal; } +/* XXX remove pw args here and elsewhere once ssh->authctxt is guaranteed */ + static int -match_principals_file(char *file, struct passwd *pw, struct sshkey_cert *cert) +match_principals_file(struct ssh *ssh, struct passwd *pw, char *file, + struct sshkey_cert *cert, struct sshauthopt **authoptsp) { FILE *f; int success; + if (authoptsp != NULL) + *authoptsp = NULL; + temporarily_use_uid(pw); debug("trying authorized principals file %s", file); if ((f = auth_openprincipals(file, pw, options.strict_modes)) == NULL) { restore_uid(); return 0; } - success = process_principals(f, file, pw, cert); + success = process_principals(ssh, f, file, cert, authoptsp); fclose(f); restore_uid(); return success; @@ -335,12 +376,13 @@ match_principals_file(char *file, struct passwd *pw, struct sshkey_cert *cert) * returns 1 if the principal is allowed or 0 otherwise. */ static int -match_principals_command(struct passwd *user_pw, const struct sshkey *key) +match_principals_command(struct ssh *ssh, struct passwd *user_pw, + const struct sshkey *key, struct sshauthopt **authoptsp) { + struct passwd *runas_pw = NULL; const struct sshkey_cert *cert = key->cert; FILE *f = NULL; int r, ok, found_principal = 0; - struct passwd *pw; int i, ac = 0, uid_swapped = 0; pid_t pid; char *tmp, *username = NULL, *command = NULL, **av = NULL; @@ -348,6 +390,8 @@ match_principals_command(struct passwd *user_pw, const struct sshkey *key) char serial_s[16]; void (*osigchld)(int); + if (authoptsp != NULL) + *authoptsp = NULL; if (options.authorized_principals_command == NULL) return 0; if (options.authorized_principals_command_user == NULL) { @@ -365,8 +409,8 @@ match_principals_command(struct passwd *user_pw, const struct sshkey *key) /* Prepare and verify the user for the command */ username = percent_expand(options.authorized_principals_command_user, "u", user_pw->pw_name, (char *)NULL); - pw = getpwnam(username); - if (pw == NULL) { + runas_pw = getpwnam(username); + if (runas_pw == NULL) { error("AuthorizedPrincipalsCommandUser \"%s\" not found: %s", username, strerror(errno)); goto out; @@ -424,15 +468,15 @@ match_principals_command(struct passwd *user_pw, const struct sshkey *key) /* Prepare a printable command for logs, etc. */ command = argv_assemble(ac, av); - if ((pid = subprocess("AuthorizedPrincipalsCommand", pw, command, + if ((pid = subprocess("AuthorizedPrincipalsCommand", runas_pw, command, ac, av, &f, SSH_SUBPROCESS_STDOUT_CAPTURE|SSH_SUBPROCESS_STDERR_DISCARD)) == 0) goto out; uid_swapped = 1; - temporarily_use_uid(pw); + temporarily_use_uid(runas_pw); - ok = process_principals(f, "(command)", pw, cert); + ok = process_principals(ssh, f, "(command)", cert, authoptsp); fclose(f); f = NULL; @@ -459,132 +503,225 @@ match_principals_command(struct passwd *user_pw, const struct sshkey *key) free(keytext); return found_principal; } + +static void +skip_space(char **cpp) +{ + char *cp; + + for (cp = *cpp; *cp == ' ' || *cp == '\t'; cp++) + ; + *cpp = cp; +} + +/* + * Advanced *cpp past the end of key options, defined as the first unquoted + * whitespace character. Returns 0 on success or -1 on failure (e.g. + * unterminated quotes). + */ +static int +advance_past_options(char **cpp) +{ + char *cp = *cpp; + int quoted = 0; + + for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) { + if (*cp == '\\' && cp[1] == '"') + cp++; /* Skip both */ + else if (*cp == '"') + quoted = !quoted; + } + *cpp = cp; + /* return failure for unterminated quotes */ + return (*cp == '\0' && quoted) ? -1 : 0; +} + +/* + * Check a single line of an authorized_keys-format file. Returns 0 if key + * matches, -1 otherwise. Will return key/cert options via *authoptsp + * on success. "loc" is used as file/line location in log messages. + */ +static int +check_authkey_line(struct ssh *ssh, struct passwd *pw, struct sshkey *key, + char *cp, const char *loc, struct sshauthopt **authoptsp) +{ + int want_keytype = sshkey_is_cert(key) ? KEY_UNSPEC : key->type; + struct sshkey *found = NULL; + struct sshauthopt *keyopts = NULL, *certopts = NULL, *finalopts = NULL; + char *key_options = NULL, *fp = NULL; + const char *reason = NULL; + int ret = -1; + + if (authoptsp != NULL) + *authoptsp = NULL; + + if ((found = sshkey_new(want_keytype)) == NULL) { + debug3("%s: keytype %d failed", __func__, want_keytype); + goto out; + } + + /* XXX djm: peek at key type in line and skip if unwanted */ + + if (sshkey_read(found, &cp) != 0) { + /* no key? check for options */ + debug2("%s: check options: '%s'", loc, cp); + key_options = cp; + if (advance_past_options(&cp) != 0) { + reason = "invalid key option string"; + goto fail_reason; + } + skip_space(&cp); + if (sshkey_read(found, &cp) != 0) { + /* still no key? advance to next line*/ + debug2("%s: advance: '%s'", loc, cp); + goto out; + } + } + /* Parse key options now; we need to know if this is a CA key */ + if ((keyopts = sshauthopt_parse(key_options, &reason)) == NULL) { + debug("%s: bad key options: %s", loc, reason); + auth_debug_add("%s: bad key options: %s", loc, reason); + goto out; + } + /* Ignore keys that don't match or incorrectly marked as CAs */ + if (sshkey_is_cert(key)) { + /* Certificate; check signature key against CA */ + if (!sshkey_equal(found, key->cert->signature_key) || + !keyopts->cert_authority) + goto out; + } else { + /* Plain key: check it against key found in file */ + if (!sshkey_equal(found, key) || keyopts->cert_authority) + goto out; + } + + /* We have a candidate key, perform authorisation checks */ + if ((fp = sshkey_fingerprint(found, + options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) + fatal("%s: fingerprint failed", __func__); + + debug("%s: matching %s found: %s %s", loc, + sshkey_is_cert(key) ? "CA" : "key", sshkey_type(found), fp); + + if (auth_authorise_keyopts(ssh, pw, keyopts, + sshkey_is_cert(key), loc) != 0) { + reason = "Refused by key options"; + goto fail_reason; + } + /* That's all we need for plain keys. */ + if (!sshkey_is_cert(key)) { + verbose("Accepted key %s %s found at %s", + sshkey_type(found), fp, loc); + finalopts = keyopts; + keyopts = NULL; + goto success; + } + + /* + * Additional authorisation for certificates. + */ + + /* Parse and check options present in certificate */ + if ((certopts = sshauthopt_from_cert(key)) == NULL) { + reason = "Invalid certificate options"; + goto fail_reason; + } + if (auth_authorise_keyopts(ssh, pw, certopts, 0, loc) != 0) { + reason = "Refused by certificate options"; + goto fail_reason; + } + if ((finalopts = sshauthopt_merge(keyopts, certopts, &reason)) == NULL) + goto fail_reason; + + /* + * If the user has specified a list of principals as + * a key option, then prefer that list to matching + * their username in the certificate principals list. + */ + if (keyopts->cert_principals != NULL && + !match_principals_option(keyopts->cert_principals, key->cert)) { + reason = "Certificate does not contain an authorized principal"; + goto fail_reason; + } + if (sshkey_cert_check_authority(key, 0, 0, + keyopts->cert_principals == NULL ? pw->pw_name : NULL, &reason) != 0) + goto fail_reason; + + verbose("Accepted certificate ID \"%s\" (serial %llu) " + "signed by CA %s %s found at %s", + key->cert->key_id, + (unsigned long long)key->cert->serial, + sshkey_type(found), fp, loc); + + success: + if (finalopts == NULL) + fatal("%s: internal error: missing options", __func__); + if (authoptsp != NULL) { + *authoptsp = finalopts; + finalopts = NULL; + } + /* success */ + ret = 0; + goto out; + + fail_reason: + error("%s", reason); + auth_debug_add("%s", reason); + out: + free(fp); + sshauthopt_free(keyopts); + sshauthopt_free(certopts); + sshauthopt_free(finalopts); + sshkey_free(found); + return ret; +} + /* * Checks whether key is allowed in authorized_keys-format file, * returns 1 if the key is allowed or 0 otherwise. */ static int -check_authkeys_file(FILE *f, char *file, struct sshkey *key, struct passwd *pw) +check_authkeys_file(struct ssh *ssh, struct passwd *pw, FILE *f, + char *file, struct sshkey *key, struct sshauthopt **authoptsp) { - char line[SSH_MAX_PUBKEY_BYTES]; + char *cp, line[SSH_MAX_PUBKEY_BYTES], loc[256]; int found_key = 0; u_long linenum = 0; - struct sshkey *found = NULL; + + if (authoptsp != NULL) + *authoptsp = NULL; while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { - char *cp, *key_options = NULL, *fp = NULL; - const char *reason = NULL; - /* Always consume entire file */ if (found_key) continue; - if (found != NULL) - sshkey_free(found); - found = sshkey_new(sshkey_is_cert(key) ? KEY_UNSPEC : key->type); - if (found == NULL) - goto done; - auth_clear_options(); /* Skip leading whitespace, empty and comment lines. */ - for (cp = line; *cp == ' ' || *cp == '\t'; cp++) - ; + cp = line; + skip_space(&cp); if (!*cp || *cp == '\n' || *cp == '#') continue; - - if (sshkey_read(found, &cp) != 0) { - /* no key? check if there are options for this key */ - int quoted = 0; - debug2("user_key_allowed: check options: '%s'", cp); - key_options = cp; - for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) { - if (*cp == '\\' && cp[1] == '"') - cp++; /* Skip both */ - else if (*cp == '"') - quoted = !quoted; - } - /* Skip remaining whitespace. */ - for (; *cp == ' ' || *cp == '\t'; cp++) - ; - if (sshkey_read(found, &cp) != 0) { - debug2("user_key_allowed: advance: '%s'", cp); - /* still no key? advance to next line*/ - continue; - } - } - if (sshkey_is_cert(key)) { - if (!sshkey_equal(found, key->cert->signature_key)) - continue; - if (auth_parse_options(pw, key_options, file, - linenum) != 1) - continue; - if (!key_is_cert_authority) - continue; - if ((fp = sshkey_fingerprint(found, - options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) - continue; - debug("matching CA found: file %s, line %lu, %s %s", - file, linenum, sshkey_type(found), fp); - /* - * If the user has specified a list of principals as - * a key option, then prefer that list to matching - * their username in the certificate principals list. - */ - if (authorized_principals != NULL && - !match_principals_option(authorized_principals, - key->cert)) { - reason = "Certificate does not contain an " - "authorized principal"; - fail_reason: - free(fp); - error("%s", reason); - auth_debug_add("%s", reason); - continue; - } - if (sshkey_cert_check_authority(key, 0, 0, - authorized_principals == NULL ? pw->pw_name : NULL, - &reason) != 0) - goto fail_reason; - if (auth_cert_options(key, pw, &reason) != 0) - goto fail_reason; - verbose("Accepted certificate ID \"%s\" (serial %llu) " - "signed by %s CA %s via %s", key->cert->key_id, - (unsigned long long)key->cert->serial, - sshkey_type(found), fp, file); - free(fp); + snprintf(loc, sizeof(loc), "%.200s:%lu", file, linenum); + if (check_authkey_line(ssh, pw, key, cp, loc, authoptsp) == 0) found_key = 1; - break; - } else if (sshkey_equal(found, key)) { - if (auth_parse_options(pw, key_options, file, - linenum) != 1) - continue; - if (key_is_cert_authority) - continue; - if ((fp = sshkey_fingerprint(found, - options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) - continue; - debug("matching key found: file %s, line %lu %s %s", - file, linenum, sshkey_type(found), fp); - free(fp); - found_key = 1; - continue; - } } - done: - if (found != NULL) - sshkey_free(found); - if (!found_key) - debug2("key not found"); return found_key; } /* Authenticate a certificate key against TrustedUserCAKeys */ static int -user_cert_trusted_ca(struct passwd *pw, struct sshkey *key) +user_cert_trusted_ca(struct ssh *ssh, struct passwd *pw, struct sshkey *key, + struct sshauthopt **authoptsp) { char *ca_fp, *principals_file = NULL; const char *reason; + struct sshauthopt *principals_opts = NULL, *cert_opts = NULL; + struct sshauthopt *final_opts = NULL; int r, ret = 0, found_principal = 0, use_authorized_principals; + if (authoptsp != NULL) + *authoptsp = NULL; + if (!sshkey_is_cert(key) || options.trusted_user_ca_keys == NULL) return 0; @@ -605,36 +742,69 @@ user_cert_trusted_ca(struct passwd *pw, struct sshkey *key) * against the username. */ if ((principals_file = authorized_principals_file(pw)) != NULL) { - if (match_principals_file(principals_file, pw, key->cert)) + if (match_principals_file(ssh, pw, principals_file, + key->cert, &principals_opts)) found_principal = 1; } /* Try querying command if specified */ - if (!found_principal && match_principals_command(pw, key)) + if (!found_principal && match_principals_command(ssh, pw, key, + &principals_opts)) found_principal = 1; /* If principals file or command is specified, then require a match */ use_authorized_principals = principals_file != NULL || options.authorized_principals_command != NULL; if (!found_principal && use_authorized_principals) { reason = "Certificate does not contain an authorized principal"; - fail_reason: - error("%s", reason); - auth_debug_add("%s", reason); - goto out; + goto fail_reason; } + if (use_authorized_principals && principals_opts == NULL) + fatal("%s: internal error: missing principals_opts", __func__); if (sshkey_cert_check_authority(key, 0, 1, use_authorized_principals ? NULL : pw->pw_name, &reason) != 0) goto fail_reason; - if (auth_cert_options(key, pw, &reason) != 0) - goto fail_reason; + /* Check authority from options in key and from principals file/cmd */ + if ((cert_opts = sshauthopt_from_cert(key)) == NULL) { + reason = "Invalid certificate options"; + goto fail_reason; + } + if (auth_authorise_keyopts(ssh, pw, cert_opts, 0, "cert") != 0) { + reason = "Refused by certificate options"; + goto fail_reason; + } + if (principals_opts == NULL) { + final_opts = cert_opts; + cert_opts = NULL; + } else { + if (auth_authorise_keyopts(ssh, pw, principals_opts, 0, + "principals") != 0) { + reason = "Refused by certificate principals options"; + goto fail_reason; + } + if ((final_opts = sshauthopt_merge(principals_opts, + cert_opts, &reason)) == NULL) { + fail_reason: + error("%s", reason); + auth_debug_add("%s", reason); + goto out; + } + } + + /* Success */ verbose("Accepted certificate ID \"%s\" (serial %llu) signed by " "%s CA %s via %s", key->cert->key_id, (unsigned long long)key->cert->serial, sshkey_type(key->cert->signature_key), ca_fp, options.trusted_user_ca_keys); + if (authoptsp != NULL) { + *authoptsp = final_opts; + final_opts = NULL; + } ret = 1; - out: + sshauthopt_free(principals_opts); + sshauthopt_free(cert_opts); + sshauthopt_free(final_opts); free(principals_file); free(ca_fp); return ret; @@ -645,17 +815,22 @@ user_cert_trusted_ca(struct passwd *pw, struct sshkey *key) * returns 1 if the key is allowed or 0 otherwise. */ static int -user_key_allowed2(struct passwd *pw, struct sshkey *key, char *file) +user_key_allowed2(struct ssh *ssh, struct passwd *pw, struct sshkey *key, + char *file, struct sshauthopt **authoptsp) { FILE *f; int found_key = 0; + if (authoptsp != NULL) + *authoptsp = NULL; + /* Temporarily use the user's uid. */ temporarily_use_uid(pw); debug("trying public key file %s", file); if ((f = auth_openkeyfile(file, pw, options.strict_modes)) != NULL) { - found_key = check_authkeys_file(f, file, key, pw); + found_key = check_authkeys_file(ssh, pw, f, file, + key, authoptsp); fclose(f); } @@ -668,17 +843,20 @@ user_key_allowed2(struct passwd *pw, struct sshkey *key, char *file) * returns 1 if the key is allowed or 0 otherwise. */ static int -user_key_command_allowed2(struct passwd *user_pw, struct sshkey *key) +user_key_command_allowed2(struct ssh *ssh, struct passwd *user_pw, + struct sshkey *key, struct sshauthopt **authoptsp) { + struct passwd *runas_pw = NULL; FILE *f = NULL; int r, ok, found_key = 0; - struct passwd *pw; int i, uid_swapped = 0, ac = 0; pid_t pid; char *username = NULL, *key_fp = NULL, *keytext = NULL; char *tmp, *command = NULL, **av = NULL; void (*osigchld)(int); + if (authoptsp != NULL) + *authoptsp = NULL; if (options.authorized_keys_command == NULL) return 0; if (options.authorized_keys_command_user == NULL) { @@ -695,8 +873,8 @@ user_key_command_allowed2(struct passwd *user_pw, struct sshkey *key) /* Prepare and verify the user for the command */ username = percent_expand(options.authorized_keys_command_user, "u", user_pw->pw_name, (char *)NULL); - pw = getpwnam(username); - if (pw == NULL) { + runas_pw = getpwnam(username); + if (runas_pw == NULL) { error("AuthorizedKeysCommandUser \"%s\" not found: %s", username, strerror(errno)); goto out; @@ -754,15 +932,16 @@ user_key_command_allowed2(struct passwd *user_pw, struct sshkey *key) xasprintf(&command, "%s %s", av[0], av[1]); } - if ((pid = subprocess("AuthorizedKeysCommand", pw, command, + if ((pid = subprocess("AuthorizedKeysCommand", runas_pw, command, ac, av, &f, SSH_SUBPROCESS_STDOUT_CAPTURE|SSH_SUBPROCESS_STDERR_DISCARD)) == 0) goto out; uid_swapped = 1; - temporarily_use_uid(pw); + temporarily_use_uid(runas_pw); - ok = check_authkeys_file(f, options.authorized_keys_command, key, pw); + ok = check_authkeys_file(ssh, user_pw, f, + options.authorized_keys_command, key, authoptsp); fclose(f); f = NULL; @@ -792,10 +971,14 @@ user_key_command_allowed2(struct passwd *user_pw, struct sshkey *key) * Check whether key authenticates and authorises the user. */ int -user_key_allowed(struct passwd *pw, struct sshkey *key, int auth_attempt) +user_key_allowed(struct ssh *ssh, struct passwd *pw, struct sshkey *key, + int auth_attempt, struct sshauthopt **authoptsp) { u_int success, i; char *file; + struct sshauthopt *opts = NULL; + if (authoptsp != NULL) + *authoptsp = NULL; if (auth_key_is_revoked(key)) return 0; @@ -803,25 +986,31 @@ user_key_allowed(struct passwd *pw, struct sshkey *key, int auth_attempt) auth_key_is_revoked(key->cert->signature_key)) return 0; - success = user_cert_trusted_ca(pw, key); - if (success) - return success; + if ((success = user_cert_trusted_ca(ssh, pw, key, &opts)) != 0) + goto out; + sshauthopt_free(opts); + opts = NULL; - success = user_key_command_allowed2(pw, key); - if (success > 0) - return success; + if ((success = user_key_command_allowed2(ssh, pw, key, &opts)) != 0) + goto out; + sshauthopt_free(opts); + opts = NULL; for (i = 0; !success && i < options.num_authkeys_files; i++) { - if (strcasecmp(options.authorized_keys_files[i], "none") == 0) continue; file = expand_authorized_keys( options.authorized_keys_files[i], pw); - - success = user_key_allowed2(pw, key, file); + success = user_key_allowed2(ssh, pw, key, file, &opts); free(file); } + out: + if (success && authoptsp != NULL) { + *authoptsp = opts; + opts = NULL; + } + sshauthopt_free(opts); return success; } diff --git a/auth2.c b/auth2.c index 862e09960b29..e0034229a0c1 100644 --- a/auth2.c +++ b/auth2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2.c,v 1.143 2017/06/24 06:34:38 djm Exp $ */ +/* $OpenBSD: auth2.c,v 1.145 2018/03/03 03:15:51 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -138,9 +138,6 @@ auth2_read_banner(void) void userauth_send_banner(const char *msg) { - if (datafellows & SSH_BUG_BANNER) - return; - packet_start(SSH2_MSG_USERAUTH_BANNER); packet_put_cstring(msg); packet_put_cstring(""); /* language, unused */ @@ -153,7 +150,7 @@ userauth_banner(void) { char *banner = NULL; - if (options.banner == NULL || (datafellows & SSH_BUG_BANNER) != 0) + if (options.banner == NULL) return; if ((banner = PRIVSEP(auth2_read_banner())) == NULL) @@ -313,7 +310,7 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method, /* Special handling for root */ if (authenticated && authctxt->pw->pw_uid == 0 && - !auth_root_allowed(method)) { + !auth_root_allowed(ssh, method)) { authenticated = 0; #ifdef SSH_AUDIT_EVENTS PRIVSEP(audit_event(SSH_LOGIN_ROOT_DENIED)); @@ -352,13 +349,6 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method, } #endif -#ifdef _UNICOS - if (authenticated && cray_access_denied(authctxt->user)) { - authenticated = 0; - fatal("Access denied for user %s.", authctxt->user); - } -#endif /* _UNICOS */ - if (authenticated == 1) { /* turn off userauth */ ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_REQUEST, &dispatch_protocol_ignore); @@ -369,7 +359,6 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method, authctxt->success = 1; ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user); } else { - /* Allow initial try of "none" auth without failure penalty */ if (!partial && !authctxt->server_caused_failure && (authctxt->attempt > 1 || strcmp(method, "none") != 0)) diff --git a/authfd.c b/authfd.c index a460fa350c8a..1eff7ba94e01 100644 --- a/authfd.c +++ b/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.105 2017/07/01 13:50:45 djm Exp $ */ +/* $OpenBSD: authfd.c,v 1.108 2018/02/23 15:58:37 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -129,7 +129,7 @@ ssh_request_reply(int sock, struct sshbuf *request, struct sshbuf *reply) /* Get the length of the message, and format it in the buffer. */ len = sshbuf_len(request); - put_u32(buf, len); + POKE_U32(buf, len); /* Send the length and then the packet to the agent. */ if (atomicio(vwrite, sock, buf, 4) != 4 || @@ -144,7 +144,7 @@ ssh_request_reply(int sock, struct sshbuf *request, struct sshbuf *reply) return SSH_ERR_AGENT_COMMUNICATION; /* Extract the length, and check it for sanity. */ - len = get_u32(buf); + len = PEEK_U32(buf); if (len > MAX_AGENT_REPLY_LEN) return SSH_ERR_INVALID_FORMAT; @@ -353,8 +353,6 @@ ssh_agent_sign(int sock, const struct sshkey *key, if (datalen > SSH_KEY_MAX_SIGN_DATA_SIZE) return SSH_ERR_INVALID_ARGUMENT; - if (compat & SSH_BUG_SIGBLOB) - flags |= SSH_AGENT_OLD_SIGNATURE; if ((msg = sshbuf_new()) == NULL) return SSH_ERR_ALLOC_FAIL; if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) @@ -393,19 +391,7 @@ ssh_agent_sign(int sock, const struct sshkey *key, static int -ssh_encode_identity_ssh2(struct sshbuf *b, struct sshkey *key, - const char *comment) -{ - int r; - - if ((r = sshkey_private_serialize(key, b)) != 0 || - (r = sshbuf_put_cstring(b, comment)) != 0) - return r; - return 0; -} - -static int -encode_constraints(struct sshbuf *m, u_int life, u_int confirm) +encode_constraints(struct sshbuf *m, u_int life, u_int confirm, u_int maxsign) { int r; @@ -418,6 +404,11 @@ encode_constraints(struct sshbuf *m, u_int life, u_int confirm) if ((r = sshbuf_put_u8(m, SSH_AGENT_CONSTRAIN_CONFIRM)) != 0) goto out; } + if (maxsign != 0) { + if ((r = sshbuf_put_u8(m, SSH_AGENT_CONSTRAIN_MAXSIGN)) != 0 || + (r = sshbuf_put_u32(m, maxsign)) != 0) + goto out; + } r = 0; out: return r; @@ -428,11 +419,11 @@ encode_constraints(struct sshbuf *m, u_int life, u_int confirm) * This call is intended only for use by ssh-add(1) and like applications. */ int -ssh_add_identity_constrained(int sock, struct sshkey *key, const char *comment, - u_int life, u_int confirm) +ssh_add_identity_constrained(int sock, const struct sshkey *key, + const char *comment, u_int life, u_int confirm, u_int maxsign) { struct sshbuf *msg; - int r, constrained = (life || confirm); + int r, constrained = (life || confirm || maxsign); u_char type; if ((msg = sshbuf_new()) == NULL) @@ -449,11 +440,15 @@ ssh_add_identity_constrained(int sock, struct sshkey *key, const char *comment, #endif case KEY_ED25519: case KEY_ED25519_CERT: + case KEY_XMSS: + case KEY_XMSS_CERT: type = constrained ? SSH2_AGENTC_ADD_ID_CONSTRAINED : SSH2_AGENTC_ADD_IDENTITY; if ((r = sshbuf_put_u8(msg, type)) != 0 || - (r = ssh_encode_identity_ssh2(msg, key, comment)) != 0) + (r = sshkey_private_serialize_maxsign(key, msg, maxsign, + NULL)) != 0 || + (r = sshbuf_put_cstring(msg, comment)) != 0) goto out; break; default: @@ -461,7 +456,7 @@ ssh_add_identity_constrained(int sock, struct sshkey *key, const char *comment, goto out; } if (constrained && - (r = encode_constraints(msg, life, confirm)) != 0) + (r = encode_constraints(msg, life, confirm, maxsign)) != 0) goto out; if ((r = ssh_request_reply(sock, msg, msg)) != 0) goto out; @@ -539,7 +534,7 @@ ssh_update_card(int sock, int add, const char *reader_id, const char *pin, (r = sshbuf_put_cstring(msg, pin)) != 0) goto out; if (constrained && - (r = encode_constraints(msg, life, confirm)) != 0) + (r = encode_constraints(msg, life, confirm, 0)) != 0) goto out; if ((r = ssh_request_reply(sock, msg, msg)) != 0) goto out; diff --git a/authfd.h b/authfd.h index 43abf85dadfe..ab954ffc0a35 100644 --- a/authfd.h +++ b/authfd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.h,v 1.41 2017/06/28 01:09:22 djm Exp $ */ +/* $OpenBSD: authfd.h,v 1.43 2018/02/23 15:58:37 markus Exp $ */ /* * Author: Tatu Ylonen @@ -29,8 +29,8 @@ void ssh_close_authentication_socket(int sock); int ssh_lock_agent(int sock, int lock, const char *password); int ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp); void ssh_free_identitylist(struct ssh_identitylist *idl); -int ssh_add_identity_constrained(int sock, struct sshkey *key, - const char *comment, u_int life, u_int confirm); +int ssh_add_identity_constrained(int sock, const struct sshkey *key, + const char *comment, u_int life, u_int confirm, u_int maxsign); int ssh_remove_identity(int sock, struct sshkey *key); int ssh_update_card(int sock, int add, const char *reader_id, const char *pin, u_int life, u_int confirm); @@ -77,6 +77,7 @@ int ssh_agent_sign(int sock, const struct sshkey *key, #define SSH_AGENT_CONSTRAIN_LIFETIME 1 #define SSH_AGENT_CONSTRAIN_CONFIRM 2 +#define SSH_AGENT_CONSTRAIN_MAXSIGN 3 /* extended failure messages */ #define SSH2_AGENT_FAILURE 30 diff --git a/authfile.c b/authfile.c index d09b700d21d9..57dcd808c6bc 100644 --- a/authfile.c +++ b/authfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.127 2017/07/01 13:50:45 djm Exp $ */ +/* $OpenBSD: authfile.c,v 1.128 2018/02/23 15:58:37 markus Exp $ */ /* * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. * @@ -191,6 +191,8 @@ sshkey_load_private_type(int type, const char *filename, const char *passphrase, *perm_ok = 1; r = sshkey_load_private_type_fd(fd, type, passphrase, keyp, commentp); + if (r == 0 && keyp && *keyp) + r = sshkey_set_filename(*keyp, filename); out: close(fd); return r; @@ -249,6 +251,9 @@ sshkey_load_private(const char *filename, const char *passphrase, (r = sshkey_parse_private_fileblob(buffer, passphrase, keyp, commentp)) != 0) goto out; + if (keyp && *keyp && + (r = sshkey_set_filename(*keyp, filename)) != 0) + goto out; r = 0; out: close(fd); @@ -397,6 +402,7 @@ sshkey_load_private_cert(int type, const char *filename, const char *passphrase, case KEY_ECDSA: #endif /* WITH_OPENSSL */ case KEY_ED25519: + case KEY_XMSS: case KEY_UNSPEC: break; default: diff --git a/bitmap.c b/bitmap.c index 5089b04070e7..5ecfe68b89bd 100644 --- a/bitmap.c +++ b/bitmap.c @@ -1,3 +1,4 @@ +/* $OpenBSD: bitmap.c,v 1.9 2017/10/20 01:56:39 djm Exp $ */ /* * Copyright (c) 2015 Damien Miller * diff --git a/bitmap.h b/bitmap.h index c1bb1741a4fe..336e90b06cce 100644 --- a/bitmap.h +++ b/bitmap.h @@ -1,3 +1,4 @@ +/* $OpenBSD: bitmap.h,v 1.2 2017/10/20 01:56:39 djm Exp $ */ /* * Copyright (c) 2015 Damien Miller * diff --git a/blocks.c b/blocks.c deleted file mode 100644 index ad93fe509980..000000000000 --- a/blocks.c +++ /dev/null @@ -1,248 +0,0 @@ -/* $OpenBSD: blocks.c,v 1.3 2013/12/09 11:03:45 markus Exp $ */ - -/* - * Public Domain, Author: Daniel J. Bernstein - * Copied from nacl-20110221/crypto_hashblocks/sha512/ref/blocks.c - */ - -#include "includes.h" - -#include "crypto_api.h" - -typedef unsigned long long uint64; - -static uint64 load_bigendian(const unsigned char *x) -{ - return - (uint64) (x[7]) \ - | (((uint64) (x[6])) << 8) \ - | (((uint64) (x[5])) << 16) \ - | (((uint64) (x[4])) << 24) \ - | (((uint64) (x[3])) << 32) \ - | (((uint64) (x[2])) << 40) \ - | (((uint64) (x[1])) << 48) \ - | (((uint64) (x[0])) << 56) - ; -} - -static void store_bigendian(unsigned char *x,uint64 u) -{ - x[7] = u; u >>= 8; - x[6] = u; u >>= 8; - x[5] = u; u >>= 8; - x[4] = u; u >>= 8; - x[3] = u; u >>= 8; - x[2] = u; u >>= 8; - x[1] = u; u >>= 8; - x[0] = u; -} - -#define SHR(x,c) ((x) >> (c)) -#define ROTR(x,c) (((x) >> (c)) | ((x) << (64 - (c)))) - -#define Ch(x,y,z) ((x & y) ^ (~x & z)) -#define Maj(x,y,z) ((x & y) ^ (x & z) ^ (y & z)) -#define Sigma0(x) (ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39)) -#define Sigma1(x) (ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41)) -#define sigma0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^ SHR(x,7)) -#define sigma1(x) (ROTR(x,19) ^ ROTR(x,61) ^ SHR(x,6)) - -#define M(w0,w14,w9,w1) w0 = sigma1(w14) + w9 + sigma0(w1) + w0; - -#define EXPAND \ - M(w0 ,w14,w9 ,w1 ) \ - M(w1 ,w15,w10,w2 ) \ - M(w2 ,w0 ,w11,w3 ) \ - M(w3 ,w1 ,w12,w4 ) \ - M(w4 ,w2 ,w13,w5 ) \ - M(w5 ,w3 ,w14,w6 ) \ - M(w6 ,w4 ,w15,w7 ) \ - M(w7 ,w5 ,w0 ,w8 ) \ - M(w8 ,w6 ,w1 ,w9 ) \ - M(w9 ,w7 ,w2 ,w10) \ - M(w10,w8 ,w3 ,w11) \ - M(w11,w9 ,w4 ,w12) \ - M(w12,w10,w5 ,w13) \ - M(w13,w11,w6 ,w14) \ - M(w14,w12,w7 ,w15) \ - M(w15,w13,w8 ,w0 ) - -#define F(w,k) \ - T1 = h + Sigma1(e) + Ch(e,f,g) + k + w; \ - T2 = Sigma0(a) + Maj(a,b,c); \ - h = g; \ - g = f; \ - f = e; \ - e = d + T1; \ - d = c; \ - c = b; \ - b = a; \ - a = T1 + T2; - -int crypto_hashblocks_sha512(unsigned char *statebytes,const unsigned char *in,unsigned long long inlen) -{ - uint64 state[8]; - uint64 a; - uint64 b; - uint64 c; - uint64 d; - uint64 e; - uint64 f; - uint64 g; - uint64 h; - uint64 T1; - uint64 T2; - - a = load_bigendian(statebytes + 0); state[0] = a; - b = load_bigendian(statebytes + 8); state[1] = b; - c = load_bigendian(statebytes + 16); state[2] = c; - d = load_bigendian(statebytes + 24); state[3] = d; - e = load_bigendian(statebytes + 32); state[4] = e; - f = load_bigendian(statebytes + 40); state[5] = f; - g = load_bigendian(statebytes + 48); state[6] = g; - h = load_bigendian(statebytes + 56); state[7] = h; - - while (inlen >= 128) { - uint64 w0 = load_bigendian(in + 0); - uint64 w1 = load_bigendian(in + 8); - uint64 w2 = load_bigendian(in + 16); - uint64 w3 = load_bigendian(in + 24); - uint64 w4 = load_bigendian(in + 32); - uint64 w5 = load_bigendian(in + 40); - uint64 w6 = load_bigendian(in + 48); - uint64 w7 = load_bigendian(in + 56); - uint64 w8 = load_bigendian(in + 64); - uint64 w9 = load_bigendian(in + 72); - uint64 w10 = load_bigendian(in + 80); - uint64 w11 = load_bigendian(in + 88); - uint64 w12 = load_bigendian(in + 96); - uint64 w13 = load_bigendian(in + 104); - uint64 w14 = load_bigendian(in + 112); - uint64 w15 = load_bigendian(in + 120); - - F(w0 ,0x428a2f98d728ae22ULL) - F(w1 ,0x7137449123ef65cdULL) - F(w2 ,0xb5c0fbcfec4d3b2fULL) - F(w3 ,0xe9b5dba58189dbbcULL) - F(w4 ,0x3956c25bf348b538ULL) - F(w5 ,0x59f111f1b605d019ULL) - F(w6 ,0x923f82a4af194f9bULL) - F(w7 ,0xab1c5ed5da6d8118ULL) - F(w8 ,0xd807aa98a3030242ULL) - F(w9 ,0x12835b0145706fbeULL) - F(w10,0x243185be4ee4b28cULL) - F(w11,0x550c7dc3d5ffb4e2ULL) - F(w12,0x72be5d74f27b896fULL) - F(w13,0x80deb1fe3b1696b1ULL) - F(w14,0x9bdc06a725c71235ULL) - F(w15,0xc19bf174cf692694ULL) - - EXPAND - - F(w0 ,0xe49b69c19ef14ad2ULL) - F(w1 ,0xefbe4786384f25e3ULL) - F(w2 ,0x0fc19dc68b8cd5b5ULL) - F(w3 ,0x240ca1cc77ac9c65ULL) - F(w4 ,0x2de92c6f592b0275ULL) - F(w5 ,0x4a7484aa6ea6e483ULL) - F(w6 ,0x5cb0a9dcbd41fbd4ULL) - F(w7 ,0x76f988da831153b5ULL) - F(w8 ,0x983e5152ee66dfabULL) - F(w9 ,0xa831c66d2db43210ULL) - F(w10,0xb00327c898fb213fULL) - F(w11,0xbf597fc7beef0ee4ULL) - F(w12,0xc6e00bf33da88fc2ULL) - F(w13,0xd5a79147930aa725ULL) - F(w14,0x06ca6351e003826fULL) - F(w15,0x142929670a0e6e70ULL) - - EXPAND - - F(w0 ,0x27b70a8546d22ffcULL) - F(w1 ,0x2e1b21385c26c926ULL) - F(w2 ,0x4d2c6dfc5ac42aedULL) - F(w3 ,0x53380d139d95b3dfULL) - F(w4 ,0x650a73548baf63deULL) - F(w5 ,0x766a0abb3c77b2a8ULL) - F(w6 ,0x81c2c92e47edaee6ULL) - F(w7 ,0x92722c851482353bULL) - F(w8 ,0xa2bfe8a14cf10364ULL) - F(w9 ,0xa81a664bbc423001ULL) - F(w10,0xc24b8b70d0f89791ULL) - F(w11,0xc76c51a30654be30ULL) - F(w12,0xd192e819d6ef5218ULL) - F(w13,0xd69906245565a910ULL) - F(w14,0xf40e35855771202aULL) - F(w15,0x106aa07032bbd1b8ULL) - - EXPAND - - F(w0 ,0x19a4c116b8d2d0c8ULL) - F(w1 ,0x1e376c085141ab53ULL) - F(w2 ,0x2748774cdf8eeb99ULL) - F(w3 ,0x34b0bcb5e19b48a8ULL) - F(w4 ,0x391c0cb3c5c95a63ULL) - F(w5 ,0x4ed8aa4ae3418acbULL) - F(w6 ,0x5b9cca4f7763e373ULL) - F(w7 ,0x682e6ff3d6b2b8a3ULL) - F(w8 ,0x748f82ee5defb2fcULL) - F(w9 ,0x78a5636f43172f60ULL) - F(w10,0x84c87814a1f0ab72ULL) - F(w11,0x8cc702081a6439ecULL) - F(w12,0x90befffa23631e28ULL) - F(w13,0xa4506cebde82bde9ULL) - F(w14,0xbef9a3f7b2c67915ULL) - F(w15,0xc67178f2e372532bULL) - - EXPAND - - F(w0 ,0xca273eceea26619cULL) - F(w1 ,0xd186b8c721c0c207ULL) - F(w2 ,0xeada7dd6cde0eb1eULL) - F(w3 ,0xf57d4f7fee6ed178ULL) - F(w4 ,0x06f067aa72176fbaULL) - F(w5 ,0x0a637dc5a2c898a6ULL) - F(w6 ,0x113f9804bef90daeULL) - F(w7 ,0x1b710b35131c471bULL) - F(w8 ,0x28db77f523047d84ULL) - F(w9 ,0x32caab7b40c72493ULL) - F(w10,0x3c9ebe0a15c9bebcULL) - F(w11,0x431d67c49c100d4cULL) - F(w12,0x4cc5d4becb3e42b6ULL) - F(w13,0x597f299cfc657e2aULL) - F(w14,0x5fcb6fab3ad6faecULL) - F(w15,0x6c44198c4a475817ULL) - - a += state[0]; - b += state[1]; - c += state[2]; - d += state[3]; - e += state[4]; - f += state[5]; - g += state[6]; - h += state[7]; - - state[0] = a; - state[1] = b; - state[2] = c; - state[3] = d; - state[4] = e; - state[5] = f; - state[6] = g; - state[7] = h; - - in += 128; - inlen -= 128; - } - - store_bigendian(statebytes + 0,state[0]); - store_bigendian(statebytes + 8,state[1]); - store_bigendian(statebytes + 16,state[2]); - store_bigendian(statebytes + 24,state[3]); - store_bigendian(statebytes + 32,state[4]); - store_bigendian(statebytes + 40,state[5]); - store_bigendian(statebytes + 48,state[6]); - store_bigendian(statebytes + 56,state[7]); - - return inlen; -} diff --git a/channels.c b/channels.c index 83442be06432..bdee1f3860a0 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.375 2017/09/24 13:45:34 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.379 2018/02/05 05:36:49 tb Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -436,10 +436,15 @@ channel_close_fd(struct ssh *ssh, int *fdp) static void channel_close_fds(struct ssh *ssh, Channel *c) { + int sock = c->sock, rfd = c->rfd, wfd = c->wfd, efd = c->efd; + channel_close_fd(ssh, &c->sock); - channel_close_fd(ssh, &c->rfd); - channel_close_fd(ssh, &c->wfd); - channel_close_fd(ssh, &c->efd); + if (rfd != sock) + channel_close_fd(ssh, &c->rfd); + if (wfd != sock && wfd != rfd) + channel_close_fd(ssh, &c->wfd); + if (efd != sock && efd != rfd && efd != wfd) + channel_close_fd(ssh, &c->efd); } static void @@ -1582,13 +1587,8 @@ channel_post_x11_listener(struct ssh *ssh, Channel *c, SSH_CHANNEL_OPENING, newsock, newsock, -1, c->local_window_max, c->local_maxpacket, 0, buf, 1); open_preamble(ssh, __func__, nc, "x11"); - if ((r = sshpkt_put_cstring(ssh, remote_ipaddr)) != 0) { - fatal("%s: channel %i: reply %s", __func__, - c->self, ssh_err(r)); - } - if ((datafellows & SSH_BUG_X11FWD) != 0) - debug2("channel %d: ssh2 x11 bug compat mode", nc->self); - else if ((r = sshpkt_put_u32(ssh, remote_port)) != 0) { + if ((r = sshpkt_put_cstring(ssh, remote_ipaddr)) != 0 || + (r = sshpkt_put_u32(ssh, remote_port)) != 0) { fatal("%s: channel %i: reply %s", __func__, c->self, ssh_err(r)); } @@ -1668,19 +1668,6 @@ port_open_helper(struct ssh *ssh, Channel *c, char *rtype) free(local_ipaddr); } -static void -channel_set_reuseaddr(int fd) -{ - int on = 1; - - /* - * Set socket options. - * Allow local port reuse in TIME_WAIT. - */ - if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) == -1) - error("setsockopt SO_REUSEADDR fd %d: %s", fd, strerror(errno)); -} - void channel_set_x11_refuse_time(struct ssh *ssh, u_int refuse_time) { @@ -1837,15 +1824,13 @@ channel_post_connecting(struct ssh *ssh, Channel *c, if ((r = sshpkt_start(ssh, SSH2_MSG_CHANNEL_OPEN_FAILURE)) != 0 || (r = sshpkt_put_u32(ssh, c->remote_id)) != 0 || - (r = sshpkt_put_u32(ssh, SSH2_OPEN_CONNECT_FAILED)) - != 0) - fatal("%s: channel %i: failure: %s", __func__, - c->self, ssh_err(r)); - if ((datafellows & SSH_BUG_OPENFAILURE) == 0 && - ((r = sshpkt_put_cstring(ssh, strerror(err))) != 0 || - (r = sshpkt_put_cstring(ssh, "")) != 0)) + (r = sshpkt_put_u32(ssh, + SSH2_OPEN_CONNECT_FAILED)) != 0 || + (r = sshpkt_put_cstring(ssh, strerror(err))) != 0 || + (r = sshpkt_put_cstring(ssh, "")) != 0) { fatal("%s: channel %i: failure: %s", __func__, c->self, ssh_err(r)); + } if ((r = sshpkt_send(ssh)) != 0) fatal("%s: channel %i: %s", __func__, c->self, ssh_err(r)); @@ -3123,13 +3108,11 @@ channel_input_open_failure(int type, u_int32_t seq, struct ssh *ssh) error("%s: reason: %s", __func__, ssh_err(r)); packet_disconnect("Invalid open failure message"); } - if ((datafellows & SSH_BUG_OPENFAILURE) == 0) { - /* skip language */ - if ((r = sshpkt_get_cstring(ssh, &msg, NULL)) != 0 || - (r = sshpkt_get_string_direct(ssh, NULL, NULL)) != 0) { - error("%s: message/lang: %s", __func__, ssh_err(r)); - packet_disconnect("Invalid open failure message"); - } + /* skip language */ + if ((r = sshpkt_get_cstring(ssh, &msg, NULL)) != 0 || + (r = sshpkt_get_string_direct(ssh, NULL, NULL)) != 0) { + error("%s: message/lang: %s", __func__, ssh_err(r)); + packet_disconnect("Invalid open failure message"); } ssh_packet_check_eom(ssh); logit("channel %d: open failed: %s%s%s", c->self, @@ -3364,11 +3347,12 @@ channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type, sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); if (sock < 0) { /* this is no error since kernel may not support ipv6 */ - verbose("socket: %.100s", strerror(errno)); + verbose("socket [%s]:%s: %.100s", ntop, strport, + strerror(errno)); continue; } - channel_set_reuseaddr(sock); + set_reuseaddr(sock); if (ai->ai_family == AF_INET6) sock_set_v6only(sock); @@ -3382,9 +3366,11 @@ channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type, * already bound */ if (!ai->ai_next) - error("bind: %.100s", strerror(errno)); + error("bind [%s]:%s: %.100s", + ntop, strport, strerror(errno)); else - verbose("bind: %.100s", strerror(errno)); + verbose("bind [%s]:%s: %.100s", + ntop, strport, strerror(errno)); close(sock); continue; @@ -3392,6 +3378,8 @@ channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type, /* Start listening for connections on the socket. */ if (listen(sock, SSH_LISTEN_BACKLOG) < 0) { error("listen: %.100s", strerror(errno)); + error("listen [%s]:%s: %.100s", ntop, strport, + strerror(errno)); close(sock); continue; } @@ -3672,15 +3660,9 @@ static const char * channel_rfwd_bind_host(const char *listen_host) { if (listen_host == NULL) { - if (datafellows & SSH_BUG_RFWD_ADDR) - return "127.0.0.1"; - else - return "localhost"; + return "localhost"; } else if (*listen_host == '\0' || strcmp(listen_host, "*") == 0) { - if (datafellows & SSH_BUG_RFWD_ADDR) - return "0.0.0.0"; - else - return ""; + return ""; } else return listen_host; } @@ -4439,7 +4421,7 @@ x11_create_display_inet(struct ssh *ssh, int x11_display_offset, if (ai->ai_family == AF_INET6) sock_set_v6only(sock); if (x11_use_localhost) - channel_set_reuseaddr(sock); + set_reuseaddr(sock); if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { debug2("%s: bind port %d: %.100s", __func__, port, strerror(errno)); diff --git a/cipher.c b/cipher.c index c3cd5dcf4405..5787636161df 100644 --- a/cipher.c +++ b/cipher.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher.c,v 1.107 2017/05/07 23:12:57 djm Exp $ */ +/* $OpenBSD: cipher.c,v 1.111 2018/02/23 15:58:37 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -310,8 +310,7 @@ cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher, } else { if (cc != NULL) { #ifdef WITH_OPENSSL - if (cc->evp != NULL) - EVP_CIPHER_CTX_free(cc->evp); + EVP_CIPHER_CTX_free(cc->evp); #endif /* WITH_OPENSSL */ explicit_bzero(cc, sizeof(*cc)); free(cc); @@ -402,7 +401,7 @@ cipher_get_length(struct sshcipher_ctx *cc, u_int *plenp, u_int seqnr, cp, len); if (len < 4) return SSH_ERR_MESSAGE_INCOMPLETE; - *plenp = get_u32(cp); + *plenp = PEEK_U32(cp); return 0; } @@ -416,10 +415,8 @@ cipher_free(struct sshcipher_ctx *cc) else if ((cc->cipher->flags & CFLAG_AESCTR) != 0) explicit_bzero(&cc->ac_ctx, sizeof(cc->ac_ctx)); #ifdef WITH_OPENSSL - if (cc->evp != NULL) { - EVP_CIPHER_CTX_free(cc->evp); - cc->evp = NULL; - } + EVP_CIPHER_CTX_free(cc->evp); + cc->evp = NULL; #endif explicit_bzero(cc, sizeof(*cc)); free(cc); @@ -449,9 +446,9 @@ cipher_get_keyiv_len(const struct sshcipher_ctx *cc) int cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len) { - const struct sshcipher *c = cc->cipher; #ifdef WITH_OPENSSL - int evplen; + const struct sshcipher *c = cc->cipher; + int evplen; #endif if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) { @@ -494,9 +491,9 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len) int cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv) { - const struct sshcipher *c = cc->cipher; #ifdef WITH_OPENSSL - int evplen = 0; + const struct sshcipher *c = cc->cipher; + int evplen = 0; #endif if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) diff --git a/clientloop.c b/clientloop.c index 791d336e359e..7bcf22e38692 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.305 2017/09/19 04:24:22 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.311 2018/02/11 21:16:56 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -210,7 +210,6 @@ static void window_change_handler(int sig) { received_window_change_signal = 1; - signal(SIGWINCH, window_change_handler); } /* @@ -225,19 +224,6 @@ signal_handler(int sig) quit_pending = 1; } -/* - * Returns current time in seconds from Jan 1, 1970 with the maximum - * available resolution. - */ - -static double -get_current_time(void) -{ - struct timeval tv; - gettimeofday(&tv, NULL); - return (double) tv.tv_sec + (double) tv.tv_usec / 1000000.0; -} - /* * Sets control_persist_exit_time to the absolute time when the * backgrounded control master should exit due to expiry of the @@ -1256,7 +1242,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, fatal("%s pledge(): %s", __func__, strerror(errno)); } - start_time = get_current_time(); + start_time = monotime_double(); /* Initialize variables. */ last_was_cr = 1; @@ -1445,7 +1431,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, buffer_free(&stderr_buffer); /* Report bytes transferred, and transfer rates. */ - total_time = get_current_time() - start_time; + total_time = monotime_double() - start_time; packet_get_bytes(&ibytes, &obytes); verbose("Transferred: sent %llu, received %llu bytes, in %.1f seconds", (unsigned long long)obytes, (unsigned long long)ibytes, total_time); @@ -1554,12 +1540,7 @@ client_request_x11(struct ssh *ssh, const char *request_type, int rchan) return NULL; } originator = packet_get_string(NULL); - if (datafellows & SSH_BUG_X11FWD) { - debug2("buggy server: x11 request w/o originator_port"); - originator_port = 0; - } else { - originator_port = packet_get_int(); - } + originator_port = packet_get_int(); packet_check_eom(); /* XXX check permission */ debug("client_request_x11: request from %s %d", originator, @@ -1601,12 +1582,13 @@ client_request_agent(struct ssh *ssh, const char *request_type, int rchan) return c; } -int +char * client_request_tun_fwd(struct ssh *ssh, int tun_mode, int local_tun, int remote_tun) { Channel *c; int fd; + char *ifname = NULL; if (tun_mode == SSH_TUNMODE_NO) return 0; @@ -1614,10 +1596,11 @@ client_request_tun_fwd(struct ssh *ssh, int tun_mode, debug("Requesting tun unit %d in mode %d", local_tun, tun_mode); /* Open local tunnel device */ - if ((fd = tun_open(local_tun, tun_mode)) == -1) { + if ((fd = tun_open(local_tun, tun_mode, &ifname)) == -1) { error("Tunnel device open failed."); - return -1; + return NULL; } + debug("Tunnel forwarding using interface %s", ifname); c = channel_new(ssh, "tun", SSH_CHANNEL_OPENING, fd, fd, -1, CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, "tun", 1); @@ -1638,7 +1621,7 @@ client_request_tun_fwd(struct ssh *ssh, int tun_mode, packet_put_int(remote_tun); packet_send(); - return 0; + return ifname; } /* XXXX move to generic input handler */ @@ -1689,10 +1672,8 @@ client_input_channel_open(int type, u_int32_t seq, struct ssh *ssh) packet_start(SSH2_MSG_CHANNEL_OPEN_FAILURE); packet_put_int(rchan); packet_put_int(SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED); - if (!(datafellows & SSH_BUG_OPENFAILURE)) { - packet_put_cstring("open failed"); - packet_put_cstring(""); - } + packet_put_cstring("open failed"); + packet_put_cstring(""); packet_send(); } free(ctype); @@ -1904,7 +1885,7 @@ client_global_hostkeys_private_confirm(struct ssh *ssh, int type, struct hostkeys_update_ctx *ctx = (struct hostkeys_update_ctx *)_ctx; size_t i, ndone; struct sshbuf *signdata; - int r; + int r, kexsigtype, use_kexsigtype; const u_char *sig; size_t siglen; @@ -1916,6 +1897,9 @@ client_global_hostkeys_private_confirm(struct ssh *ssh, int type, hostkeys_update_ctx_free(ctx); return; } + kexsigtype = sshkey_type_plain( + sshkey_type_from_name(ssh->kex->hostkey_alg)); + if ((signdata = sshbuf_new()) == NULL) fatal("%s: sshbuf_new failed", __func__); /* Don't want to accidentally accept an unbound signature */ @@ -1944,8 +1928,15 @@ client_global_hostkeys_private_confirm(struct ssh *ssh, int type, __func__, ssh_err(r)); goto out; } + /* + * For RSA keys, prefer to use the signature type negotiated + * during KEX to the default (SHA1). + */ + use_kexsigtype = kexsigtype == KEY_RSA && + sshkey_type_plain(ctx->keys[i]->type) == KEY_RSA; if ((r = sshkey_verify(ctx->keys[i], sig, siglen, - sshbuf_ptr(signdata), sshbuf_len(signdata), 0)) != 0) { + sshbuf_ptr(signdata), sshbuf_len(signdata), + use_kexsigtype ? ssh->kex->hostkey_alg : NULL, 0)) != 0) { error("%s: server gave bad signature for %s key %zu", __func__, sshkey_type(ctx->keys[i]), i); goto out; diff --git a/clientloop.h b/clientloop.h index a1975ccc8a16..8d1f0bff695d 100644 --- a/clientloop.h +++ b/clientloop.h @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.h,v 1.34 2017/09/12 06:32:07 djm Exp $ */ +/* $OpenBSD: clientloop.h,v 1.35 2017/10/23 05:08:00 djm Exp $ */ /* * Author: Tatu Ylonen @@ -46,7 +46,7 @@ int client_x11_get_proto(struct ssh *, const char *, const char *, void client_global_request_reply_fwd(int, u_int32_t, void *); void client_session2_setup(struct ssh *, int, int, int, const char *, struct termios *, int, Buffer *, char **); -int client_request_tun_fwd(struct ssh *, int, int, int); +char *client_request_tun_fwd(struct ssh *, int, int, int); void client_stop_mux(void); /* Escape filter for protocol 2 sessions */ diff --git a/compat.c b/compat.c index d82135e2b5e0..861e9e21fe0d 100644 --- a/compat.c +++ b/compat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: compat.c,v 1.104 2017/07/25 09:22:25 dtucker Exp $ */ +/* $OpenBSD: compat.c,v 1.106 2018/02/16 04:43:11 dtucker Exp $ */ /* * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. * @@ -50,83 +50,20 @@ compat_datafellows(const char *version) char *pat; int bugs; } check[] = { - { "OpenSSH-2.0*," - "OpenSSH-2.1*," - "OpenSSH_2.1*," - "OpenSSH_2.2*", SSH_OLD_SESSIONID|SSH_BUG_BANNER| - SSH_OLD_DHGEX|SSH_BUG_NOREKEY| - SSH_BUG_EXTEOF|SSH_OLD_FORWARD_ADDR}, - { "OpenSSH_2.3.0*", SSH_BUG_BANNER|SSH_BUG_BIGENDIANAES| - SSH_OLD_DHGEX|SSH_BUG_NOREKEY| - SSH_BUG_EXTEOF|SSH_OLD_FORWARD_ADDR}, - { "OpenSSH_2.3.*", SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| - SSH_BUG_NOREKEY|SSH_BUG_EXTEOF| - SSH_OLD_FORWARD_ADDR}, - { "OpenSSH_2.5.0p1*," - "OpenSSH_2.5.1p1*", - SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| - SSH_BUG_NOREKEY|SSH_BUG_EXTEOF| - SSH_OLD_FORWARD_ADDR}, - { "OpenSSH_2.5.0*," - "OpenSSH_2.5.1*," - "OpenSSH_2.5.2*", SSH_OLD_DHGEX|SSH_BUG_NOREKEY| - SSH_BUG_EXTEOF|SSH_OLD_FORWARD_ADDR}, - { "OpenSSH_2.5.3*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF| - SSH_OLD_FORWARD_ADDR}, { "OpenSSH_2.*," "OpenSSH_3.0*," "OpenSSH_3.1*", SSH_BUG_EXTEOF|SSH_OLD_FORWARD_ADDR}, { "OpenSSH_3.*", SSH_OLD_FORWARD_ADDR }, { "Sun_SSH_1.0*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, - { "OpenSSH_4*", 0 }, + { "OpenSSH_2*," + "OpenSSH_3*," + "OpenSSH_4*", 0 }, { "OpenSSH_5*", SSH_NEW_OPENSSH|SSH_BUG_DYNAMIC_RPORT}, { "OpenSSH_6.6.1*", SSH_NEW_OPENSSH}, { "OpenSSH_6.5*," "OpenSSH_6.6*", SSH_NEW_OPENSSH|SSH_BUG_CURVE25519PAD}, { "OpenSSH*", SSH_NEW_OPENSSH }, { "*MindTerm*", 0 }, - { "2.1.0*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| - SSH_OLD_SESSIONID|SSH_BUG_DEBUG| - SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE| - SSH_BUG_FIRSTKEX }, - { "2.1 *", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| - SSH_OLD_SESSIONID|SSH_BUG_DEBUG| - SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE| - SSH_BUG_FIRSTKEX }, - { "2.0.13*," - "2.0.14*," - "2.0.15*," - "2.0.16*," - "2.0.17*," - "2.0.18*," - "2.0.19*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| - SSH_OLD_SESSIONID|SSH_BUG_DEBUG| - SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| - SSH_BUG_PKOK|SSH_BUG_RSASIGMD5| - SSH_BUG_HBSERVICE|SSH_BUG_OPENFAILURE| - SSH_BUG_DUMMYCHAN|SSH_BUG_FIRSTKEX }, - { "2.0.11*," - "2.0.12*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| - SSH_OLD_SESSIONID|SSH_BUG_DEBUG| - SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| - SSH_BUG_PKAUTH|SSH_BUG_PKOK| - SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE| - SSH_BUG_DUMMYCHAN|SSH_BUG_FIRSTKEX }, - { "2.0.*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| - SSH_OLD_SESSIONID|SSH_BUG_DEBUG| - SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| - SSH_BUG_PKAUTH|SSH_BUG_PKOK| - SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE| - SSH_BUG_DERIVEKEY|SSH_BUG_DUMMYCHAN| - SSH_BUG_FIRSTKEX }, - { "2.2.0*," - "2.3.0*", SSH_BUG_HMAC|SSH_BUG_DEBUG| - SSH_BUG_RSASIGMD5|SSH_BUG_FIRSTKEX }, - { "2.3.*", SSH_BUG_DEBUG|SSH_BUG_RSASIGMD5| - SSH_BUG_FIRSTKEX }, - { "2.4", SSH_OLD_SESSIONID }, /* Van Dyke */ - { "2.*", SSH_BUG_DEBUG|SSH_BUG_FIRSTKEX| - SSH_BUG_RFWD_ADDR }, { "3.0.*", SSH_BUG_DEBUG }, { "3.0 SecureCRT*", SSH_OLD_SESSIONID }, { "1.7 SecureFX*", SSH_OLD_SESSIONID }, @@ -189,6 +126,8 @@ compat_datafellows(const char *version) "WinSCP_release_5.7.3," "WinSCP_release_5.7.4", SSH_OLD_DHGEX }, + { "ConfD-*", + SSH_BUG_UTF8TTYMODE }, { NULL, 0 } }; diff --git a/compat.h b/compat.h index 2e7830f1bc8c..4fee3495a5ae 100644 --- a/compat.h +++ b/compat.h @@ -1,4 +1,4 @@ -/* $OpenBSD: compat.h,v 1.49 2017/04/30 23:13:25 djm Exp $ */ +/* $OpenBSD: compat.h,v 1.51 2018/02/16 04:43:11 dtucker Exp $ */ /* * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. @@ -32,31 +32,31 @@ #define SSH_PROTO_1_PREFERRED 0x02 #define SSH_PROTO_2 0x04 -#define SSH_BUG_SIGBLOB 0x00000001 -#define SSH_BUG_PKSERVICE 0x00000002 -#define SSH_BUG_HMAC 0x00000004 -#define SSH_BUG_X11FWD 0x00000008 +#define SSH_BUG_UTF8TTYMODE 0x00000001 +/* #define unused 0x00000002 */ +/* #define unused 0x00000004 */ +/* #define unused 0x00000008 */ #define SSH_OLD_SESSIONID 0x00000010 -#define SSH_BUG_PKAUTH 0x00000020 +/* #define unused 0x00000020 */ #define SSH_BUG_DEBUG 0x00000040 -#define SSH_BUG_BANNER 0x00000080 +/* #define unused 0x00000080 */ #define SSH_BUG_IGNOREMSG 0x00000100 -#define SSH_BUG_PKOK 0x00000200 +/* #define unused 0x00000200 */ #define SSH_BUG_PASSWORDPAD 0x00000400 #define SSH_BUG_SCANNER 0x00000800 #define SSH_BUG_BIGENDIANAES 0x00001000 #define SSH_BUG_RSASIGMD5 0x00002000 #define SSH_OLD_DHGEX 0x00004000 #define SSH_BUG_NOREKEY 0x00008000 -#define SSH_BUG_HBSERVICE 0x00010000 -#define SSH_BUG_OPENFAILURE 0x00020000 -#define SSH_BUG_DERIVEKEY 0x00040000 -#define SSH_BUG_DUMMYCHAN 0x00100000 +/* #define unused 0x00010000 */ +/* #define unused 0x00020000 */ +/* #define unused 0x00040000 */ +/* #define unused 0x00100000 */ #define SSH_BUG_EXTEOF 0x00200000 #define SSH_BUG_PROBE 0x00400000 -#define SSH_BUG_FIRSTKEX 0x00800000 +/* #define unused 0x00800000 */ #define SSH_OLD_FORWARD_ADDR 0x01000000 -#define SSH_BUG_RFWD_ADDR 0x02000000 +/* #define unused 0x02000000 */ #define SSH_NEW_OPENSSH 0x04000000 #define SSH_BUG_DYNAMIC_RPORT 0x08000000 #define SSH_BUG_CURVE25519PAD 0x10000000 diff --git a/config.h.in b/config.h.in index 63fc548b5843..57208740787e 100644 --- a/config.h.in +++ b/config.h.in @@ -34,9 +34,6 @@ /* Define if you system's inet_ntoa is busted (e.g. Irix gcc issue) */ #undef BROKEN_INET_NTOA -/* ia_uinfo routines not supported by OS yet */ -#undef BROKEN_LIBIAF - /* Define if your struct dirent expects you to allocate extra space for d_name */ #undef BROKEN_ONE_BYTE_DIRENT_D_NAME @@ -75,6 +72,12 @@ /* Define if your snprintf is busted */ #undef BROKEN_SNPRINTF +/* strndup broken, see APAR IY61211 */ +#undef BROKEN_STRNDUP + +/* strnlen broken, see APAR IY62551 */ +#undef BROKEN_STRNLEN + /* strnvis detected broken */ #undef BROKEN_STRNVIS @@ -132,6 +135,9 @@ /* Enable for PKCS#11 support */ #undef ENABLE_PKCS11 +/* define if fflush(NULL) does not work */ +#undef FFLUSH_NULL_BUG + /* File names may not contain backslash characters */ #undef FILESYSTEM_NO_BACKSLASH @@ -141,7 +147,7 @@ /* fsid_t has member __val */ #undef FSID_HAS___VAL -/* Define to 1 if the `getpgrp' function requires zero arguments. */ +/* getpgrp takes one arg */ #undef GETPGRP_VOID /* Conflicting defs for getspnam */ @@ -252,7 +258,10 @@ /* Define to 1 if you have the header file. */ #undef HAVE_BSTRING_H -/* calloc(x, 0) returns NULL */ +/* Define to 1 if you have the `bzero' function. */ +#undef HAVE_BZERO + +/* calloc(0, x) returns NULL */ #undef HAVE_CALLOC /* Define to 1 if you have the `cap_rights_limit' function. */ @@ -299,6 +308,10 @@ don't. */ #undef HAVE_DECL_AUTHENTICATE +/* Define to 1 if you have the declaration of `bzero', and to 0 if you don't. + */ +#undef HAVE_DECL_BZERO + /* Define to 1 if you have the declaration of `GLOB_NOMATCH', and to 0 if you don't. */ #undef HAVE_DECL_GLOB_NOMATCH @@ -347,6 +360,10 @@ don't. */ #undef HAVE_DECL_PASSWDEXPIRED +/* Define to 1 if you have the declaration of `readv', and to 0 if you don't. + */ +#undef HAVE_DECL_READV + /* Define to 1 if you have the declaration of `setauthdb', and to 0 if you don't. */ #undef HAVE_DECL_SETAUTHDB @@ -466,6 +483,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_FLOATINGPOINT_H +/* Define to 1 if you have the `flock' function. */ +#undef HAVE_FLOCK + /* Define to 1 if you have the `fmt_scaled' function. */ #undef HAVE_FMT_SCALED @@ -553,12 +573,12 @@ /* Define if getrrsetbyname() exists */ #undef HAVE_GETRRSETBYNAME -/* Define to 1 if you have the `getrusage' function. */ -#undef HAVE_GETRUSAGE - /* Define to 1 if you have the `getseuserbyname' function. */ #undef HAVE_GETSEUSERBYNAME +/* Define to 1 if you have the `getsid' function. */ +#undef HAVE_GETSID + /* Define to 1 if you have the `gettimeofday' function. */ #undef HAVE_GETTIMEOFDAY @@ -640,6 +660,9 @@ /* Define if you have ut_id in utmpx.h */ #undef HAVE_ID_IN_UTMPX +/* Define to 1 if you have the header file. */ +#undef HAVE_IFADDRS_H + /* Define to 1 if you have the `inet_aton' function. */ #undef HAVE_INET_ATON @@ -821,6 +844,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_NET_IF_TUN_H +/* Define to 1 if you have the header file. */ +#undef HAVE_NET_ROUTE_H + /* Define if you are on NeXT */ #undef HAVE_NEXT @@ -903,6 +929,9 @@ /* Define to 1 if you have the `pututxline' function. */ #undef HAVE_PUTUTXLINE +/* Define to 1 if you have the `raise' function. */ +#undef HAVE_RAISE + /* Define to 1 if you have the `readpassphrase' function. */ #undef HAVE_READPASSPHRASE @@ -1120,6 +1149,9 @@ /* Define to 1 if you have the `strmode' function. */ #undef HAVE_STRMODE +/* Define to 1 if you have the `strndup' function. */ +#undef HAVE_STRNDUP + /* Define to 1 if you have the `strnlen' function. */ #undef HAVE_STRNLEN @@ -1174,6 +1206,9 @@ /* define if you have struct sockaddr_storage data type */ #undef HAVE_STRUCT_SOCKADDR_STORAGE +/* Define to 1 if `f_flags' is a member of `struct statfs'. */ +#undef HAVE_STRUCT_STATFS_F_FLAGS + /* Define to 1 if `st_blksize' is a member of `struct stat'. */ #undef HAVE_STRUCT_STAT_ST_BLKSIZE @@ -1219,6 +1254,12 @@ /* Define if your system defines sys_errlist[] */ #undef HAVE_SYS_ERRLIST +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_FILE_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_LABEL_H + /* Define to 1 if you have the header file. */ #undef HAVE_SYS_MMAN_H @@ -1264,6 +1305,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_SYS_STRTIO_H +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_SYSCTL_H + /* Force use of sys/syslog.h on Ultrix */ #undef HAVE_SYS_SYSLOG_H @@ -1282,6 +1326,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_SYS_UN_H +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_VFS_H + /* Define to 1 if you have the `tcgetpgrp' function. */ #undef HAVE_TCGETPGRP @@ -1496,12 +1543,12 @@ /* Need setpgrp to acquire controlling tty */ #undef NEED_SETPGRP +/* compiler does not accept __attribute__ on protoype args */ +#undef NO_ATTRIBUTE_ON_PROTOTYPE_ARGS + /* compiler does not accept __attribute__ on return types */ #undef NO_ATTRIBUTE_ON_RETURN_TYPE -/* Define if you don't want to use lastlog in session.c */ -#undef NO_SSH_LASTLOG - /* Define to disable UID restoration test */ #undef NO_UID_RESTORATION_TEST @@ -1681,6 +1728,9 @@ /* syslog_r function is safe to use in in a signal handler */ #undef SYSLOG_R_SAFE_IN_SIGHAND +/* Support routing domains using Linux VRF */ +#undef SYS_RDOMAIN_LINUX + /* Support passwords > 8 chars */ #undef UNIXWARE_LONG_PASSWORDS diff --git a/configure b/configure index b2c2c3b91745..5f5536fa4e32 100755 --- a/configure +++ b/configure @@ -624,6 +624,7 @@ ac_includes_default="\ #endif" ac_subst_vars='LTLIBOBJS +DEPEND UNSUPPORTED_ALGORITHMS TEST_MALLOC_OPTIONS TEST_SSH_UTF8 @@ -663,11 +664,11 @@ SH TEST_MINUS_S_SH ENT SED -PERL KILL CAT ac_ct_AR AR +MKDIR_P INSTALL_DATA INSTALL_SCRIPT INSTALL_PROGRAM @@ -1473,7 +1474,7 @@ Optional Packages: --with-superuser-path= Specify different path for super-user --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses --with-bsd-auth Enable BSD auth support - --with-pid-dir=PATH Specify location of ssh.pid file + --with-pid-dir=PATH Specify location of sshd.pid file --with-lastlog=FILE|DIR specify lastlog location common locations Some influential environment variables: @@ -4564,6 +4565,48 @@ $as_echo "$ac_cv_path_EGREP" >&6; } EGREP="$ac_cv_path_EGREP" +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a thread-safe mkdir -p" >&5 +$as_echo_n "checking for a thread-safe mkdir -p... " >&6; } +if test -z "$MKDIR_P"; then + if ${ac_cv_path_mkdir+:} false; then : + $as_echo_n "(cached) " >&6 +else + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_prog in mkdir gmkdir; do + for ac_exec_ext in '' $ac_executable_extensions; do + as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext" || continue + case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #( + 'mkdir (GNU coreutils) '* | \ + 'mkdir (coreutils) '* | \ + 'mkdir (fileutils) '4.1*) + ac_cv_path_mkdir=$as_dir/$ac_prog$ac_exec_ext + break 3;; + esac + done + done + done +IFS=$as_save_IFS + +fi + + test -d ./--version && rmdir ./--version + if test "${ac_cv_path_mkdir+set}" = set; then + MKDIR_P="$ac_cv_path_mkdir -p" + else + # As a last resort, use the slow shell script. Don't cache a + # value for MKDIR_P within a source directory, because that will + # break other packages using the cache if that directory is + # removed, or if the value is a relative name. + MKDIR_P="$ac_install_sh -d" + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $MKDIR_P" >&5 +$as_echo "$MKDIR_P" >&6; } + if test -n "$ac_tool_prefix"; then for ac_prog in ar do @@ -4744,51 +4787,6 @@ $as_echo "no" >&6; } fi -for ac_prog in perl5 perl -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_PERL+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $PERL in - [\\/]* | ?:[\\/]*) - ac_cv_path_PERL="$PERL" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_PERL="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -PERL=$ac_cv_path_PERL -if test -n "$PERL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PERL" >&5 -$as_echo "$PERL" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$PERL" && break -done - # Extract the first word of "sed", so it can be a program name with args. set dummy sed; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 @@ -4829,7 +4827,6 @@ $as_echo "no" >&6; } fi - # Extract the first word of "ent", so it can be a program name with args. set dummy ent; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 @@ -6222,6 +6219,172 @@ fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext } if test "x$use_toolchain_hardening" = "x1"; then + { + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -mfunction-return=thunk" >&5 +$as_echo_n "checking if $CC supports compile flag -mfunction-return=thunk... " >&6; } + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -mfunction-return=thunk" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-mfunction-return=thunk" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +int main(int argc, char **argv) { + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); + exit(0); +} + +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + +if `grep -i "unrecognized option" conftest.err >/dev/null` +then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + CFLAGS="$saved_CFLAGS" +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + CFLAGS="$saved_CFLAGS $_define_flag" +fi +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +} # gcc + { + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -mindirect-branch=thunk" >&5 +$as_echo_n "checking if $CC supports compile flag -mindirect-branch=thunk... " >&6; } + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -mindirect-branch=thunk" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-mindirect-branch=thunk" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +int main(int argc, char **argv) { + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); + exit(0); +} + +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + +if `grep -i "unrecognized option" conftest.err >/dev/null` +then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + CFLAGS="$saved_CFLAGS" +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + CFLAGS="$saved_CFLAGS $_define_flag" +fi +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +} # gcc + { + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -mretpoline" >&5 +$as_echo_n "checking if $CC supports compile flag -mretpoline... " >&6; } + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $WERROR -mretpoline" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-mretpoline" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +int main(int argc, char **argv) { + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); + exit(0); +} + +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + +if `grep -i "unrecognized option" conftest.err >/dev/null` +then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + CFLAGS="$saved_CFLAGS" +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + CFLAGS="$saved_CFLAGS $_define_flag" +fi +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + CFLAGS="$saved_CFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +} # clang + { + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $LD supports link flag -Wl,-z,retpolineplt" >&5 +$as_echo_n "checking if $LD supports link flag -Wl,-z,retpolineplt... " >&6; } + saved_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS $WERROR -Wl,-z,retpolineplt" + _define_flag="" + test "x$_define_flag" = "x" && _define_flag="-Wl,-z,retpolineplt" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +int main(int argc, char **argv) { + /* Some math to catch -ftrapv problems in the toolchain */ + int i = 123 * argc, j = 456 + argc, k = 789 - argc; + float l = i * 2.1; + double m = l / 0.5; + long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + long long p = n * o; + printf("%d %d %d %f %f %lld %lld %lld\n", i, j, k, l, m, n, o, p); + exit(0); +} + +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + LDFLAGS="$saved_LDFLAGS $_define_flag" +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + LDFLAGS="$saved_LDFLAGS" + +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +} { { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -D_FORTIFY_SOURCE=2" >&5 $as_echo_n "checking if $CC supports compile flag -D_FORTIFY_SOURCE=2... " >&6; } @@ -6588,6 +6751,34 @@ $as_echo "no" >&6; } $as_echo "#define NO_ATTRIBUTE_ON_RETURN_TYPE 1" >>confdefs.h +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if compiler allows __attribute__ prototype args" >&5 +$as_echo_n "checking if compiler allows __attribute__ prototype args... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +typedef void foo(const char *, ...) __attribute__((format(printf, 1, 2))); +int +main () +{ + exit(0); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + +$as_echo "#define NO_ATTRIBUTE_ON_PROTOTYPE_ARGS 1" >>confdefs.h + + fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext @@ -6717,6 +6908,7 @@ for ac_header in \ glob.h \ ia.h \ iaf.h \ + ifaddrs.h \ inttypes.h \ langinfo.h \ limits.h \ @@ -6740,12 +6932,13 @@ for ac_header in \ stdint.h \ string.h \ strings.h \ - sys/audit.h \ sys/bitypes.h \ sys/bsdtty.h \ sys/cdefs.h \ sys/dir.h \ + sys/file.h \ sys/mman.h \ + sys/label.h \ sys/ndir.h \ sys/poll.h \ sys/prctl.h \ @@ -6760,6 +6953,7 @@ for ac_header in \ sys/sysmacros.h \ sys/time.h \ sys/timers.h \ + sys/vfs.h \ time.h \ tmpdir.h \ ttyent.h \ @@ -6786,6 +6980,32 @@ fi done +# On some platforms (eg SunOS4) sys/audit.h requires sys/[time|types|label.h] +# to be included first. +for ac_header in sys/audit.h +do : + ac_fn_c_check_header_compile "$LINENO" "sys/audit.h" "ac_cv_header_sys_audit_h" " +#ifdef HAVE_SYS_TIME_H +# include +#endif +#ifdef HAVE_SYS_TYPES_H +# include +#endif +#ifdef HAVE_SYS_LABEL_H +# include +#endif + +" +if test "x$ac_cv_header_sys_audit_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_SYS_AUDIT_H 1 +_ACEOF + +fi + +done + + # sys/capsicum.h requires sys/types.h for ac_header in sys/capsicum.h do : @@ -6805,6 +7025,29 @@ fi done +# net/route.h requires sys/socket.h and sys/types.h. +# sys/sysctl.h also requires sys/param.h +for ac_header in net/route.h sys/sysctl.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" " +#ifdef HAVE_SYS_TYPES_H +# include +#endif +#include +#include + +" +if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + + # lastlog.h requires sys/time.h to be included first on Solaris for ac_header in lastlog.h do : @@ -7185,6 +7428,12 @@ $as_echo "#define PTY_ZEROREAD 1" >>confdefs.h $as_echo "#define PLATFORM_SYS_DIR_UID 2" >>confdefs.h + +$as_echo "#define BROKEN_STRNDUP 1" >>confdefs.h + + +$as_echo "#define BROKEN_STRNLEN 1" >>confdefs.h + ;; *-*-android*) @@ -7695,6 +7944,19 @@ $as_echo "#define SSH_TUN_COMPAT_AF 1" >>confdefs.h $as_echo "#define SSH_TUN_PREPEND_AF 1" >>confdefs.h fi + ac_fn_c_check_header_compile "$LINENO" "linux/if.h" "ac_cv_header_linux_if_h" " +#ifdef HAVE_SYS_TYPES_H +# include +#endif + +" +if test "x$ac_cv_header_linux_if_h" = xyes; then : + +$as_echo "#define SYS_RDOMAIN_LINUX 1" >>confdefs.h + +fi + + for ac_header in linux/seccomp.h linux/filter.h linux/audit.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` @@ -7709,6 +7971,75 @@ fi done + # Obtain MIPS ABI + case "$host" in + mips*) + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#if _MIPS_SIM != _ABIO32 +#error +#endif + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + mips_abi="o32" +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#if _MIPS_SIM != _ABIN32 +#error +#endif + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + mips_abi="n32" +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#if _MIPS_SIM != _ABI64 +#error +#endif + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + mips_abi="n64" +else + as_fn_error $? "unknown MIPS ABI" "$LINENO" 5 + +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ;; + esac { $as_echo "$as_me:${as_lineno-$LINENO}: checking for seccomp architecture" >&5 $as_echo_n "checking for seccomp architecture... " >&6; } seccomp_audit_arch= @@ -7744,10 +8075,24 @@ $as_echo_n "checking for seccomp architecture... " >&6; } seccomp_audit_arch=AUDIT_ARCH_MIPSEL ;; mips64-*) - seccomp_audit_arch=AUDIT_ARCH_MIPS64 + case "$mips_abi" in + "n32") + seccomp_audit_arch=AUDIT_ARCH_MIPS64N32 + ;; + "n64") + seccomp_audit_arch=AUDIT_ARCH_MIPS64 + ;; + esac ;; mips64el-*) - seccomp_audit_arch=AUDIT_ARCH_MIPSEL64 + case "$mips_abi" in + "n32") + seccomp_audit_arch=AUDIT_ARCH_MIPSEL64N32 + ;; + "n64") + seccomp_audit_arch=AUDIT_ARCH_MIPSEL64 + ;; + esac ;; esac if test "x$seccomp_audit_arch" != "x" ; then @@ -8102,6 +8447,9 @@ done conf_lastlog_location=/var/adm/lastlog $as_echo "#define USE_PIPES 1" >>confdefs.h + +$as_echo "#define DISABLE_UTMPX 1" >>confdefs.h + ;; *-ncr-sysv*) LIBS="$LIBS -lc89" @@ -8260,12 +8608,10 @@ $as_echo "#define UNIXWARE_LONG_PASSWORDS 1" >>confdefs.h $as_echo "#define BROKEN_TCGETATTR_ICANON 1" >>confdefs.h TEST_SHELL=$SHELL # let configure find us a capable shell + check_for_libcrypt_later=1 case "$host" in *-*-sysv5SCO_SV*) # SCO OpenServer 6.x maildir=/var/spool/mail - -$as_echo "#define BROKEN_LIBIAF 1" >>confdefs.h - $as_echo "#define BROKEN_UPDWTMPX 1" >>confdefs.h { $as_echo "$as_me:${as_lineno-$LINENO}: checking for getluid in -lprot" >&5 @@ -8318,17 +8664,12 @@ _ACEOF fi done - $as_echo "#define HAVE_SECUREWARE 1" >>confdefs.h - - $as_echo "#define DISABLE_SHADOW 1" >>confdefs.h - fi ;; *) $as_echo "#define LOCKED_PASSWD_STRING \"*LK*\"" >>confdefs.h - check_for_libcrypt_later=1 ;; esac ;; @@ -8383,58 +8724,6 @@ done TEST_SHELL=$SHELL # let configure find us a capable shell SKIP_DISABLE_LASTLOG_DEFINE=yes ;; -*-*-unicosmk*) - -$as_echo "#define NO_SSH_LASTLOG 1" >>confdefs.h - - $as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREGID 1" >>confdefs.h - - $as_echo "#define USE_PIPES 1" >>confdefs.h - - $as_echo "#define DISABLE_FD_PASSING 1" >>confdefs.h - - LDFLAGS="$LDFLAGS" - LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" - MANTYPE=cat - ;; -*-*-unicosmp*) - $as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREGID 1" >>confdefs.h - - $as_echo "#define WITH_ABBREV_NO_TTY 1" >>confdefs.h - - $as_echo "#define USE_PIPES 1" >>confdefs.h - - $as_echo "#define DISABLE_FD_PASSING 1" >>confdefs.h - - LDFLAGS="$LDFLAGS" - LIBS="$LIBS -lgen -lacid -ldb" - MANTYPE=cat - ;; -*-*-unicos*) - $as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREUID 1" >>confdefs.h - - $as_echo "#define BROKEN_SETREGID 1" >>confdefs.h - - $as_echo "#define USE_PIPES 1" >>confdefs.h - - $as_echo "#define DISABLE_FD_PASSING 1" >>confdefs.h - - $as_echo "#define NO_SSH_LASTLOG 1" >>confdefs.h - - LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal" - LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" - MANTYPE=cat - ;; *-dec-osf*) { $as_echo "$as_me:${as_lineno-$LINENO}: checking for Digital Unix SIA" >&5 $as_echo_n "checking for Digital Unix SIA... " >&6; } @@ -9874,7 +10163,43 @@ fi # autoconf doesn't have AC_FUNC_CALLOC so fake it if malloc returns NULL; -if test "x$ac_cv_func_malloc_0_nonnull" != "xyes"; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if calloc(0, N) returns non-null" >&5 +$as_echo_n "checking if calloc(0, N) returns non-null... " >&6; } +if test "$cross_compiling" = yes; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming same as malloc" >&5 +$as_echo "$as_me: WARNING: cross compiling: assuming same as malloc" >&2;} + func_calloc_0_nonnull="$ac_cv_func_malloc_0_nonnull" + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include +int +main () +{ + void *p = calloc(0, 1); exit(p == NULL); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + func_calloc_0_nonnull=yes +else + func_calloc_0_nonnull=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $func_calloc_0_nonnull" >&5 +$as_echo "$func_calloc_0_nonnull" >&6; } + +if test "x$func_calloc_0_nonnull" == "xyes"; then + +$as_echo "#define HAVE_CALLOC 1" >>confdefs.h + +else $as_echo "#define HAVE_CALLOC 0" >>confdefs.h @@ -10256,7 +10581,7 @@ else LDNSCONFIG="$ac_cv_path_LDNSCONFIG" fi - if test "x$PKGCONFIG" = "xno"; then + if test "x$LDNSCONFIG" = "xno"; then CPPFLAGS="$CPPFLAGS -I${withval}/include" LDFLAGS="$LDFLAGS -L${withval}/lib" LIBS="-lldns $LIBS" @@ -10833,6 +11158,7 @@ for ac_func in \ bcrypt_pbkdf \ bindresvport_sa \ blf_enc \ + bzero \ cap_rights_limit \ clock \ closefrom \ @@ -10843,6 +11169,7 @@ for ac_func in \ explicit_bzero \ fchmod \ fchown \ + flock \ freeaddrinfo \ freezero \ fstatfs \ @@ -10857,9 +11184,9 @@ for ac_func in \ getpeereid \ getpeerucred \ getpgid \ - getpgrp \ _getpty \ getrlimit \ + getsid \ getttyent \ glob \ group_from_gid \ @@ -10881,6 +11208,7 @@ for ac_func in \ poll \ prctl \ pstat \ + raise \ readpassphrase \ reallocarray \ recvmsg \ @@ -10915,6 +11243,7 @@ for ac_func in \ strlcat \ strlcpy \ strmode \ + strndup \ strnlen \ strnvis \ strptime \ @@ -10949,6 +11278,18 @@ fi done +ac_fn_c_check_decl "$LINENO" "bzero" "ac_cv_have_decl_bzero" "$ac_includes_default" +if test "x$ac_cv_have_decl_bzero" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_BZERO $ac_have_decl +_ACEOF + + for ac_func in mblen mbtowc nl_langinfo wcwidth do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` @@ -11090,9 +11431,15 @@ $as_echo "$ac_cv_search_dlopen" >&6; } ac_res=$ac_cv_search_dlopen if test "$ac_res" != no; then : test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + ac_fn_c_check_decl "$LINENO" "RTLD_NOW" "ac_cv_have_decl_RTLD_NOW" "#include + +" +if test "x$ac_cv_have_decl_RTLD_NOW" = xyes; then : $as_echo "#define ENABLE_PKCS11 /**/" >>confdefs.h +fi + fi @@ -11258,21 +11605,6 @@ $as_echo "#define HAVE_CLOCK_GETTIME 1" >>confdefs.h fi -ac_fn_c_check_decl "$LINENO" "getrusage" "ac_cv_have_decl_getrusage" "$ac_includes_default" -if test "x$ac_cv_have_decl_getrusage" = xyes; then : - for ac_func in getrusage -do : - ac_fn_c_check_func "$LINENO" "getrusage" "ac_cv_func_getrusage" -if test "x$ac_cv_func_getrusage" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_GETRUSAGE 1 -_ACEOF - -fi -done - -fi - ac_fn_c_check_decl "$LINENO" "strsep" "ac_cv_have_decl_strsep" " #ifdef HAVE_STRING_H # include @@ -11365,6 +11697,21 @@ cat >>confdefs.h <<_ACEOF _ACEOF +ac_fn_c_check_decl "$LINENO" "readv" "ac_cv_have_decl_readv" " +#include +#include +#include + +" +if test "x$ac_cv_have_decl_readv" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_READV $ac_have_decl +_ACEOF ac_fn_c_check_decl "$LINENO" "writev" "ac_cv_have_decl_writev" " #include #include @@ -11655,6 +12002,39 @@ fi done +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for working fflush(NULL)" >&5 +$as_echo_n "checking for working fflush(NULL)... " >&6; } +if test "$cross_compiling" = yes; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming working" >&5 +$as_echo "$as_me: WARNING: cross compiling: assuming working" >&2;} + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +fflush(NULL); exit(0); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + +$as_echo "#define FFLUSH_NULL_BUG 1" >>confdefs.h + +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + for ac_func in gettimeofday time do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` @@ -12396,38 +12776,45 @@ fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether getpgrp requires zero arguments" >&5 -$as_echo_n "checking whether getpgrp requires zero arguments... " >&6; } -if ${ac_cv_func_getpgrp_void+:} false; then : - $as_echo_n "(cached) " >&6 -else - # Use it with a single arg. -cat confdefs.h - <<_ACEOF >conftest.$ac_ext +for ac_func in getpgrp +do : + ac_fn_c_check_func "$LINENO" "getpgrp" "ac_cv_func_getpgrp" +if test "x$ac_cv_func_getpgrp" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_GETPGRP 1 +_ACEOF + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if getpgrp accepts zero args" >&5 +$as_echo_n "checking if getpgrp accepts zero args... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default int main () { -getpgrp (0); + getpgrp(); ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_func_getpgrp_void=no + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + +$as_echo "#define GETPGRP_VOID 1" >>confdefs.h + else - ac_cv_func_getpgrp_void=yes + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + +$as_echo "#define GETPGRP_VOID 0" >>confdefs.h + + fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_getpgrp_void" >&5 -$as_echo "$ac_cv_func_getpgrp_void" >&6; } -if test $ac_cv_func_getpgrp_void = yes; then - -$as_echo "#define GETPGRP_VOID 1" >>confdefs.h - -fi +done # Search for OpenSSL @@ -15193,6 +15580,33 @@ _ACEOF fi +ac_fn_c_check_member "$LINENO" "struct statfs" "f_flags" "ac_cv_member_struct_statfs_f_flags" " +#include +#ifdef HAVE_SYS_BITYPES_H +#include +#endif +#ifdef HAVE_SYS_STATFS_H +#include +#endif +#ifdef HAVE_SYS_STATVFS_H +#include +#endif +#ifdef HAVE_SYS_VFS_H +#include +#endif + +" +if test "x$ac_cv_member_struct_statfs_f_flags" = xyes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_STRUCT_STATFS_F_FLAGS 1 +_ACEOF + + +fi + + + ac_fn_c_check_type "$LINENO" "in_addr_t" "ac_cv_type_in_addr_t" "#include #include " @@ -19272,6 +19686,8 @@ TEST_MALLOC_OPTIONS=$TEST_MALLOC_OPTIONS UNSUPPORTED_ALGORITHMS=$unsupported_algorithms +DEPEND=$(cat $srcdir/.depend) + CFLAGS="${CFLAGS} ${CFLAGS_AFTER}" LDFLAGS="${LDFLAGS} ${LDFLAGS_AFTER}" @@ -19859,6 +20275,7 @@ gives unlimited permission to copy, distribute and modify it." ac_pwd='$ac_pwd' srcdir='$srcdir' INSTALL='$INSTALL' +MKDIR_P='$MKDIR_P' AWK='$AWK' test -n "\$AWK" || AWK=awk _ACEOF @@ -20426,6 +20843,11 @@ ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;; *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;; esac + ac_MKDIR_P=$MKDIR_P + case $MKDIR_P in + [\\/$]* | ?:[\\/]* ) ;; + */*) ac_MKDIR_P=$ac_top_build_prefix$MKDIR_P ;; + esac _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 @@ -20480,6 +20902,7 @@ s&@builddir@&$ac_builddir&;t t s&@abs_builddir@&$ac_abs_builddir&;t t s&@abs_top_builddir@&$ac_abs_top_builddir&;t t s&@INSTALL@&$ac_INSTALL&;t t +s&@MKDIR_P@&$ac_MKDIR_P&;t t $ac_datarootdir_hack " eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \ @@ -20607,7 +21030,6 @@ echo " PAM support: $PAM_MSG" echo " OSF SIA support: $SIA_MSG" echo " KerberosV support: $KRB5_MSG" echo " SELinux support: $SELINUX_MSG" -echo " Smartcard support: $SCARD_MSG" echo " S/KEY support: $SKEY_MSG" echo " MD5 password support: $MD5_MSG" echo " libedit support: $LIBEDIT_MSG" diff --git a/configure.ac b/configure.ac index 889f506377c0..663062bef142 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,3 @@ -# $Id: configure.ac,v 1.583 2014/08/26 20:32:01 djm Exp $ # # Copyright (c) 1999-2004 Damien Miller # @@ -30,12 +29,11 @@ AC_PROG_CPP AC_PROG_RANLIB AC_PROG_INSTALL AC_PROG_EGREP +AC_PROG_MKDIR_P AC_CHECK_TOOLS([AR], [ar]) AC_PATH_PROG([CAT], [cat]) AC_PATH_PROG([KILL], [kill]) -AC_PATH_PROGS([PERL], [perl5 perl]) AC_PATH_PROG([SED], [sed]) -AC_SUBST([PERL]) AC_PATH_PROG([ENT], [ent]) AC_SUBST([ENT]) AC_PATH_PROG([TEST_MINUS_S_SH], [bash]) @@ -164,6 +162,10 @@ if test "$GCC" = "yes" || test "$GCC" = "egcs"; then OSSH_CHECK_CFLAG_COMPILE([-Wunused-result], [-Wno-unused-result]) OSSH_CHECK_CFLAG_COMPILE([-fno-strict-aliasing]) if test "x$use_toolchain_hardening" = "x1"; then + OSSH_CHECK_CFLAG_COMPILE([-mfunction-return=thunk]) # gcc + OSSH_CHECK_CFLAG_COMPILE([-mindirect-branch=thunk]) # gcc + OSSH_CHECK_CFLAG_COMPILE([-mretpoline]) # clang + OSSH_CHECK_LDFLAG_LINK([-Wl,-z,retpolineplt]) OSSH_CHECK_CFLAG_COMPILE([-D_FORTIFY_SOURCE=2]) OSSH_CHECK_LDFLAG_LINK([-Wl,-z,relro]) OSSH_CHECK_LDFLAG_LINK([-Wl,-z,now]) @@ -263,6 +265,18 @@ __attribute__((__unused__)) static void foo(void){return;}]], [compiler does not accept __attribute__ on return types]) ] ) +AC_MSG_CHECKING([if compiler allows __attribute__ prototype args]) +AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM([[ +#include +typedef void foo(const char *, ...) __attribute__((format(printf, 1, 2)));]], + [[ exit(0); ]])], + [ AC_MSG_RESULT([yes]) ], + [ AC_MSG_RESULT([no]) + AC_DEFINE(NO_ATTRIBUTE_ON_PROTOTYPE_ARGS, 1, + [compiler does not accept __attribute__ on protoype args]) ] +) + if test "x$no_attrib_nonnull" != "x1" ; then AC_DEFINE([HAVE_ATTRIBUTE__NONNULL__], [1], [Have attribute nonnull]) fi @@ -363,6 +377,7 @@ AC_CHECK_HEADERS([ \ glob.h \ ia.h \ iaf.h \ + ifaddrs.h \ inttypes.h \ langinfo.h \ limits.h \ @@ -386,12 +401,13 @@ AC_CHECK_HEADERS([ \ stdint.h \ string.h \ strings.h \ - sys/audit.h \ sys/bitypes.h \ sys/bsdtty.h \ sys/cdefs.h \ sys/dir.h \ + sys/file.h \ sys/mman.h \ + sys/label.h \ sys/ndir.h \ sys/poll.h \ sys/prctl.h \ @@ -406,6 +422,7 @@ AC_CHECK_HEADERS([ \ sys/sysmacros.h \ sys/time.h \ sys/timers.h \ + sys/vfs.h \ time.h \ tmpdir.h \ ttyent.h \ @@ -420,6 +437,20 @@ AC_CHECK_HEADERS([ \ wchar.h \ ]) +# On some platforms (eg SunOS4) sys/audit.h requires sys/[time|types|label.h] +# to be included first. +AC_CHECK_HEADERS([sys/audit.h], [], [], [ +#ifdef HAVE_SYS_TIME_H +# include +#endif +#ifdef HAVE_SYS_TYPES_H +# include +#endif +#ifdef HAVE_SYS_LABEL_H +# include +#endif +]) + # sys/capsicum.h requires sys/types.h AC_CHECK_HEADERS([sys/capsicum.h], [], [], [ #ifdef HAVE_SYS_TYPES_H @@ -427,6 +458,16 @@ AC_CHECK_HEADERS([sys/capsicum.h], [], [], [ #endif ]) +# net/route.h requires sys/socket.h and sys/types.h. +# sys/sysctl.h also requires sys/param.h +AC_CHECK_HEADERS([net/route.h sys/sysctl.h], [], [], [ +#ifdef HAVE_SYS_TYPES_H +# include +#endif +#include +#include +]) + # lastlog.h requires sys/time.h to be included first on Solaris AC_CHECK_HEADERS([lastlog.h], [], [], [ #ifdef HAVE_SYS_TIME_H @@ -562,6 +603,8 @@ case "$host" in [AIX 5.2 and 5.3 (and presumably newer) require this]) AC_DEFINE([PTY_ZEROREAD], [1], [read(1) can return 0 for a non-closed fd]) AC_DEFINE([PLATFORM_SYS_DIR_UID], 2, [System dirs owned by bin (uid 2)]) + AC_DEFINE([BROKEN_STRNDUP], 1, [strndup broken, see APAR IY61211]) + AC_DEFINE([BROKEN_STRNLEN], 1, [strnlen broken, see APAR IY62551]) ;; *-*-android*) AC_DEFINE([DISABLE_UTMP], [1], [Define if you don't want to use utmp]) @@ -769,8 +812,36 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) AC_DEFINE([SSH_TUN_PREPEND_AF], [1], [Prepend the address family to IP tunnel traffic]) fi + AC_CHECK_HEADER([linux/if.h], + AC_DEFINE([SYS_RDOMAIN_LINUX], [1], + [Support routing domains using Linux VRF]), [], [ +#ifdef HAVE_SYS_TYPES_H +# include +#endif + ]) AC_CHECK_HEADERS([linux/seccomp.h linux/filter.h linux/audit.h], [], [], [#include ]) + # Obtain MIPS ABI + case "$host" in + mips*) + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ +#if _MIPS_SIM != _ABIO32 +#error +#endif + ]])],[mips_abi="o32"],[AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ +#if _MIPS_SIM != _ABIN32 +#error +#endif + ]])],[mips_abi="n32"],[AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ +#if _MIPS_SIM != _ABI64 +#error +#endif + ]])],[mips_abi="n64"],[AC_MSG_ERROR([unknown MIPS ABI]) + ]) + ]) + ]) + ;; + esac AC_MSG_CHECKING([for seccomp architecture]) seccomp_audit_arch= case "$host" in @@ -805,10 +876,24 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) seccomp_audit_arch=AUDIT_ARCH_MIPSEL ;; mips64-*) - seccomp_audit_arch=AUDIT_ARCH_MIPS64 + case "$mips_abi" in + "n32") + seccomp_audit_arch=AUDIT_ARCH_MIPS64N32 + ;; + "n64") + seccomp_audit_arch=AUDIT_ARCH_MIPS64 + ;; + esac ;; mips64el-*) - seccomp_audit_arch=AUDIT_ARCH_MIPSEL64 + case "$mips_abi" in + "n32") + seccomp_audit_arch=AUDIT_ARCH_MIPSEL64N32 + ;; + "n64") + seccomp_audit_arch=AUDIT_ARCH_MIPSEL64 + ;; + esac ;; esac if test "x$seccomp_audit_arch" != "x" ; then @@ -959,6 +1044,7 @@ mips-sony-bsd|mips-sony-newsos4) conf_wtmp_location=/var/adm/wtmp conf_lastlog_location=/var/adm/lastlog AC_DEFINE([USE_PIPES]) + AC_DEFINE([DISABLE_UTMPX], [1], [no utmpx]) ;; *-ncr-sysv*) LIBS="$LIBS -lc89" @@ -1007,20 +1093,16 @@ mips-sony-bsd|mips-sony-newsos4) AC_DEFINE([PASSWD_NEEDS_USERNAME]) AC_DEFINE([BROKEN_TCGETATTR_ICANON]) TEST_SHELL=$SHELL # let configure find us a capable shell + check_for_libcrypt_later=1 case "$host" in *-*-sysv5SCO_SV*) # SCO OpenServer 6.x maildir=/var/spool/mail - AC_DEFINE([BROKEN_LIBIAF], [1], - [ia_uinfo routines not supported by OS yet]) AC_DEFINE([BROKEN_UPDWTMPX]) AC_CHECK_LIB([prot], [getluid], [ LIBS="$LIBS -lprot" AC_CHECK_FUNCS([getluid setluid], , , [-lprot]) - AC_DEFINE([HAVE_SECUREWARE]) - AC_DEFINE([DISABLE_SHADOW]) ], , ) ;; *) AC_DEFINE([LOCKED_PASSWD_STRING], ["*LK*"]) - check_for_libcrypt_later=1 ;; esac ;; @@ -1053,40 +1135,6 @@ mips-sony-bsd|mips-sony-newsos4) TEST_SHELL=$SHELL # let configure find us a capable shell SKIP_DISABLE_LASTLOG_DEFINE=yes ;; -*-*-unicosmk*) - AC_DEFINE([NO_SSH_LASTLOG], [1], - [Define if you don't want to use lastlog in session.c]) - AC_DEFINE([SETEUID_BREAKS_SETUID]) - AC_DEFINE([BROKEN_SETREUID]) - AC_DEFINE([BROKEN_SETREGID]) - AC_DEFINE([USE_PIPES]) - AC_DEFINE([DISABLE_FD_PASSING]) - LDFLAGS="$LDFLAGS" - LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" - MANTYPE=cat - ;; -*-*-unicosmp*) - AC_DEFINE([SETEUID_BREAKS_SETUID]) - AC_DEFINE([BROKEN_SETREUID]) - AC_DEFINE([BROKEN_SETREGID]) - AC_DEFINE([WITH_ABBREV_NO_TTY]) - AC_DEFINE([USE_PIPES]) - AC_DEFINE([DISABLE_FD_PASSING]) - LDFLAGS="$LDFLAGS" - LIBS="$LIBS -lgen -lacid -ldb" - MANTYPE=cat - ;; -*-*-unicos*) - AC_DEFINE([SETEUID_BREAKS_SETUID]) - AC_DEFINE([BROKEN_SETREUID]) - AC_DEFINE([BROKEN_SETREGID]) - AC_DEFINE([USE_PIPES]) - AC_DEFINE([DISABLE_FD_PASSING]) - AC_DEFINE([NO_SSH_LASTLOG]) - LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal" - LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" - MANTYPE=cat - ;; *-dec-osf*) AC_MSG_CHECKING([for Digital Unix SIA]) no_osfsia="" @@ -1337,8 +1385,23 @@ AC_FUNC_STRFTIME AC_FUNC_MALLOC AC_FUNC_REALLOC # autoconf doesn't have AC_FUNC_CALLOC so fake it if malloc returns NULL; -if test "x$ac_cv_func_malloc_0_nonnull" != "xyes"; then - AC_DEFINE(HAVE_CALLOC, 0, [calloc(x, 0) returns NULL]) +AC_MSG_CHECKING([if calloc(0, N) returns non-null]) +AC_RUN_IFELSE( + [AC_LANG_PROGRAM( + [[ #include ]], + [[ void *p = calloc(0, 1); exit(p == NULL); ]] + )], + [ func_calloc_0_nonnull=yes ], + [ func_calloc_0_nonnull=no ], + [ AC_MSG_WARN([cross compiling: assuming same as malloc]) + func_calloc_0_nonnull="$ac_cv_func_malloc_0_nonnull"] +) +AC_MSG_RESULT([$func_calloc_0_nonnull]) + +if test "x$func_calloc_0_nonnull" == "xyes"; then + AC_DEFINE(HAVE_CALLOC, 1, [calloc(0, x) returns non-null]) +else + AC_DEFINE(HAVE_CALLOC, 0, [calloc(0, x) returns NULL]) AC_DEFINE(calloc, rpl_calloc, [Define to rpl_calloc if the replacement function should be used.]) fi @@ -1487,7 +1550,7 @@ AC_ARG_WITH(ldns, ldns="" if test "x$withval" = "xyes" ; then AC_PATH_TOOL([LDNSCONFIG], [ldns-config], [no]) - if test "x$PKGCONFIG" = "xno"; then + if test "x$LDNSCONFIG" = "xno"; then CPPFLAGS="$CPPFLAGS -I${withval}/include" LDFLAGS="$LDFLAGS -L${withval}/lib" LIBS="-lldns $LIBS" @@ -1695,6 +1758,7 @@ AC_CHECK_FUNCS([ \ bcrypt_pbkdf \ bindresvport_sa \ blf_enc \ + bzero \ cap_rights_limit \ clock \ closefrom \ @@ -1705,6 +1769,7 @@ AC_CHECK_FUNCS([ \ explicit_bzero \ fchmod \ fchown \ + flock \ freeaddrinfo \ freezero \ fstatfs \ @@ -1719,9 +1784,9 @@ AC_CHECK_FUNCS([ \ getpeereid \ getpeerucred \ getpgid \ - getpgrp \ _getpty \ getrlimit \ + getsid \ getttyent \ glob \ group_from_gid \ @@ -1743,6 +1808,7 @@ AC_CHECK_FUNCS([ \ poll \ prctl \ pstat \ + raise \ readpassphrase \ reallocarray \ recvmsg \ @@ -1777,6 +1843,7 @@ AC_CHECK_FUNCS([ \ strlcat \ strlcpy \ strmode \ + strndup \ strnlen \ strnvis \ strptime \ @@ -1800,6 +1867,8 @@ AC_CHECK_FUNCS([ \ warn \ ]) +AC_CHECK_DECLS([bzero]) + dnl Wide character support. AC_CHECK_FUNCS([mblen mbtowc nl_langinfo wcwidth]) @@ -1842,7 +1911,10 @@ AC_ARG_ENABLE([pkcs11], if test "x$openssl" = "xyes" && test "x$disable_pkcs11" = "x"; then # PKCS#11 support requires dlopen() and co AC_SEARCH_LIBS([dlopen], [dl], - [AC_DEFINE([ENABLE_PKCS11], [], [Enable for PKCS#11 support])] + AC_CHECK_DECL([RTLD_NOW], + AC_DEFINE([ENABLE_PKCS11], [], [Enable for PKCS#11 support]), + [], [#include ] + ) ) fi @@ -1869,7 +1941,6 @@ AC_SEARCH_LIBS([clock_gettime], [rt], [AC_DEFINE([HAVE_CLOCK_GETTIME], [1], [Have clock_gettime])]) dnl Make sure prototypes are defined for these before using them. -AC_CHECK_DECL([getrusage], [AC_CHECK_FUNCS([getrusage])]) AC_CHECK_DECL([strsep], [AC_CHECK_FUNCS([strsep])], [], @@ -1905,7 +1976,7 @@ AC_CHECK_DECLS([O_NONBLOCK], , , #endif ]) -AC_CHECK_DECLS([writev], , , [ +AC_CHECK_DECLS([readv, writev], , , [ #include #include #include @@ -2022,6 +2093,16 @@ AC_CHECK_FUNCS([realpath], [ ) ]) +AC_MSG_CHECKING([for working fflush(NULL)]) +AC_RUN_IFELSE( + [AC_LANG_PROGRAM([[#include ]], [[fflush(NULL); exit(0);]])], + AC_MSG_RESULT([yes]), + [AC_MSG_RESULT([no]) + AC_DEFINE([FFLUSH_NULL_BUG], [1], + [define if fflush(NULL) does not work])], + AC_MSG_WARN([cross compiling: assuming working]) +) + dnl Checks for time functions AC_CHECK_FUNCS([gettimeofday time]) dnl Checks for utmp functions @@ -2393,7 +2474,16 @@ static void sighandler(int sig) { _exit(1); } ) fi -AC_FUNC_GETPGRP +AC_CHECK_FUNCS([getpgrp],[ + AC_MSG_CHECKING([if getpgrp accepts zero args]) + AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM([[$ac_includes_default]], [[ getpgrp(); ]])], + [ AC_MSG_RESULT([yes]) + AC_DEFINE([GETPGRP_VOID], [1], [getpgrp takes zero args])], + [ AC_MSG_RESULT([no]) + AC_DEFINE([GETPGRP_VOID], [0], [getpgrp takes one arg])] + ) +]) # Search for OpenSSL saved_CPPFLAGS="$CPPFLAGS" @@ -3641,6 +3731,23 @@ AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t], , , [ #endif ]) +AC_CHECK_MEMBERS([struct statfs.f_flags], [], [], [[ +#include +#ifdef HAVE_SYS_BITYPES_H +#include +#endif +#ifdef HAVE_SYS_STATFS_H +#include +#endif +#ifdef HAVE_SYS_STATVFS_H +#include +#endif +#ifdef HAVE_SYS_VFS_H +#include +#endif +]]) + + AC_CHECK_TYPES([in_addr_t, in_port_t], , , [#include #include ]) @@ -4755,7 +4862,7 @@ if test ! -d $piddir ; then fi AC_ARG_WITH([pid-dir], - [ --with-pid-dir=PATH Specify location of ssh.pid file], + [ --with-pid-dir=PATH Specify location of sshd.pid file], [ if test -n "$withval" && test "x$withval" != "xno" && \ test "x${withval}" != "xyes"; then @@ -5056,6 +5163,7 @@ AC_SUBST([TEST_SSH_IPV6], [$TEST_SSH_IPV6]) AC_SUBST([TEST_SSH_UTF8], [$TEST_SSH_UTF8]) AC_SUBST([TEST_MALLOC_OPTIONS], [$TEST_MALLOC_OPTIONS]) AC_SUBST([UNSUPPORTED_ALGORITHMS], [$unsupported_algorithms]) +AC_SUBST([DEPEND], [$(cat $srcdir/.depend)]) CFLAGS="${CFLAGS} ${CFLAGS_AFTER}" LDFLAGS="${LDFLAGS} ${LDFLAGS_AFTER}" @@ -5107,7 +5215,6 @@ echo " PAM support: $PAM_MSG" echo " OSF SIA support: $SIA_MSG" echo " KerberosV support: $KRB5_MSG" echo " SELinux support: $SELINUX_MSG" -echo " Smartcard support: $SCARD_MSG" echo " S/KEY support: $SKEY_MSG" echo " MD5 password support: $MD5_MSG" echo " libedit support: $LIBEDIT_MSG" diff --git a/contrib/aix/README b/contrib/aix/README index 4a11ae7038f9..1aa5919786ca 100644 --- a/contrib/aix/README +++ b/contrib/aix/README @@ -47,4 +47,3 @@ you get to keep both pieces. - Darren Tucker (dtucker at zip dot com dot au) 2002/03/01 -$Id: README,v 1.4 2003/08/25 05:01:04 dtucker Exp $ diff --git a/contrib/aix/buildbff.sh b/contrib/aix/buildbff.sh index 81d8cc30105c..00b384dc7a61 100755 --- a/contrib/aix/buildbff.sh +++ b/contrib/aix/buildbff.sh @@ -1,7 +1,6 @@ #!/bin/sh # # buildbff.sh: Create AIX SMIT-installable OpenSSH packages -# $Id: buildbff.sh,v 1.13 2011/05/05 03:48:41 djm Exp $ # # Author: Darren Tucker (dtucker at zip dot com dot au) # This file is placed in the public domain and comes with absolutely diff --git a/contrib/aix/inventory.sh b/contrib/aix/inventory.sh index e2641e79c4f9..7d76f49715c4 100755 --- a/contrib/aix/inventory.sh +++ b/contrib/aix/inventory.sh @@ -1,7 +1,6 @@ #!/bin/sh # # inventory.sh -# $Id: inventory.sh,v 1.6 2003/11/21 12:48:56 djm Exp $ # # Originally written by Ben Lindstrom, modified by Darren Tucker to use perl # This file is placed into the public domain. diff --git a/contrib/cygwin/Makefile b/contrib/cygwin/Makefile index a0261f48d53c..4b78cd950576 100644 --- a/contrib/cygwin/Makefile +++ b/contrib/cygwin/Makefile @@ -13,6 +13,7 @@ defaultsdir=$(sysconfdir)/defaults/etc inetdefdir=$(defaultsdir)/inetd.d PRIVSEP_PATH=/var/empty INSTALL=/usr/bin/install -c +MKDIR_P=$(srcdir)/mkinstalldirs DESTDIR= @@ -23,7 +24,7 @@ all: @echo move-config-files: $(DESTDIR)$(sysconfdir)/ssh_config $(DESTDIR)$(sysconfdir)/sshd_config - $(srcdir)/mkinstalldirs $(DESTDIR)$(defaultsdir) + $(MKDIR_P) $(DESTDIR)$(defaultsdir) mv $(DESTDIR)$(sysconfdir)/ssh_config $(DESTDIR)$(defaultsdir) mv $(DESTDIR)$(sysconfdir)/sshd_config $(DESTDIR)$(defaultsdir) @@ -31,11 +32,11 @@ remove-empty-dir: rm -rf $(DESTDIR)$(PRIVSEP_PATH) install-inetd-config: - $(srcdir)/mkinstalldirs $(DESTDIR)$(inetdefdir) + $(MKDIR_P) $(DESTDIR)$(inetdefdir) $(INSTALL) -m 644 sshd-inetd $(DESTDIR)$(inetdefdir)/sshd-inetd install-sshdoc: - $(srcdir)/mkinstalldirs $(DESTDIR)$(sshdocdir) + $(MKDIR_P) $(DESTDIR)$(sshdocdir) -$(INSTALL) -m 644 $(srcdir)/CREDITS $(DESTDIR)$(sshdocdir)/CREDITS -$(INSTALL) -m 644 $(srcdir)/ChangeLog $(DESTDIR)$(sshdocdir)/ChangeLog -$(INSTALL) -m 644 $(srcdir)/LICENCE $(DESTDIR)$(sshdocdir)/LICENCE @@ -52,13 +53,13 @@ install-sshdoc: -$(INSTALL) -m 644 $(srcdir)/TODO $(DESTDIR)$(sshdocdir)/TODO install-cygwindoc: README - $(srcdir)/mkinstalldirs $(DESTDIR)$(cygdocdir) + $(MKDIR_P) $(DESTDIR)$(cygdocdir) $(INSTALL) -m 644 README $(DESTDIR)$(cygdocdir)/openssh.README install-doc: install-sshdoc install-cygwindoc install-scripts: ssh-host-config ssh-user-config - $(srcdir)/mkinstalldirs $(DESTDIR)$(bindir) + $(MKDIR_P) $(DESTDIR)$(bindir) $(INSTALL) -m 755 ssh-host-config $(DESTDIR)$(bindir)/ssh-host-config $(INSTALL) -m 755 ssh-user-config $(DESTDIR)$(bindir)/ssh-user-config diff --git a/contrib/findssl.sh b/contrib/findssl.sh index 263fd26445d5..95a0d66dfe63 100755 --- a/contrib/findssl.sh +++ b/contrib/findssl.sh @@ -1,7 +1,5 @@ #!/bin/sh # -# $Id: findssl.sh,v 1.4 2007/02/19 11:44:25 dtucker Exp $ -# # findssl.sh # Search for all instances of OpenSSL headers and libraries # and print their versions. diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index a96a36e492d6..a0d5e2071023 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec @@ -1,5 +1,5 @@ -%define ver 7.6p1 -%define rel 1 +%define ver 7.7p1 +%define rel 1%{?dist} # OpenSSH privilege separation requires a user & group ID %define sshd_uid 74 @@ -23,8 +23,19 @@ # Use GTK2 instead of GNOME in gnome-ssh-askpass %define gtk2 1 -# Is this build for RHL 6.x? +# Use build6x options for older RHEL builds +# RHEL 7 not yet supported +%if 0%{?rhel} > 6 %define build6x 0 +%else +%define build6x 1 +%endif + +%if 0%{?fedora} >= 26 +%define compat_openssl 1 +%else +%define compat_openssl 0 +%endif # Do we want kerberos5 support (1=yes 0=no) %define kerberos5 1 @@ -64,7 +75,7 @@ %define kerberos5 0 %endif -Summary: The OpenSSH implementation of SSH protocol versions 1 and 2. +Summary: The OpenSSH implementation of SSH protocol version 2. Name: openssh Version: %{ver} %if %{rescue} @@ -74,9 +85,7 @@ Release: %{rel} %endif URL: https://www.openssh.com/portable.html Source0: https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz -%if ! %{no_x11_askpass} Source1: http://www.jmknoble.net/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz -%endif License: BSD Group: Applications/Internet BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot @@ -86,7 +95,13 @@ PreReq: initscripts >= 5.00 %else Requires: initscripts >= 5.20 %endif -BuildRequires: perl, openssl-devel +BuildRequires: perl +%if %{compat_openssl} +BuildRequires: compat-openssl10-devel +%else +BuildRequires: openssl-devel >= 1.0.1 +BuildRequires: openssl-devel < 1.1 +%endif BuildRequires: /bin/login %if ! %{build6x} BuildRequires: glibc-devel, pam @@ -95,6 +110,12 @@ BuildRequires: /usr/include/security/pam_appl.h %endif %if ! %{no_x11_askpass} BuildRequires: /usr/include/X11/Xlib.h +# Xt development tools +BuildRequires: libXt-devel +# Provides xmkmf +BuildRequires: imake +# Rely on relatively recent gtk +BuildRequires: gtk2-devel %endif %if ! %{no_gnome_askpass} BuildRequires: pkgconfig @@ -183,11 +204,6 @@ environment. CFLAGS="$RPM_OPT_FLAGS -Os"; export CFLAGS %endif -%if %{kerberos5} -K5DIR=`rpm -ql krb5-devel | grep 'include/krb5\.h' | sed 's,\/include\/krb5.h,,'` -echo K5DIR=$K5DIR -%endif - %configure \ --sysconfdir=%{_sysconfdir}/ssh \ --libexecdir=%{_libexecdir}/openssh \ @@ -196,6 +212,9 @@ echo K5DIR=$K5DIR --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \ --with-privsep-path=%{_var}/empty/sshd \ --with-md5-passwords \ + --mandir=%{_mandir} \ + --with-mantype=man \ + --disable-strip \ %if %{scard} --with-smartcard \ %endif @@ -262,12 +281,12 @@ install -m644 contrib/redhat/sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd install -m755 contrib/redhat/sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd %if ! %{no_x11_askpass} -install -s x11-ssh-askpass-%{aversion}/x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/x11-ssh-askpass +install x11-ssh-askpass-%{aversion}/x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/x11-ssh-askpass ln -s x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/ssh-askpass %endif %if ! %{no_gnome_askpass} -install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/gnome-ssh-askpass +install contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/gnome-ssh-askpass %endif %if ! %{scard} @@ -391,7 +410,7 @@ fi %doc x11-ssh-askpass-%{aversion}/README %doc x11-ssh-askpass-%{aversion}/ChangeLog %doc x11-ssh-askpass-%{aversion}/SshAskpass*.ad -%attr(0755,root,root) %{_libexecdir}/openssh/ssh-askpass +%{_libexecdir}/openssh/ssh-askpass %attr(0755,root,root) %{_libexecdir}/openssh/x11-ssh-askpass %endif @@ -403,6 +422,22 @@ fi %endif %changelog +* Sat Feb 10 2018 Darren Tucker +- Update openssl-devel dependency to match current requirements. +- Handle Fedora >=6 openssl 1.0 compat libs. +- Remove SSH1 from description. +- Don't strip binaries at build time so that debuginfo package can be + created. + +* Sun Nov 16 2014 Nico Kadel-Garcia +- Add '--mandir' and '--with-mantype' for RHEL 5 compatibility +- Add 'dist' option to 'ver' so package names reflect OS at build time +- Always include x11-ssh-askpass tarball in SRPM +- Add openssh-x11-aspass BuildRequires for libXT-devel, imake, gtk2-devel +- Discard 'K5DIR' reporting, not usable inside 'mock' for RHEL 5 compatibility +- Discard obsolete '--with-rsh' configure option +- Update openssl-devel dependency to 0.9.8f, as found in autoconf + * Wed Jul 14 2010 Tim Rice - test for skip_x11_askpass (line 77) should have been for no_x11_askpass @@ -414,7 +449,7 @@ fi - Don't install profile.d scripts when not building with GNOME/GTK askpass (patch from bet@rahul.net) -* Wed Oct 01 2002 Damien Miller +* Tue Oct 01 2002 Damien Miller - Install ssh-agent setgid nobody to prevent ptrace() key theft attacks * Mon Sep 30 2002 Damien Miller @@ -460,7 +495,7 @@ fi - remove dependency on db1-devel, which has just been swallowed up whole by gnome-libs-devel -* Sun Dec 29 2001 Nalin Dahyabhai +* Sat Dec 29 2001 Nalin Dahyabhai - adjust build dependencies so that build6x actually works right (fix from Hugo van der Kooij) diff --git a/contrib/redhat/sshd.init b/contrib/redhat/sshd.init index 40c8dfd9f886..8ee5fcd3bb4f 100755 --- a/contrib/redhat/sshd.init +++ b/contrib/redhat/sshd.init @@ -40,7 +40,6 @@ start() # Create keys if necessary /usr/bin/ssh-keygen -A if [ -x /sbin/restorecon ]; then - /sbin/restorecon /etc/ssh/ssh_host_key.pub /sbin/restorecon /etc/ssh/ssh_host_rsa_key.pub /sbin/restorecon /etc/ssh/ssh_host_dsa_key.pub /sbin/restorecon /etc/ssh/ssh_host_ecdsa_key.pub diff --git a/contrib/redhat/sshd.init.old b/contrib/redhat/sshd.init.old index 0deb6080eb82..8a30f7da4a4a 100755 --- a/contrib/redhat/sshd.init.old +++ b/contrib/redhat/sshd.init.old @@ -24,7 +24,6 @@ prog="sshd" # Some functions to make the below more readable KEYGEN=/usr/bin/ssh-keygen SSHD=/usr/sbin/sshd -RSA1_KEY=/etc/ssh/ssh_host_key RSA_KEY=/etc/ssh/ssh_host_rsa_key DSA_KEY=/etc/ssh/ssh_host_dsa_key PID_FILE=/var/run/sshd.pid @@ -61,21 +60,6 @@ my_failure() { ;; esac } -do_rsa1_keygen() { - if [ ! -s $RSA1_KEY ]; then - echo -n "Generating SSH1 RSA host key: " - if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then - chmod 600 $RSA1_KEY - chmod 644 $RSA1_KEY.pub - my_success "RSA1 key generation" - echo - else - my_failure "RSA1 key generation" - echo - exit 1 - fi - fi -} do_rsa_keygen() { if [ ! -s $RSA_KEY ]; then echo -n "Generating SSH2 RSA host key: " @@ -119,7 +103,6 @@ do_restart_sanity_check() { case "$1" in start) # Create keys if necessary - do_rsa1_keygen; do_rsa_keygen; do_dsa_keygen; diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index fdb3578cbd4e..d9c4298f1c5a 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec @@ -13,7 +13,7 @@ Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation Name: openssh -Version: 7.6p1 +Version: 7.7p1 URL: https://www.openssh.com/ Release: 1 Source0: openssh-%{version}.tar.gz diff --git a/crypto_api.h b/crypto_api.h index 5820ce8fa1f6..7f45bbd69e77 100644 --- a/crypto_api.h +++ b/crypto_api.h @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto_api.h,v 1.3 2013/12/17 10:36:38 markus Exp $ */ +/* $OpenBSD: crypto_api.h,v 1.4 2017/12/14 21:07:39 naddy Exp $ */ /* * Assembled from generated headers and source files by Markus Friedl. @@ -8,6 +8,8 @@ #ifndef crypto_api_h #define crypto_api_h +#include "includes.h" + #ifdef HAVE_STDINT_H # include #endif @@ -18,12 +20,6 @@ typedef uint32_t crypto_uint32; #define randombytes(buf, buf_len) arc4random_buf((buf), (buf_len)) -#define crypto_hashblocks_sha512_STATEBYTES 64U -#define crypto_hashblocks_sha512_BLOCKBYTES 128U - -int crypto_hashblocks_sha512(unsigned char *, const unsigned char *, - unsigned long long); - #define crypto_hash_sha512_BYTES 64U int crypto_hash_sha512(unsigned char *, const unsigned char *, diff --git a/defines.h b/defines.h index f1662edcfea0..3fa5ec5a9b1a 100644 --- a/defines.h +++ b/defines.h @@ -214,24 +214,12 @@ typedef signed char int8_t; # if (SIZEOF_SHORT_INT == 2) typedef short int int16_t; # else -# ifdef _UNICOS -# if (SIZEOF_SHORT_INT == 4) -typedef short int16_t; -# else -typedef long int16_t; -# endif -# else # error "16 bit int type not found." -# endif /* _UNICOS */ # endif # if (SIZEOF_INT == 4) typedef int int32_t; # else -# ifdef _UNICOS -typedef long int32_t; -# else # error "32 bit int type not found." -# endif /* _UNICOS */ # endif #endif @@ -247,24 +235,12 @@ typedef unsigned char u_int8_t; # if (SIZEOF_SHORT_INT == 2) typedef unsigned short int u_int16_t; # else -# ifdef _UNICOS -# if (SIZEOF_SHORT_INT == 4) -typedef unsigned short u_int16_t; -# else -typedef unsigned long u_int16_t; -# endif -# else # error "16 bit int type not found." -# endif # endif # if (SIZEOF_INT == 4) typedef unsigned int u_int32_t; # else -# ifdef _UNICOS -typedef unsigned long u_int32_t; -# else # error "32 bit int type not found." -# endif # endif # endif #define __BIT_TYPES_DEFINED__ diff --git a/dh.c b/dh.c index 475312427805..46afba033693 100644 --- a/dh.c +++ b/dh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.c,v 1.62 2016/12/15 21:20:41 dtucker Exp $ */ +/* $OpenBSD: dh.c,v 1.63 2018/02/07 02:06:50 jsing Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * @@ -25,6 +25,7 @@ #include "includes.h" +#ifdef WITH_OPENSSL #include #include @@ -134,10 +135,8 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg) return 1; fail: - if (dhg->g != NULL) - BN_clear_free(dhg->g); - if (dhg->p != NULL) - BN_clear_free(dhg->p); + BN_clear_free(dhg->g); + BN_clear_free(dhg->p); dhg->g = dhg->p = NULL; return 0; } @@ -465,3 +464,5 @@ dh_estimate(int bits) return 7680; return 8192; } + +#endif /* WITH_OPENSSL */ diff --git a/dns.c b/dns.c index 6e1abb5300cd..ff1a2c41c29d 100644 --- a/dns.c +++ b/dns.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.c,v 1.37 2017/09/14 04:32:21 djm Exp $ */ +/* $OpenBSD: dns.c,v 1.38 2018/02/23 15:58:37 markus Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -105,6 +105,11 @@ dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type, if (!*digest_type) *digest_type = SSHFP_HASH_SHA256; break; + case KEY_XMSS: + *algorithm = SSHFP_KEY_XMSS; + if (!*digest_type) + *digest_type = SSHFP_HASH_SHA256; + break; default: *algorithm = SSHFP_KEY_RESERVED; /* 0 */ *digest_type = SSHFP_HASH_RESERVED; /* 0 */ diff --git a/dns.h b/dns.h index 68443f7cbbb8..91f3c632dd1b 100644 --- a/dns.h +++ b/dns.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.h,v 1.17 2017/09/14 04:32:21 djm Exp $ */ +/* $OpenBSD: dns.h,v 1.18 2018/02/23 15:58:37 markus Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -33,7 +33,8 @@ enum sshfp_types { SSHFP_KEY_RSA = 1, SSHFP_KEY_DSA = 2, SSHFP_KEY_ECDSA = 3, - SSHFP_KEY_ED25519 = 4 + SSHFP_KEY_ED25519 = 4, + SSHFP_KEY_XMSS = 5 }; enum sshfp_hashes { diff --git a/entropy.c b/entropy.c index 9305f89aeada..14b98f188918 100644 --- a/entropy.c +++ b/entropy.c @@ -108,7 +108,7 @@ get_random_bytes_prngd(unsigned char *buf, int len, strlen(socket_path) + 1; } - old_sigpipe = mysignal(SIGPIPE, SIG_IGN); + old_sigpipe = signal(SIGPIPE, SIG_IGN); errors = 0; rval = -1; @@ -158,7 +158,7 @@ get_random_bytes_prngd(unsigned char *buf, int len, rval = 0; done: - mysignal(SIGPIPE, old_sigpipe); + signal(SIGPIPE, old_sigpipe); if (fd != -1) close(fd); return rval; diff --git a/fixprogs b/fixprogs deleted file mode 100755 index af76ee392456..000000000000 --- a/fixprogs +++ /dev/null @@ -1,72 +0,0 @@ -#!/usr/bin/perl -# -# fixprogs - run through the list of entropy commands and -# score out the losers -# - -$entscale = 50; # divisor for optional entropy measurement - -sub usage { - return("Usage: $0 \n"); -} - -if (($#ARGV == -1) || ($#ARGV>1)) { - die(&usage); -} - -# 'undocumented' option - run ent (in second param) on the output -if ($#ARGV==1) { - $entcmd=$ARGV[1] -} else { - $entcmd = "" -}; - -$infilename = $ARGV[0]; - -if (!open(IN, "<".$infilename)) { - die("Couldn't open input file"); -} -$outfilename=$infilename.".out"; -if (!open(OUT, ">$outfilename")) { - die("Couldn't open output file $outfilename"); -} -@infile=; - -select(OUT); $|=1; select(STDOUT); - -foreach (@infile) { - if (/^\s*\#/ || /^\s*$/) { - print OUT; - next; - } - ($cmd, $path, $est) = /^\"([^\"]+)\"\s+([\w\/_-]+)\s+([\d\.\-]+)/o; - @args = split(/ /, $cmd); - if (! ($pid = fork())) { - # child - close STDIN; close STDOUT; close STDERR; - open (STDIN, "/dev/null"); - open (STDERR, ">/dev/null"); - exec $path @args; - exit 1; # shouldn't be here - } - # parent - waitpid ($pid, 0); $ret=$? >> 8; - - if ($ret != 0) { - $path = "undef"; - } else { - if ($entcmd ne "") { - # now try to run ent on the command - $mostargs=join(" ", splice(@args,1)); - print "Evaluating '$path $mostargs'\n"; - @ent = qx{$path $mostargs | $entcmd -b -t}; - @ent = grep(/^1,/, @ent); - ($null, $null, $rate) = split(/,/, $ent[0]); - $est = $rate / $entscale; # scale the estimate back - } - } - print OUT "\"$cmd\" $path $est\n"; -} - -close(IN); diff --git a/hash.c b/hash.c index 734c6bee2af3..5875d41fafa7 100644 --- a/hash.c +++ b/hash.c @@ -1,76 +1,27 @@ -/* $OpenBSD: hash.c,v 1.3 2013/12/09 11:03:45 markus Exp $ */ - -/* Copied from nacl-20110221/crypto_hash/sha512/ref/hash.c */ +/* $OpenBSD: hash.c,v 1.4 2017/12/14 21:07:39 naddy Exp $ */ +/* $OpenBSD: hash.c,v 1.5 2018/01/13 00:24:09 naddy Exp $ */ /* -20080913 -D. J. Bernstein -Public domain. -*/ - -#include "includes.h" + * Public domain. Author: Christian Weisgerber + * API compatible reimplementation of function from nacl + */ #include "crypto_api.h" -#define blocks crypto_hashblocks_sha512 +#include -static const unsigned char iv[64] = { - 0x6a,0x09,0xe6,0x67,0xf3,0xbc,0xc9,0x08, - 0xbb,0x67,0xae,0x85,0x84,0xca,0xa7,0x3b, - 0x3c,0x6e,0xf3,0x72,0xfe,0x94,0xf8,0x2b, - 0xa5,0x4f,0xf5,0x3a,0x5f,0x1d,0x36,0xf1, - 0x51,0x0e,0x52,0x7f,0xad,0xe6,0x82,0xd1, - 0x9b,0x05,0x68,0x8c,0x2b,0x3e,0x6c,0x1f, - 0x1f,0x83,0xd9,0xab,0xfb,0x41,0xbd,0x6b, - 0x5b,0xe0,0xcd,0x19,0x13,0x7e,0x21,0x79 -} ; +#include "digest.h" +#include "log.h" +#include "ssherr.h" -typedef unsigned long long uint64; - -int crypto_hash_sha512(unsigned char *out,const unsigned char *in,unsigned long long inlen) +int +crypto_hash_sha512(unsigned char *out, const unsigned char *in, + unsigned long long inlen) { - unsigned char h[64]; - unsigned char padded[256]; - unsigned int i; - unsigned long long bytes = inlen; + int r; - for (i = 0;i < 64;++i) h[i] = iv[i]; - - blocks(h,in,inlen); - in += inlen; - inlen &= 127; - in -= inlen; - - for (i = 0;i < inlen;++i) padded[i] = in[i]; - padded[inlen] = 0x80; - - if (inlen < 112) { - for (i = inlen + 1;i < 119;++i) padded[i] = 0; - padded[119] = bytes >> 61; - padded[120] = bytes >> 53; - padded[121] = bytes >> 45; - padded[122] = bytes >> 37; - padded[123] = bytes >> 29; - padded[124] = bytes >> 21; - padded[125] = bytes >> 13; - padded[126] = bytes >> 5; - padded[127] = bytes << 3; - blocks(h,padded,128); - } else { - for (i = inlen + 1;i < 247;++i) padded[i] = 0; - padded[247] = bytes >> 61; - padded[248] = bytes >> 53; - padded[249] = bytes >> 45; - padded[250] = bytes >> 37; - padded[251] = bytes >> 29; - padded[252] = bytes >> 21; - padded[253] = bytes >> 13; - padded[254] = bytes >> 5; - padded[255] = bytes << 3; - blocks(h,padded,256); - } - - for (i = 0;i < 64;++i) out[i] = h[i]; - - return 0; + if ((r = ssh_digest_memory(SSH_DIGEST_SHA512, in, inlen, out, + crypto_hash_sha512_BYTES)) != 0) + fatal("%s: %s", __func__, ssh_err(r)); + return 0; } diff --git a/install-sh b/install-sh index 220abbf61677..377bb8687ffe 100755 --- a/install-sh +++ b/install-sh @@ -1,251 +1,527 @@ #!/bin/sh -# # install - install a program, script, or datafile -# This comes from X11R5 (mit/util/scripts/install.sh). + +scriptversion=2011-11-20.07; # UTC + +# This originates from X11R5 (mit/util/scripts/install.sh), which was +# later released in X11R6 (xc/config/util/install.sh) with the +# following copyright and license. # -# Copyright 1991 by the Massachusetts Institute of Technology +# Copyright (C) 1994 X Consortium # -# Permission to use, copy, modify, distribute, and sell this software and its -# documentation for any purpose is hereby granted without fee, provided that -# the above copyright notice appear in all copies and that both that -# copyright notice and this permission notice appear in supporting -# documentation, and that the name of M.I.T. not be used in advertising or -# publicity pertaining to distribution of the software without specific, -# written prior permission. M.I.T. makes no representations about the -# suitability of this software for any purpose. It is provided "as is" -# without express or implied warranty. +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to +# deal in the Software without restriction, including without limitation the +# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or +# sell copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +# AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC- +# TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +# +# Except as contained in this notice, the name of the X Consortium shall not +# be used in advertising or otherwise to promote the sale, use or other deal- +# ings in this Software without prior written authorization from the X Consor- +# tium. +# +# +# FSF changes to this file are in the public domain. # # Calling this script install-sh is preferred over install.sh, to prevent -# `make' implicit rules from creating a file called install from it +# 'make' implicit rules from creating a file called install from it # when there is no Makefile. # # This script is compatible with the BSD install script, but was written -# from scratch. It can only install one file at a time, a restriction -# shared with many OS's install programs. +# from scratch. +nl=' +' +IFS=" "" $nl" # set DOITPROG to echo to test this script # Don't use :- since 4.3BSD and earlier shells don't like it. -doit="${DOITPROG-}" - - -# put in absolute paths if you don't have them in your path; or use env. vars. - -mvprog="${MVPROG-mv}" -cpprog="${CPPROG-cp}" -chmodprog="${CHMODPROG-chmod}" -chownprog="${CHOWNPROG-chown}" -chgrpprog="${CHGRPPROG-chgrp}" -stripprog="${STRIPPROG-strip}" -rmprog="${RMPROG-rm}" -mkdirprog="${MKDIRPROG-mkdir}" - -transformbasename="" -transform_arg="" -instcmd="$mvprog" -chmodcmd="$chmodprog 0755" -chowncmd="" -chgrpcmd="" -stripcmd="" -rmcmd="$rmprog -f" -mvcmd="$mvprog" -src="" -dst="" -dir_arg="" - -while [ x"$1" != x ]; do - case $1 in - -c) instcmd="$cpprog" - shift - continue;; - - -d) dir_arg=true - shift - continue;; - - -m) chmodcmd="$chmodprog $2" - shift - shift - continue;; - - -o) chowncmd="$chownprog $2" - shift - shift - continue;; - - -g) chgrpcmd="$chgrpprog $2" - shift - shift - continue;; - - -s) stripcmd="$stripprog" - shift - continue;; - - -t=*) transformarg=`echo $1 | sed 's/-t=//'` - shift - continue;; - - -b=*) transformbasename=`echo $1 | sed 's/-b=//'` - shift - continue;; - - *) if [ x"$src" = x ] - then - src=$1 - else - # this colon is to work around a 386BSD /bin/sh bug - : - dst=$1 - fi - shift - continue;; - esac -done - -if [ x"$src" = x ] -then - echo "install: no input file specified" - exit 1 +doit=${DOITPROG-} +if test -z "$doit"; then + doit_exec=exec else - true + doit_exec=$doit fi -if [ x"$dir_arg" != x ]; then - dst=$src - src="" - - if [ -d $dst ]; then - instcmd=: - chmodcmd="" - else - instcmd=mkdir - fi -else +# Put in absolute file names if you don't have them in your path; +# or use environment vars. -# Waiting for this to be detected by the "$instcmd $src $dsttmp" command -# might cause directories to be created, which would be especially bad -# if $src (and thus $dsttmp) contains '*'. +chgrpprog=${CHGRPPROG-chgrp} +chmodprog=${CHMODPROG-chmod} +chownprog=${CHOWNPROG-chown} +cmpprog=${CMPPROG-cmp} +cpprog=${CPPROG-cp} +mkdirprog=${MKDIRPROG-mkdir} +mvprog=${MVPROG-mv} +rmprog=${RMPROG-rm} +stripprog=${STRIPPROG-strip} - if [ -f $src -o -d $src ] - then - true - else - echo "install: $src does not exist" - exit 1 - fi - - if [ x"$dst" = x ] - then - echo "install: no destination specified" - exit 1 - else - true - fi - -# If destination is a directory, append the input filename; if your system -# does not like double slashes in filenames, you may need to add some logic - - if [ -d $dst ] - then - dst="$dst"/`basename $src` - else - true - fi -fi - -## this sed command emulates the dirname command -dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'` - -# Make sure that the destination directory exists. -# this part is taken from Noah Friedman's mkinstalldirs script - -# Skip lots of stat calls in the usual case. -if [ ! -d "$dstdir" ]; then -defaultIFS=' +posix_glob='?' +initialize_posix_glob=' + test "$posix_glob" != "?" || { + if (set -f) 2>/dev/null; then + posix_glob= + else + posix_glob=: + fi + } ' -IFS="${IFS-${defaultIFS}}" -oIFS="${IFS}" -# Some sh's can't handle IFS=/ for some reason. -IFS='%' -set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'` -IFS="${oIFS}" +posix_mkdir= -pathcomp='' +# Desired mode of installed file. +mode=0755 -while [ $# -ne 0 ] ; do - pathcomp="${pathcomp}${1}" - shift +chgrpcmd= +chmodcmd=$chmodprog +chowncmd= +mvcmd=$mvprog +rmcmd="$rmprog -f" +stripcmd= - if [ ! -d "${pathcomp}" ] ; - then - $mkdirprog "${pathcomp}" - else - true - fi +src= +dst= +dir_arg= +dst_arg= - pathcomp="${pathcomp}/" +copy_on_change=false +no_target_directory= + +usage="\ +Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE + or: $0 [OPTION]... SRCFILES... DIRECTORY + or: $0 [OPTION]... -t DIRECTORY SRCFILES... + or: $0 [OPTION]... -d DIRECTORIES... + +In the 1st form, copy SRCFILE to DSTFILE. +In the 2nd and 3rd, copy all SRCFILES to DIRECTORY. +In the 4th, create DIRECTORIES. + +Options: + --help display this help and exit. + --version display version info and exit. + + -c (ignored) + -C install only if different (preserve the last data modification time) + -d create directories instead of installing files. + -g GROUP $chgrpprog installed files to GROUP. + -m MODE $chmodprog installed files to MODE. + -o USER $chownprog installed files to USER. + -s $stripprog installed files. + -t DIRECTORY install into DIRECTORY. + -T report an error if DSTFILE is a directory. + +Environment variables override the default commands: + CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG + RMPROG STRIPPROG +" + +while test $# -ne 0; do + case $1 in + -c) ;; + + -C) copy_on_change=true;; + + -d) dir_arg=true;; + + -g) chgrpcmd="$chgrpprog $2" + shift;; + + --help) echo "$usage"; exit $?;; + + -m) mode=$2 + case $mode in + *' '* | *' '* | *' +'* | *'*'* | *'?'* | *'['*) + echo "$0: invalid mode: $mode" >&2 + exit 1;; + esac + shift;; + + -o) chowncmd="$chownprog $2" + shift;; + + -s) stripcmd=$stripprog;; + + -t) dst_arg=$2 + # Protect names problematic for 'test' and other utilities. + case $dst_arg in + -* | [=\(\)!]) dst_arg=./$dst_arg;; + esac + shift;; + + -T) no_target_directory=true;; + + --version) echo "$0 $scriptversion"; exit $?;; + + --) shift + break;; + + -*) echo "$0: invalid option: $1" >&2 + exit 1;; + + *) break;; + esac + shift done + +if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then + # When -d is used, all remaining arguments are directories to create. + # When -t is used, the destination is already specified. + # Otherwise, the last argument is the destination. Remove it from $@. + for arg + do + if test -n "$dst_arg"; then + # $@ is not empty: it contains at least $arg. + set fnord "$@" "$dst_arg" + shift # fnord + fi + shift # arg + dst_arg=$arg + # Protect names problematic for 'test' and other utilities. + case $dst_arg in + -* | [=\(\)!]) dst_arg=./$dst_arg;; + esac + done fi -if [ x"$dir_arg" != x ] -then - $doit $instcmd $dst && +if test $# -eq 0; then + if test -z "$dir_arg"; then + echo "$0: no input file specified." >&2 + exit 1 + fi + # It's OK to call 'install-sh -d' without argument. + # This can happen when creating conditional directories. + exit 0 +fi - if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi && - if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi && - if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi && - if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi -else +if test -z "$dir_arg"; then + do_exit='(exit $ret); exit $ret' + trap "ret=129; $do_exit" 1 + trap "ret=130; $do_exit" 2 + trap "ret=141; $do_exit" 13 + trap "ret=143; $do_exit" 15 -# If we're going to rename the final executable, determine the name now. + # Set umask so as not to create temps with too-generous modes. + # However, 'strip' requires both read and write access to temps. + case $mode in + # Optimize common cases. + *644) cp_umask=133;; + *755) cp_umask=22;; - if [ x"$transformarg" = x ] - then - dstfile=`basename $dst` + *[0-7]) + if test -z "$stripcmd"; then + u_plus_rw= + else + u_plus_rw='% 200' + fi + cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;; + *) + if test -z "$stripcmd"; then + u_plus_rw= + else + u_plus_rw=,u+rw + fi + cp_umask=$mode$u_plus_rw;; + esac +fi + +for src +do + # Protect names problematic for 'test' and other utilities. + case $src in + -* | [=\(\)!]) src=./$src;; + esac + + if test -n "$dir_arg"; then + dst=$src + dstdir=$dst + test -d "$dstdir" + dstdir_status=$? + else + + # Waiting for this to be detected by the "$cpprog $src $dsttmp" command + # might cause directories to be created, which would be especially bad + # if $src (and thus $dsttmp) contains '*'. + if test ! -f "$src" && test ! -d "$src"; then + echo "$0: $src does not exist." >&2 + exit 1 + fi + + if test -z "$dst_arg"; then + echo "$0: no destination specified." >&2 + exit 1 + fi + dst=$dst_arg + + # If destination is a directory, append the input filename; won't work + # if double slashes aren't ignored. + if test -d "$dst"; then + if test -n "$no_target_directory"; then + echo "$0: $dst_arg: Is a directory" >&2 + exit 1 + fi + dstdir=$dst + dst=$dstdir/`basename "$src"` + dstdir_status=0 + else + # Prefer dirname, but fall back on a substitute if dirname fails. + dstdir=` + (dirname "$dst") 2>/dev/null || + expr X"$dst" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$dst" : 'X\(//\)[^/]' \| \ + X"$dst" : 'X\(//\)$' \| \ + X"$dst" : 'X\(/\)' \| . 2>/dev/null || + echo X"$dst" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q' + ` + + test -d "$dstdir" + dstdir_status=$? + fi + fi + + obsolete_mkdir_used=false + + if test $dstdir_status != 0; then + case $posix_mkdir in + '') + # Create intermediate dirs using mode 755 as modified by the umask. + # This is like FreeBSD 'install' as of 1997-10-28. + umask=`umask` + case $stripcmd.$umask in + # Optimize common cases. + *[2367][2367]) mkdir_umask=$umask;; + .*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;; + + *[0-7]) + mkdir_umask=`expr $umask + 22 \ + - $umask % 100 % 40 + $umask % 20 \ + - $umask % 10 % 4 + $umask % 2 + `;; + *) mkdir_umask=$umask,go-w;; + esac + + # With -d, create the new directory with the user-specified mode. + # Otherwise, rely on $mkdir_umask. + if test -n "$dir_arg"; then + mkdir_mode=-m$mode else - dstfile=`basename $dst $transformbasename | - sed $transformarg`$transformbasename + mkdir_mode= fi -# don't allow the sed command to completely eliminate the filename + posix_mkdir=false + case $umask in + *[123567][0-7][0-7]) + # POSIX mkdir -p sets u+wx bits regardless of umask, which + # is incompatible with FreeBSD 'install' when (umask & 300) != 0. + ;; + *) + tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$ + trap 'ret=$?; rmdir "$tmpdir/d" "$tmpdir" 2>/dev/null; exit $ret' 0 - if [ x"$dstfile" = x ] - then - dstfile=`basename $dst` + if (umask $mkdir_umask && + exec $mkdirprog $mkdir_mode -p -- "$tmpdir/d") >/dev/null 2>&1 + then + if test -z "$dir_arg" || { + # Check for POSIX incompatibilities with -m. + # HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or + # other-writable bit of parent directory when it shouldn't. + # FreeBSD 6.1 mkdir -m -p sets mode of existing directory. + ls_ld_tmpdir=`ls -ld "$tmpdir"` + case $ls_ld_tmpdir in + d????-?r-*) different_mode=700;; + d????-?--*) different_mode=755;; + *) false;; + esac && + $mkdirprog -m$different_mode -p -- "$tmpdir" && { + ls_ld_tmpdir_1=`ls -ld "$tmpdir"` + test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1" + } + } + then posix_mkdir=: + fi + rmdir "$tmpdir/d" "$tmpdir" + else + # Remove any dirs left behind by ancient mkdir implementations. + rmdir ./$mkdir_mode ./-p ./-- 2>/dev/null + fi + trap '' 0;; + esac;; + esac + + if + $posix_mkdir && ( + umask $mkdir_umask && + $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir" + ) + then : + else + + # The umask is ridiculous, or mkdir does not conform to POSIX, + # or it failed possibly due to a race condition. Create the + # directory the slow way, step by step, checking for races as we go. + + case $dstdir in + /*) prefix='/';; + [-=\(\)!]*) prefix='./';; + *) prefix='';; + esac + + eval "$initialize_posix_glob" + + oIFS=$IFS + IFS=/ + $posix_glob set -f + set fnord $dstdir + shift + $posix_glob set +f + IFS=$oIFS + + prefixes= + + for d + do + test X"$d" = X && continue + + prefix=$prefix$d + if test -d "$prefix"; then + prefixes= else - true + if $posix_mkdir; then + (umask=$mkdir_umask && + $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break + # Don't fail if two instances are running concurrently. + test -d "$prefix" || exit 1 + else + case $prefix in + *\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;; + *) qprefix=$prefix;; + esac + prefixes="$prefixes '$qprefix'" + fi fi + prefix=$prefix/ + done -# Make a temp file name in the proper directory. + if test -n "$prefixes"; then + # Don't fail if two instances are running concurrently. + (umask $mkdir_umask && + eval "\$doit_exec \$mkdirprog $prefixes") || + test -d "$dstdir" || exit 1 + obsolete_mkdir_used=true + fi + fi + fi - dsttmp=$dstdir/#inst.$$# + if test -n "$dir_arg"; then + { test -z "$chowncmd" || $doit $chowncmd "$dst"; } && + { test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } && + { test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false || + test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1 + else -# Move or copy the file name to the temp name + # Make a couple of temp file names in the proper directory. + dsttmp=$dstdir/_inst.$$_ + rmtmp=$dstdir/_rm.$$_ - $doit $instcmd $src $dsttmp && + # Trap to clean up those temp files at exit. + trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0 - trap "rm -f ${dsttmp}" 0 && + # Copy the file name to the temp name. + (umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") && -# and set any options; do chmod last to preserve setuid bits + # and set any options; do chmod last to preserve setuid bits. + # + # If any of these fail, we abort the whole thing. If we want to + # ignore errors from any of these, just make sure not to ignore + # errors from the above "$doit $cpprog $src $dsttmp" command. + # + { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } && + { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } && + { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } && + { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } && -# If any of these fail, we abort the whole thing. If we want to -# ignore errors from any of these, just make sure not to ignore -# errors from the above "$doit $instcmd $src $dsttmp" command. + # If -C, don't bother to copy if it wouldn't change the file. + if $copy_on_change && + old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` && + new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` && - if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi && - if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi && - if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi && - if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi && + eval "$initialize_posix_glob" && + $posix_glob set -f && + set X $old && old=:$2:$4:$5:$6 && + set X $new && new=:$2:$4:$5:$6 && + $posix_glob set +f && -# Now rename the file to the real destination. + test "$old" = "$new" && + $cmpprog "$dst" "$dsttmp" >/dev/null 2>&1 + then + rm -f "$dsttmp" + else + # Rename the file to the real destination. + $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null || - $doit $rmcmd -f $dstdir/$dstfile && - $doit $mvcmd $dsttmp $dstdir/$dstfile + # The rename failed, perhaps because mv can't rename something else + # to itself, or perhaps because mv is so ancient that it does not + # support -f. + { + # Now remove or move aside any old file at destination location. + # We try this two ways since rm can't unlink itself on some + # systems and the destination file might be busy for other + # reasons. In this case, the final cleanup might fail but the new + # file should still install successfully. + { + test ! -f "$dst" || + $doit $rmcmd -f "$dst" 2>/dev/null || + { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null && + { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; } + } || + { echo "$0: cannot unlink or rename $dst" >&2 + (exit 1); exit 1 + } + } && -fi && + # Now rename the file to the real destination. + $doit $mvcmd "$dsttmp" "$dst" + } + fi || exit 1 + trap '' 0 + fi +done -exit 0 +# Local variables: +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: diff --git a/kex.c b/kex.c index d5d5a9dae996..15ea28b07f5b 100644 --- a/kex.c +++ b/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.134 2017/06/13 12:13:59 djm Exp $ */ +/* $OpenBSD: kex.c,v 1.136 2018/02/07 02:06:50 jsing Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -587,11 +587,9 @@ kex_free(struct kex *kex) u_int mode; #ifdef WITH_OPENSSL - if (kex->dh) - DH_free(kex->dh); + DH_free(kex->dh); #ifdef OPENSSL_HAS_ECC - if (kex->ec_client_key) - EC_KEY_free(kex->ec_client_key); + EC_KEY_free(kex->ec_client_key); #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ for (mode = 0; mode < MODE_MAX; mode++) { @@ -675,9 +673,6 @@ choose_mac(struct ssh *ssh, struct sshmac *mac, char *client, char *server) free(name); return SSH_ERR_INTERNAL_ERROR; } - /* truncate the key */ - if (ssh->compat & SSH_BUG_HMAC) - mac->key_len = 16; mac->name = name; mac->key = NULL; mac->enabled = 0; @@ -866,8 +861,7 @@ kex_choose_conf(struct ssh *ssh) kex->dh_need = dh_need; /* ignore the next message if the proposals do not match */ - if (first_kex_follows && !proposals_match(my, peer) && - !(ssh->compat & SSH_BUG_FIRSTKEX)) + if (first_kex_follows && !proposals_match(my, peer)) ssh->dispatch_skip_packets = 1; r = 0; out: diff --git a/kexc25519c.c b/kexc25519c.c index e488013e93cd..a8d92149c3fd 100644 --- a/kexc25519c.c +++ b/kexc25519c.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexc25519c.c,v 1.8 2017/05/31 04:17:12 djm Exp $ */ +/* $OpenBSD: kexc25519c.c,v 1.9 2017/12/18 02:25:15 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -141,7 +141,7 @@ input_kex_c25519_reply(int type, u_int32_t seq, struct ssh *ssh) goto out; if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen, - ssh->compat)) != 0) + kex->hostkey_alg, ssh->compat)) != 0) goto out; /* save session id */ diff --git a/kexc25519s.c b/kexc25519s.c index 0a008d44746f..0800a7a4bcf4 100644 --- a/kexc25519s.c +++ b/kexc25519s.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexc25519s.c,v 1.10 2015/12/04 16:41:28 markus Exp $ */ +/* $OpenBSD: kexc25519s.c,v 1.11 2017/05/31 04:19:28 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. diff --git a/kexdhc.c b/kexdhc.c index 9864ee2ec92e..9a9f1ea784e8 100644 --- a/kexdhc.c +++ b/kexdhc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexdhc.c,v 1.20 2017/05/30 14:23:52 markus Exp $ */ +/* $OpenBSD: kexdhc.c,v 1.22 2018/02/07 02:06:51 jsing Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -183,7 +183,7 @@ input_kex_dh(int type, u_int32_t seq, struct ssh *ssh) goto out; if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen, - ssh->compat)) != 0) + kex->hostkey_alg, ssh->compat)) != 0) goto out; /* save session id */ @@ -203,14 +203,12 @@ input_kex_dh(int type, u_int32_t seq, struct ssh *ssh) explicit_bzero(hash, sizeof(hash)); DH_free(kex->dh); kex->dh = NULL; - if (dh_server_pub) - BN_clear_free(dh_server_pub); + BN_clear_free(dh_server_pub); if (kbuf) { explicit_bzero(kbuf, klen); free(kbuf); } - if (shared_secret) - BN_clear_free(shared_secret); + BN_clear_free(shared_secret); sshkey_free(server_host_key); free(server_host_key_blob); free(signature); diff --git a/kexdhs.c b/kexdhs.c index 81ce56d7a5ad..da8f4c439fb7 100644 --- a/kexdhs.c +++ b/kexdhs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexdhs.c,v 1.25 2017/05/30 14:23:52 markus Exp $ */ +/* $OpenBSD: kexdhs.c,v 1.26 2018/02/07 02:06:51 jsing Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -208,14 +208,12 @@ input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh) explicit_bzero(hash, sizeof(hash)); DH_free(kex->dh); kex->dh = NULL; - if (dh_client_pub) - BN_clear_free(dh_client_pub); + BN_clear_free(dh_client_pub); if (kbuf) { explicit_bzero(kbuf, klen); free(kbuf); } - if (shared_secret) - BN_clear_free(shared_secret); + BN_clear_free(shared_secret); free(server_host_key_blob); free(signature); return r; diff --git a/kexecdhc.c b/kexecdhc.c index d8a8b660fd56..ac146a362ee0 100644 --- a/kexecdhc.c +++ b/kexecdhc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexecdhc.c,v 1.11 2017/05/30 14:23:52 markus Exp $ */ +/* $OpenBSD: kexecdhc.c,v 1.13 2018/02/07 02:06:51 jsing Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -89,8 +89,7 @@ kexecdh_client(struct ssh *ssh) ssh_dispatch_set(ssh, SSH2_MSG_KEX_ECDH_REPLY, &input_kex_ecdh_reply); r = 0; out: - if (client_key) - EC_KEY_free(client_key); + EC_KEY_free(client_key); return r; } @@ -188,7 +187,7 @@ input_kex_ecdh_reply(int type, u_int32_t seq, struct ssh *ssh) goto out; if ((r = sshkey_verify(server_host_key, signature, slen, hash, - hashlen, ssh->compat)) != 0) + hashlen, kex->hostkey_alg, ssh->compat)) != 0) goto out; /* save session id */ @@ -206,18 +205,14 @@ input_kex_ecdh_reply(int type, u_int32_t seq, struct ssh *ssh) r = kex_send_newkeys(ssh); out: explicit_bzero(hash, sizeof(hash)); - if (kex->ec_client_key) { - EC_KEY_free(kex->ec_client_key); - kex->ec_client_key = NULL; - } - if (server_public) - EC_POINT_clear_free(server_public); + EC_KEY_free(kex->ec_client_key); + kex->ec_client_key = NULL; + EC_POINT_clear_free(server_public); if (kbuf) { explicit_bzero(kbuf, klen); free(kbuf); } - if (shared_secret) - BN_clear_free(shared_secret); + BN_clear_free(shared_secret); sshkey_free(server_host_key); free(server_host_key_blob); free(signature); diff --git a/kexecdhs.c b/kexecdhs.c index dc24a3af609b..af4f30309971 100644 --- a/kexecdhs.c +++ b/kexecdhs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexecdhs.c,v 1.16 2017/05/30 14:23:52 markus Exp $ */ +/* $OpenBSD: kexecdhs.c,v 1.17 2018/02/07 02:06:51 jsing Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -187,18 +187,14 @@ input_kex_ecdh_init(int type, u_int32_t seq, struct ssh *ssh) r = kex_send_newkeys(ssh); out: explicit_bzero(hash, sizeof(hash)); - if (kex->ec_client_key) { - EC_KEY_free(kex->ec_client_key); - kex->ec_client_key = NULL; - } - if (server_key) - EC_KEY_free(server_key); + EC_KEY_free(kex->ec_client_key); + kex->ec_client_key = NULL; + EC_KEY_free(server_key); if (kbuf) { explicit_bzero(kbuf, klen); free(kbuf); } - if (shared_secret) - BN_clear_free(shared_secret); + BN_clear_free(shared_secret); free(server_host_key_blob); free(signature); return r; diff --git a/kexgexc.c b/kexgexc.c index cd11287525b6..762a9a322958 100644 --- a/kexgexc.c +++ b/kexgexc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgexc.c,v 1.25 2017/05/30 14:23:52 markus Exp $ */ +/* $OpenBSD: kexgexc.c,v 1.27 2018/02/07 02:06:51 jsing Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -134,10 +134,8 @@ input_kex_dh_gex_group(int type, u_int32_t seq, struct ssh *ssh) ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_REPLY, &input_kex_dh_gex_reply); r = 0; out: - if (p) - BN_clear_free(p); - if (g) - BN_clear_free(g); + BN_clear_free(p); + BN_clear_free(g); return r; } @@ -230,7 +228,7 @@ input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh) goto out; if ((r = sshkey_verify(server_host_key, signature, slen, hash, - hashlen, ssh->compat)) != 0) + hashlen, kex->hostkey_alg, ssh->compat)) != 0) goto out; /* save session id */ @@ -250,14 +248,12 @@ input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh) explicit_bzero(hash, sizeof(hash)); DH_free(kex->dh); kex->dh = NULL; - if (dh_server_pub) - BN_clear_free(dh_server_pub); + BN_clear_free(dh_server_pub); if (kbuf) { explicit_bzero(kbuf, klen); free(kbuf); } - if (shared_secret) - BN_clear_free(shared_secret); + BN_clear_free(shared_secret); sshkey_free(server_host_key); free(server_host_key_blob); free(signature); diff --git a/kexgexs.c b/kexgexs.c index c5dd00578a33..d7b48ea88808 100644 --- a/kexgexs.c +++ b/kexgexs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgexs.c,v 1.31 2017/05/30 14:23:52 markus Exp $ */ +/* $OpenBSD: kexgexs.c,v 1.32 2018/02/07 02:06:51 jsing Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -237,14 +237,12 @@ input_kex_dh_gex_init(int type, u_int32_t seq, struct ssh *ssh) out: DH_free(kex->dh); kex->dh = NULL; - if (dh_client_pub) - BN_clear_free(dh_client_pub); + BN_clear_free(dh_client_pub); if (kbuf) { explicit_bzero(kbuf, klen); free(kbuf); } - if (shared_secret) - BN_clear_free(shared_secret); + BN_clear_free(shared_secret); free(server_host_key_blob); free(signature); return r; diff --git a/key.c b/key.c index 6e338c495bbb..a05fdd3c07c8 100644 --- a/key.c +++ b/key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: key.c,v 1.131 2017/05/30 14:16:41 markus Exp $ */ +/* $OpenBSD: key.c,v 1.132 2017/12/18 02:25:15 djm Exp $ */ /* * placed in the public domain */ @@ -95,21 +95,6 @@ key_sign(const Key *key, u_char **sigp, u_int *lenp, return 0; } -int -key_verify(const Key *key, const u_char *signature, u_int signaturelen, - const u_char *data, u_int datalen) -{ - int r; - - if ((r = sshkey_verify(key, signature, signaturelen, - data, datalen, datafellows)) != 0) { - fatal_on_fatal_errors(r, __func__, 0); - error("%s: %s", __func__, ssh_err(r)); - return r == SSH_ERR_SIGNATURE_INVALID ? 0 : -1; - } - return 1; -} - Key * key_demote(const Key *k) { diff --git a/key.h b/key.h index a14f370376c0..fd59cbf544d4 100644 --- a/key.h +++ b/key.h @@ -1,4 +1,4 @@ -/* $OpenBSD: key.h,v 1.51 2017/05/30 14:16:41 markus Exp $ */ +/* $OpenBSD: key.h,v 1.52 2017/12/18 02:25:15 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -58,7 +58,6 @@ int key_to_blob(const Key *, u_char **, u_int *); int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int, const char *); -int key_verify(const Key *, const u_char *, u_int, const u_char *, u_int); /* authfile.c */ Key *key_load_cert(const char *); diff --git a/krl.c b/krl.c index 086fc20e5933..379153247b37 100644 --- a/krl.c +++ b/krl.c @@ -14,7 +14,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: krl.c,v 1.40 2017/05/31 09:15:42 deraadt Exp $ */ +/* $OpenBSD: krl.c,v 1.41 2017/12/18 02:25:15 djm Exp $ */ #include "includes.h" @@ -1014,7 +1014,7 @@ ssh_krl_from_blob(struct sshbuf *buf, struct ssh_krl **krlp, } /* Check signature over entire KRL up to this point */ if ((r = sshkey_verify(key, blob, blen, - sshbuf_ptr(buf), sig_off, 0)) != 0) + sshbuf_ptr(buf), sig_off, NULL, 0)) != 0) goto out; /* Check if this key has already signed this KRL */ for (i = 0; i < nca_used; i++) { diff --git a/loginrec.c b/loginrec.c index 788553e9204d..bdbc9bbf44f7 100644 --- a/loginrec.c +++ b/loginrec.c @@ -663,15 +663,9 @@ construct_utmp(struct logininfo *li, switch (li->type) { case LTYPE_LOGIN: ut->ut_type = USER_PROCESS; -#ifdef _UNICOS - cray_set_tmpdir(ut); -#endif break; case LTYPE_LOGOUT: ut->ut_type = DEAD_PROCESS; -#ifdef _UNICOS - cray_retain_utmp(ut, li->pid); -#endif break; } # endif diff --git a/md5crypt.c b/md5crypt.c index 22ef9893356e..52cf2959a832 100644 --- a/md5crypt.c +++ b/md5crypt.c @@ -50,7 +50,7 @@ is_md5_salt(const char *salt) char * md5_crypt(const char *pw, const char *salt) { - static char passwd[120], salt_copy[9], *p; + static char passwd[120], salt_copy[9]; static const char *sp, *ep; unsigned char final[16]; int sl, pl, i, j; @@ -139,8 +139,6 @@ md5_crypt(const char *pw, const char *salt) MD5_Final(final, &ctx1); } - p = passwd + strlen(passwd); - l = (final[ 0]<<16) | (final[ 6]<<8) | final[12]; strlcat(passwd, to64(l, 4), sizeof(passwd)); l = (final[ 1]<<16) | (final[ 7]<<8) | final[13]; diff --git a/mdoc2man.awk b/mdoc2man.awk index 3e8725452ed3..d393ae6f1476 100644 --- a/mdoc2man.awk +++ b/mdoc2man.awk @@ -1,7 +1,5 @@ #!/usr/bin/awk # -# $Id: mdoc2man.awk,v 1.9 2009/10/24 00:52:42 dtucker Exp $ -# # Version history: # v4+ Adapted for OpenSSH Portable (see cvs Id and history) # v3, I put the program under a proper license diff --git a/misc.c b/misc.c index 05950a471246..874dcc8a2344 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.113 2017/08/18 05:48:04 djm Exp $ */ +/* $OpenBSD: misc.c,v 1.127 2018/03/12 00:52:01 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005,2006 Damien Miller. All rights reserved. @@ -167,6 +167,73 @@ set_nodelay(int fd) error("setsockopt TCP_NODELAY: %.100s", strerror(errno)); } +/* Allow local port reuse in TIME_WAIT */ +int +set_reuseaddr(int fd) +{ + int on = 1; + + if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) == -1) { + error("setsockopt SO_REUSEADDR fd %d: %s", fd, strerror(errno)); + return -1; + } + return 0; +} + +/* Get/set routing domain */ +char * +get_rdomain(int fd) +{ +#if defined(HAVE_SYS_GET_RDOMAIN) + return sys_get_rdomain(fd); +#elif defined(__OpenBSD__) + int rtable; + char *ret; + socklen_t len = sizeof(rtable); + + if (getsockopt(fd, SOL_SOCKET, SO_RTABLE, &rtable, &len) == -1) { + error("Failed to get routing domain for fd %d: %s", + fd, strerror(errno)); + return NULL; + } + xasprintf(&ret, "%d", rtable); + return ret; +#else /* defined(__OpenBSD__) */ + return NULL; +#endif +} + +int +set_rdomain(int fd, const char *name) +{ +#if defined(HAVE_SYS_SET_RDOMAIN) + return sys_set_rdomain(fd, name); +#elif defined(__OpenBSD__) + int rtable; + const char *errstr; + + if (name == NULL) + return 0; /* default table */ + + rtable = (int)strtonum(name, 0, 255, &errstr); + if (errstr != NULL) { + /* Shouldn't happen */ + error("Invalid routing domain \"%s\": %s", name, errstr); + return -1; + } + if (setsockopt(fd, SOL_SOCKET, SO_RTABLE, + &rtable, sizeof(rtable)) == -1) { + error("Failed to set routing domain %d on fd %d: %s", + rtable, fd, strerror(errno)); + return -1; + } + return 0; +#else /* defined(__OpenBSD__) */ + error("Setting routing domain is not supported on this platform"); + return -1; +#endif +} + /* Characters considered whitespace in strsep calls. */ #define WHITESPACE " \t\r\n" #define QUOTE "\"" @@ -395,11 +462,12 @@ put_host_port(const char *host, u_short port) * Search for next delimiter between hostnames/addresses and ports. * Argument may be modified (for termination). * Returns *cp if parsing succeeds. - * *cp is set to the start of the next delimiter, if one was found. + * *cp is set to the start of the next field, if one was found. + * The delimiter char, if present, is stored in delim. * If this is the last field, *cp is set to NULL. */ -char * -hpdelim(char **cp) +static char * +hpdelim2(char **cp, char *delim) { char *s, *old; @@ -422,6 +490,8 @@ hpdelim(char **cp) case ':': case '/': + if (delim != NULL) + *delim = *s; *s = '\0'; /* terminate */ *cp = s + 1; break; @@ -433,6 +503,12 @@ hpdelim(char **cp) return old; } +char * +hpdelim(char **cp) +{ + return hpdelim2(cp, NULL); +} + char * cleanhostname(char *host) { @@ -466,6 +542,75 @@ colon(char *cp) return NULL; } +/* + * Parse a [user@]host:[path] string. + * Caller must free returned user, host and path. + * Any of the pointer return arguments may be NULL (useful for syntax checking). + * If user was not specified then *userp will be set to NULL. + * If host was not specified then *hostp will be set to NULL. + * If path was not specified then *pathp will be set to ".". + * Returns 0 on success, -1 on failure. + */ +int +parse_user_host_path(const char *s, char **userp, char **hostp, char **pathp) +{ + char *user = NULL, *host = NULL, *path = NULL; + char *sdup, *tmp; + int ret = -1; + + if (userp != NULL) + *userp = NULL; + if (hostp != NULL) + *hostp = NULL; + if (pathp != NULL) + *pathp = NULL; + + sdup = xstrdup(s); + + /* Check for remote syntax: [user@]host:[path] */ + if ((tmp = colon(sdup)) == NULL) + goto out; + + /* Extract optional path */ + *tmp++ = '\0'; + if (*tmp == '\0') + tmp = "."; + path = xstrdup(tmp); + + /* Extract optional user and mandatory host */ + tmp = strrchr(sdup, '@'); + if (tmp != NULL) { + *tmp++ = '\0'; + host = xstrdup(cleanhostname(tmp)); + if (*sdup != '\0') + user = xstrdup(sdup); + } else { + host = xstrdup(cleanhostname(sdup)); + user = NULL; + } + + /* Success */ + if (userp != NULL) { + *userp = user; + user = NULL; + } + if (hostp != NULL) { + *hostp = host; + host = NULL; + } + if (pathp != NULL) { + *pathp = path; + path = NULL; + } + ret = 0; +out: + free(sdup); + free(user); + free(host); + free(path); + return ret; +} + /* * Parse a [user@]host[:port] string. * Caller must free returned user and host. @@ -491,7 +636,7 @@ parse_user_host_port(const char *s, char **userp, char **hostp, int *portp) if ((sdup = tmp = strdup(s)) == NULL) return -1; /* Extract optional username */ - if ((cp = strchr(tmp, '@')) != NULL) { + if ((cp = strrchr(tmp, '@')) != NULL) { *cp = '\0'; if (*tmp == '\0') goto out; @@ -527,6 +672,168 @@ parse_user_host_port(const char *s, char **userp, char **hostp, int *portp) return ret; } +/* + * Converts a two-byte hex string to decimal. + * Returns the decimal value or -1 for invalid input. + */ +static int +hexchar(const char *s) +{ + unsigned char result[2]; + int i; + + for (i = 0; i < 2; i++) { + if (s[i] >= '0' && s[i] <= '9') + result[i] = (unsigned char)(s[i] - '0'); + else if (s[i] >= 'a' && s[i] <= 'f') + result[i] = (unsigned char)(s[i] - 'a') + 10; + else if (s[i] >= 'A' && s[i] <= 'F') + result[i] = (unsigned char)(s[i] - 'A') + 10; + else + return -1; + } + return (result[0] << 4) | result[1]; +} + +/* + * Decode an url-encoded string. + * Returns a newly allocated string on success or NULL on failure. + */ +static char * +urldecode(const char *src) +{ + char *ret, *dst; + int ch; + + ret = xmalloc(strlen(src) + 1); + for (dst = ret; *src != '\0'; src++) { + switch (*src) { + case '+': + *dst++ = ' '; + break; + case '%': + if (!isxdigit((unsigned char)src[1]) || + !isxdigit((unsigned char)src[2]) || + (ch = hexchar(src + 1)) == -1) { + free(ret); + return NULL; + } + *dst++ = ch; + src += 2; + break; + default: + *dst++ = *src; + break; + } + } + *dst = '\0'; + + return ret; +} + +/* + * Parse an (scp|ssh|sftp)://[user@]host[:port][/path] URI. + * See https://tools.ietf.org/html/draft-ietf-secsh-scp-sftp-ssh-uri-04 + * Either user or path may be url-encoded (but not host or port). + * Caller must free returned user, host and path. + * Any of the pointer return arguments may be NULL (useful for syntax checking) + * but the scheme must always be specified. + * If user was not specified then *userp will be set to NULL. + * If port was not specified then *portp will be -1. + * If path was not specified then *pathp will be set to NULL. + * Returns 0 on success, 1 if non-uri/wrong scheme, -1 on error/invalid uri. + */ +int +parse_uri(const char *scheme, const char *uri, char **userp, char **hostp, + int *portp, char **pathp) +{ + char *uridup, *cp, *tmp, ch; + char *user = NULL, *host = NULL, *path = NULL; + int port = -1, ret = -1; + size_t len; + + len = strlen(scheme); + if (strncmp(uri, scheme, len) != 0 || strncmp(uri + len, "://", 3) != 0) + return 1; + uri += len + 3; + + if (userp != NULL) + *userp = NULL; + if (hostp != NULL) + *hostp = NULL; + if (portp != NULL) + *portp = -1; + if (pathp != NULL) + *pathp = NULL; + + uridup = tmp = xstrdup(uri); + + /* Extract optional ssh-info (username + connection params) */ + if ((cp = strchr(tmp, '@')) != NULL) { + char *delim; + + *cp = '\0'; + /* Extract username and connection params */ + if ((delim = strchr(tmp, ';')) != NULL) { + /* Just ignore connection params for now */ + *delim = '\0'; + } + if (*tmp == '\0') { + /* Empty username */ + goto out; + } + if ((user = urldecode(tmp)) == NULL) + goto out; + tmp = cp + 1; + } + + /* Extract mandatory hostname */ + if ((cp = hpdelim2(&tmp, &ch)) == NULL || *cp == '\0') + goto out; + host = xstrdup(cleanhostname(cp)); + if (!valid_domain(host, 0, NULL)) + goto out; + + if (tmp != NULL && *tmp != '\0') { + if (ch == ':') { + /* Convert and verify port. */ + if ((cp = strchr(tmp, '/')) != NULL) + *cp = '\0'; + if ((port = a2port(tmp)) <= 0) + goto out; + tmp = cp ? cp + 1 : NULL; + } + if (tmp != NULL && *tmp != '\0') { + /* Extract optional path */ + if ((path = urldecode(tmp)) == NULL) + goto out; + } + } + + /* Success */ + if (userp != NULL) { + *userp = user; + user = NULL; + } + if (hostp != NULL) { + *hostp = host; + host = NULL; + } + if (portp != NULL) + *portp = port; + if (pathp != NULL) { + *pathp = path; + path = NULL; + } + ret = 0; + out: + free(uridup); + free(user); + free(host); + free(path); + return ret; +} + /* function to assist building execv() arguments */ void addargs(arglist *args, char *fmt, ...) @@ -724,16 +1031,19 @@ read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz, } int -tun_open(int tun, int mode) +tun_open(int tun, int mode, char **ifname) { #if defined(CUSTOM_SYS_TUN_OPEN) - return (sys_tun_open(tun, mode)); + return (sys_tun_open(tun, mode, ifname)); #elif defined(SSH_TUN_OPENBSD) struct ifreq ifr; char name[100]; int fd = -1, sock; const char *tunbase = "tun"; + if (ifname != NULL) + *ifname = NULL; + if (mode == SSH_TUNMODE_ETHERNET) tunbase = "tap"; @@ -780,6 +1090,9 @@ tun_open(int tun, int mode) } } + if (ifname != NULL) + *ifname = xstrdup(ifr.ifr_name); + close(sock); return fd; @@ -946,8 +1259,8 @@ ms_subtract_diff(struct timeval *start, int *ms) { struct timeval diff, finish; - gettimeofday(&finish, NULL); - timersub(&finish, start, &diff); + monotime_tv(&finish); + timersub(&finish, start, &diff); *ms -= (diff.tv_sec * 1000) + (diff.tv_usec / 1000); } @@ -960,54 +1273,63 @@ ms_to_timeval(struct timeval *tv, int ms) tv->tv_usec = (ms % 1000) * 1000; } -time_t -monotime(void) +void +monotime_ts(struct timespec *ts) { -#if defined(HAVE_CLOCK_GETTIME) && \ - (defined(CLOCK_MONOTONIC) || defined(CLOCK_BOOTTIME)) - struct timespec ts; + struct timeval tv; +#if defined(HAVE_CLOCK_GETTIME) && (defined(CLOCK_BOOTTIME) || \ + defined(CLOCK_MONOTONIC) || defined(CLOCK_REALTIME)) static int gettime_failed = 0; if (!gettime_failed) { -#if defined(CLOCK_BOOTTIME) - if (clock_gettime(CLOCK_BOOTTIME, &ts) == 0) - return (ts.tv_sec); -#endif -#if defined(CLOCK_MONOTONIC) - if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0) - return (ts.tv_sec); -#endif +# ifdef CLOCK_BOOTTIME + if (clock_gettime(CLOCK_BOOTTIME, ts) == 0) + return; +# endif /* CLOCK_BOOTTIME */ +# ifdef CLOCK_MONOTONIC + if (clock_gettime(CLOCK_MONOTONIC, ts) == 0) + return; +# endif /* CLOCK_MONOTONIC */ +# ifdef CLOCK_REALTIME + /* Not monotonic, but we're almost out of options here. */ + if (clock_gettime(CLOCK_REALTIME, ts) == 0) + return; +# endif /* CLOCK_REALTIME */ debug3("clock_gettime: %s", strerror(errno)); gettime_failed = 1; } -#endif /* HAVE_CLOCK_GETTIME && (CLOCK_MONOTONIC || CLOCK_BOOTTIME */ +#endif /* HAVE_CLOCK_GETTIME && (BOOTTIME || MONOTONIC || REALTIME) */ + gettimeofday(&tv, NULL); + ts->tv_sec = tv.tv_sec; + ts->tv_nsec = (long)tv.tv_usec * 1000; +} - return time(NULL); +void +monotime_tv(struct timeval *tv) +{ + struct timespec ts; + + monotime_ts(&ts); + tv->tv_sec = ts.tv_sec; + tv->tv_usec = ts.tv_nsec / 1000; +} + +time_t +monotime(void) +{ + struct timespec ts; + + monotime_ts(&ts); + return ts.tv_sec; } double monotime_double(void) { -#if defined(HAVE_CLOCK_GETTIME) && \ - (defined(CLOCK_MONOTONIC) || defined(CLOCK_BOOTTIME)) struct timespec ts; - static int gettime_failed = 0; - if (!gettime_failed) { -#if defined(CLOCK_BOOTTIME) - if (clock_gettime(CLOCK_BOOTTIME, &ts) == 0) - return (ts.tv_sec + (double)ts.tv_nsec / 1000000000); -#endif -#if defined(CLOCK_MONOTONIC) - if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0) - return (ts.tv_sec + (double)ts.tv_nsec / 1000000000); -#endif - debug3("clock_gettime: %s", strerror(errno)); - gettime_failed = 1; - } -#endif /* HAVE_CLOCK_GETTIME && (CLOCK_MONOTONIC || CLOCK_BOOTTIME */ - - return (double)time(NULL); + monotime_ts(&ts); + return ts.tv_sec + ((double)ts.tv_nsec / 1000000000); } void @@ -1029,7 +1351,7 @@ bandwidth_limit(struct bwlimit *bw, size_t read_len) struct timespec ts, rm; if (!timerisset(&bw->bwstart)) { - gettimeofday(&bw->bwstart, NULL); + monotime_tv(&bw->bwstart); return; } @@ -1037,7 +1359,7 @@ bandwidth_limit(struct bwlimit *bw, size_t read_len) if (bw->lamt < bw->thresh) return; - gettimeofday(&bw->bwend, NULL); + monotime_tv(&bw->bwend); timersub(&bw->bwend, &bw->bwstart, &bw->bwend); if (!timerisset(&bw->bwend)) return; @@ -1071,7 +1393,7 @@ bandwidth_limit(struct bwlimit *bw, size_t read_len) } bw->lamt = 0; - gettimeofday(&bw->bwstart, NULL); + monotime_tv(&bw->bwstart); } /* Make a template filename for mk[sd]temp() */ @@ -1172,9 +1494,10 @@ unix_listener(const char *path, int backlog, int unlink_first) memset(&sunaddr, 0, sizeof(sunaddr)); sunaddr.sun_family = AF_UNIX; - if (strlcpy(sunaddr.sun_path, path, sizeof(sunaddr.sun_path)) >= sizeof(sunaddr.sun_path)) { - error("%s: \"%s\" too long for Unix domain socket", __func__, - path); + if (strlcpy(sunaddr.sun_path, path, + sizeof(sunaddr.sun_path)) >= sizeof(sunaddr.sun_path)) { + error("%s: path \"%s\" too long for Unix domain socket", + __func__, path); errno = ENAMETOOLONG; return -1; } @@ -1182,7 +1505,7 @@ unix_listener(const char *path, int backlog, int unlink_first) sock = socket(PF_UNIX, SOCK_STREAM, 0); if (sock < 0) { saved_errno = errno; - error("socket: %.100s", strerror(errno)); + error("%s: socket: %.100s", __func__, strerror(errno)); errno = saved_errno; return -1; } @@ -1192,18 +1515,18 @@ unix_listener(const char *path, int backlog, int unlink_first) } if (bind(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0) { saved_errno = errno; - error("bind: %.100s", strerror(errno)); + error("%s: cannot bind to path %s: %s", + __func__, path, strerror(errno)); close(sock); - error("%s: cannot bind to path: %s", __func__, path); errno = saved_errno; return -1; } if (listen(sock, backlog) < 0) { saved_errno = errno; - error("listen: %.100s", strerror(errno)); + error("%s: cannot listen on path %s: %s", + __func__, path, strerror(errno)); close(sock); unlink(path); - error("%s: cannot listen on path: %s", __func__, path); errno = saved_errno; return -1; } @@ -1417,158 +1740,6 @@ argv_assemble(int argc, char **argv) return ret; } -/* - * Runs command in a subprocess wuth a minimal environment. - * Returns pid on success, 0 on failure. - * The child stdout and stderr maybe captured, left attached or sent to - * /dev/null depending on the contents of flags. - * "tag" is prepended to log messages. - * NB. "command" is only used for logging; the actual command executed is - * av[0]. - */ -pid_t -subprocess(const char *tag, struct passwd *pw, const char *command, - int ac, char **av, FILE **child, u_int flags) -{ - FILE *f = NULL; - struct stat st; - int fd, devnull, p[2], i; - pid_t pid; - char *cp, errmsg[512]; - u_int envsize; - char **child_env; - - if (child != NULL) - *child = NULL; - - debug3("%s: %s command \"%s\" running as %s (flags 0x%x)", __func__, - tag, command, pw->pw_name, flags); - - /* Check consistency */ - if ((flags & SSH_SUBPROCESS_STDOUT_DISCARD) != 0 && - (flags & SSH_SUBPROCESS_STDOUT_CAPTURE) != 0) { - error("%s: inconsistent flags", __func__); - return 0; - } - if (((flags & SSH_SUBPROCESS_STDOUT_CAPTURE) == 0) != (child == NULL)) { - error("%s: inconsistent flags/output", __func__); - return 0; - } - - /* - * If executing an explicit binary, then verify the it exists - * and appears safe-ish to execute - */ - if (*av[0] != '/') { - error("%s path is not absolute", tag); - return 0; - } - temporarily_use_uid(pw); - if (stat(av[0], &st) < 0) { - error("Could not stat %s \"%s\": %s", tag, - av[0], strerror(errno)); - restore_uid(); - return 0; - } - if (safe_path(av[0], &st, NULL, 0, errmsg, sizeof(errmsg)) != 0) { - error("Unsafe %s \"%s\": %s", tag, av[0], errmsg); - restore_uid(); - return 0; - } - /* Prepare to keep the child's stdout if requested */ - if (pipe(p) != 0) { - error("%s: pipe: %s", tag, strerror(errno)); - restore_uid(); - return 0; - } - restore_uid(); - - switch ((pid = fork())) { - case -1: /* error */ - error("%s: fork: %s", tag, strerror(errno)); - close(p[0]); - close(p[1]); - return 0; - case 0: /* child */ - /* Prepare a minimal environment for the child. */ - envsize = 5; - child_env = xcalloc(sizeof(*child_env), envsize); - child_set_env(&child_env, &envsize, "PATH", _PATH_STDPATH); - child_set_env(&child_env, &envsize, "USER", pw->pw_name); - child_set_env(&child_env, &envsize, "LOGNAME", pw->pw_name); - child_set_env(&child_env, &envsize, "HOME", pw->pw_dir); - if ((cp = getenv("LANG")) != NULL) - child_set_env(&child_env, &envsize, "LANG", cp); - - for (i = 0; i < NSIG; i++) - signal(i, SIG_DFL); - - if ((devnull = open(_PATH_DEVNULL, O_RDWR)) == -1) { - error("%s: open %s: %s", tag, _PATH_DEVNULL, - strerror(errno)); - _exit(1); - } - if (dup2(devnull, STDIN_FILENO) == -1) { - error("%s: dup2: %s", tag, strerror(errno)); - _exit(1); - } - - /* Set up stdout as requested; leave stderr in place for now. */ - fd = -1; - if ((flags & SSH_SUBPROCESS_STDOUT_CAPTURE) != 0) - fd = p[1]; - else if ((flags & SSH_SUBPROCESS_STDOUT_DISCARD) != 0) - fd = devnull; - if (fd != -1 && dup2(fd, STDOUT_FILENO) == -1) { - error("%s: dup2: %s", tag, strerror(errno)); - _exit(1); - } - closefrom(STDERR_FILENO + 1); - - /* Don't use permanently_set_uid() here to avoid fatal() */ - if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) != 0) { - error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid, - strerror(errno)); - _exit(1); - } - if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) != 0) { - error("%s: setresuid %u: %s", tag, (u_int)pw->pw_uid, - strerror(errno)); - _exit(1); - } - /* stdin is pointed to /dev/null at this point */ - if ((flags & SSH_SUBPROCESS_STDOUT_DISCARD) != 0 && - dup2(STDIN_FILENO, STDERR_FILENO) == -1) { - error("%s: dup2: %s", tag, strerror(errno)); - _exit(1); - } - - execve(av[0], av, child_env); - error("%s exec \"%s\": %s", tag, command, strerror(errno)); - _exit(127); - default: /* parent */ - break; - } - - close(p[1]); - if ((flags & SSH_SUBPROCESS_STDOUT_CAPTURE) == 0) - close(p[0]); - else if ((f = fdopen(p[0], "r")) == NULL) { - error("%s: fdopen: %s", tag, strerror(errno)); - close(p[0]); - /* Don't leave zombie child */ - kill(pid, SIGTERM); - while (waitpid(pid, NULL, 0) == -1 && errno == EINTR) - ; - return 0; - } - /* Success */ - debug3("%s: %s pid %ld", __func__, tag, (long)pid); - if (child != NULL) - *child = f; - return pid; -} - /* Returns 0 if pid exited cleanly, non-zero otherwise */ int exited_cleanly(pid_t pid, const char *tag, const char *cmd, int quiet) @@ -1739,7 +1910,122 @@ child_set_env(char ***envp, u_int *envsizep, const char *name, } /* Allocate space and format the variable in the appropriate slot. */ + /* XXX xasprintf */ env[i] = xmalloc(strlen(name) + 1 + strlen(value) + 1); snprintf(env[i], strlen(name) + 1 + strlen(value) + 1, "%s=%s", name, value); } +/* + * Check and optionally lowercase a domain name, also removes trailing '.' + * Returns 1 on success and 0 on failure, storing an error message in errstr. + */ +int +valid_domain(char *name, int makelower, const char **errstr) +{ + size_t i, l = strlen(name); + u_char c, last = '\0'; + static char errbuf[256]; + + if (l == 0) { + strlcpy(errbuf, "empty domain name", sizeof(errbuf)); + goto bad; + } + if (!isalpha((u_char)name[0]) && !isdigit((u_char)name[0])) { + snprintf(errbuf, sizeof(errbuf), "domain name \"%.100s\" " + "starts with invalid character", name); + goto bad; + } + for (i = 0; i < l; i++) { + c = tolower((u_char)name[i]); + if (makelower) + name[i] = (char)c; + if (last == '.' && c == '.') { + snprintf(errbuf, sizeof(errbuf), "domain name " + "\"%.100s\" contains consecutive separators", name); + goto bad; + } + if (c != '.' && c != '-' && !isalnum(c) && + c != '_') /* technically invalid, but common */ { + snprintf(errbuf, sizeof(errbuf), "domain name " + "\"%.100s\" contains invalid characters", name); + goto bad; + } + last = c; + } + if (name[l - 1] == '.') + name[l - 1] = '\0'; + if (errstr != NULL) + *errstr = NULL; + return 1; +bad: + if (errstr != NULL) + *errstr = errbuf; + return 0; +} + +const char * +atoi_err(const char *nptr, int *val) +{ + const char *errstr = NULL; + long long num; + + if (nptr == NULL || *nptr == '\0') + return "missing"; + num = strtonum(nptr, 0, INT_MAX, &errstr); + if (errstr == NULL) + *val = (int)num; + return errstr; +} + +int +parse_absolute_time(const char *s, uint64_t *tp) +{ + struct tm tm; + time_t tt; + char buf[32], *fmt; + + *tp = 0; + + /* + * POSIX strptime says "The application shall ensure that there + * is white-space or other non-alphanumeric characters between + * any two conversion specifications" so arrange things this way. + */ + switch (strlen(s)) { + case 8: /* YYYYMMDD */ + fmt = "%Y-%m-%d"; + snprintf(buf, sizeof(buf), "%.4s-%.2s-%.2s", s, s + 4, s + 6); + break; + case 12: /* YYYYMMDDHHMM */ + fmt = "%Y-%m-%dT%H:%M"; + snprintf(buf, sizeof(buf), "%.4s-%.2s-%.2sT%.2s:%.2s", + s, s + 4, s + 6, s + 8, s + 10); + break; + case 14: /* YYYYMMDDHHMMSS */ + fmt = "%Y-%m-%dT%H:%M:%S"; + snprintf(buf, sizeof(buf), "%.4s-%.2s-%.2sT%.2s:%.2s:%.2s", + s, s + 4, s + 6, s + 8, s + 10, s + 12); + break; + default: + return SSH_ERR_INVALID_FORMAT; + } + + memset(&tm, 0, sizeof(tm)); + if (strptime(buf, fmt, &tm) == NULL) + return SSH_ERR_INVALID_FORMAT; + if ((tt = mktime(&tm)) < 0) + return SSH_ERR_INVALID_FORMAT; + /* success */ + *tp = (uint64_t)tt; + return 0; +} + +void +format_absolute_time(uint64_t t, char *buf, size_t len) +{ + time_t tt = t > INT_MAX ? INT_MAX : t; /* XXX revisit in 2038 :P */ + struct tm tm; + + localtime_r(&tt, &tm); + strftime(buf, len, "%Y-%m-%dT%H:%M:%S", &tm); +} diff --git a/misc.h b/misc.h index 153d11375bf5..cdafea735984 100644 --- a/misc.h +++ b/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.63 2017/08/18 05:48:04 djm Exp $ */ +/* $OpenBSD: misc.h,v 1.71 2018/03/12 00:52:01 djm Exp $ */ /* * Author: Tatu Ylonen @@ -48,13 +48,18 @@ char *strdelim(char **); int set_nonblock(int); int unset_nonblock(int); void set_nodelay(int); +int set_reuseaddr(int); +char *get_rdomain(int); +int set_rdomain(int, const char *); int a2port(const char *); int a2tun(const char *, int *); char *put_host_port(const char *, u_short); char *hpdelim(char **); char *cleanhostname(char *); char *colon(char *); +int parse_user_host_path(const char *, char **, char **, char **); int parse_user_host_port(const char *, char **, char **, int *); +int parse_uri(const char *, const char *, char **, char **, int *, char **); long convtime(const char *); char *tilde_expand_filename(const char *, uid_t); char *percent_expand(const char *, ...) __attribute__((__sentinel__)); @@ -62,10 +67,16 @@ char *tohex(const void *, size_t); void sanitise_stdfd(void); void ms_subtract_diff(struct timeval *, int *); void ms_to_timeval(struct timeval *, int); +void monotime_ts(struct timespec *); +void monotime_tv(struct timeval *); time_t monotime(void); double monotime_double(void); void lowercase(char *s); int unix_listener(const char *, int, int); +int valid_domain(char *, int, const char **); +const char *atoi_err(const char *, int *); +int parse_absolute_time(const char *, uint64_t *); +void format_absolute_time(uint64_t, char *, size_t); void sock_set_v6only(int); @@ -84,7 +95,7 @@ void replacearg(arglist *, u_int, char *, ...) __attribute__((format(printf, 3, 4))); void freeargs(arglist *); -int tun_open(int, int); +int tun_open(int, int, char **); /* Common definitions for ssh tunnel device forwarding */ #define SSH_TUNMODE_NO 0x00 @@ -140,12 +151,6 @@ int argv_split(const char *, int *, char ***); char *argv_assemble(int, char **argv); int exited_cleanly(pid_t, const char *, const char *, int); -#define SSH_SUBPROCESS_STDOUT_DISCARD (1) /* Discard stdout */ -#define SSH_SUBPROCESS_STDOUT_CAPTURE (1<<1) /* Redirect stdout */ -#define SSH_SUBPROCESS_STDERR_DISCARD (1<<2) /* Discard stderr */ -pid_t subprocess(const char *, struct passwd *, - const char *, int, char **, FILE **, u_int flags); - struct stat; int safe_path(const char *, struct stat *, const char *, uid_t, char *, size_t); diff --git a/mkinstalldirs b/mkinstalldirs index 47d5f43fea60..399f40925ac7 100755 --- a/mkinstalldirs +++ b/mkinstalldirs @@ -4,8 +4,6 @@ # Created: 1993-05-16 # Public domain -# $Id: mkinstalldirs,v 1.2 2003/11/21 12:48:55 djm Exp $ - errstatus=0 for file diff --git a/moduli b/moduli index 00b5a6937df5..cf28bd36bdee 100644 --- a/moduli +++ b/moduli @@ -1,431 +1,407 @@ -# $OpenBSD: moduli,v 1.18 2016/08/11 01:42:11 dtucker Exp $ +# $OpenBSD: moduli,v 1.20 2017/11/29 05:49:54 dtucker Exp $ # Time Type Tests Tries Size Generator Modulus -20160301052556 2 6 100 2047 5 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D19F4647 -20160301052601 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D1A5C13B -20160301052612 2 6 100 2047 5 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D1B7A3EF -20160301052620 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D1C4C33B -20160301052628 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D1CFFACB -20160301052645 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D1F31D8B -20160301052703 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D218C293 -20160301052723 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D24116E3 -20160301052732 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D25321F3 -20160301052741 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D260D8E3 -20160301052748 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D26CD3D3 -20160301052756 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D2791F7B -20160301052823 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D2B71133 -20160301052827 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D2BABBA3 -20160301052832 2 6 100 2047 5 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D2BFC957 -20160301052931 2 6 100 2047 5 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D3514117 -20160301053017 2 6 100 2047 5 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D3BF91F7 -20160301053037 2 6 100 2047 5 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D3E9113F -20160301053101 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D41BFA83 -20160301053129 2 6 100 2047 5 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D45A369F -20160301053217 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D4CB8683 -20160301053222 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D4D01463 -20160301053251 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D50F62C3 -20160301053309 2 6 100 2047 5 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D5351887 -20160301053333 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D568358B -20160301053350 2 6 100 2047 5 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D58AA31F -20160301053359 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D5991AF3 -20160301053438 2 6 100 2047 5 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D5F65E07 -20160301053523 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D65F37D3 -20160301053556 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D6AB7E73 -20160301053608 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D6C131CB -20160301053631 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D6F18A93 -20160301053647 2 6 100 2047 5 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D7132B7F -20160301053724 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D76995EB -20160301053743 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D793D27B -20160301053757 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D7AE856B -20160301053820 2 6 100 2047 5 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D7E1810F -20160301053828 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D7EC09EB -20160301053831 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D7ECC2FB -20160301053958 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D8B829CB -20160301054042 2 6 100 2047 2 DA57B18976E9C55CEAC3BFFF70419A1550258EA7359400BD4FAC8F4203B73E0BC54D62C0A2D9AA9B543FACA0290514EA426DE6FEF897CB858243511DCE5170420C799D888DCFDC4502FF49B66F34E75C00E98A55408A791FF5CFEA7C288F8E6664226A6A90BE237D2E40C207B5AD0CAEDFDA4946E63AEA351A09EF462515FED4098694241CD07E2CB7727B39B8B1B9467D72DFB908D8169F5DB3CD5A6BEBE1344C585A882508B760402E86EB9B5548A7B98635ECFCDC02FF62B29C53847142FC598ADC66F622F6E9F73BDF02B3D795C0DF23D00E5A3A7748F3E1D5B06F46D4568CE3F4CC57E67D4C36DF5C12800620698C727CC5F5BCACF3B7E17E37D91CFCF3 -20160301054134 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251903103B -20160301054139 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF2519072B8B -20160301054157 2 6 100 2047 5 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF25192F631F -20160301054207 2 6 100 2047 5 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF25193F9E7F -20160301054213 2 6 100 2047 5 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF2519475A1F -20160301054301 2 6 100 2047 5 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF2519BA6807 -20160301054320 2 6 100 2047 5 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF2519E2FA7F -20160301054340 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251A0CD913 -20160301054413 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251A5B8A43 -20160301054511 2 6 100 2047 5 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251AE66597 -20160301054527 2 6 100 2047 5 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251B03A57F -20160301054544 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251B276FBB -20160301054548 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251B2915B3 -20160301054621 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251B79A4BB -20160301054714 2 6 100 2047 5 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251BF77377 -20160301054737 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251C28D853 -20160301054819 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251C8C959B -20160301054844 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251CC0A39B -20160301055002 2 6 100 2047 5 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251D7C0A9F -20160301055021 2 6 100 2047 5 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251DA0A72F -20160301055024 2 6 100 2047 5 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251DA1003F -20160301055029 2 6 100 2047 5 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251DA4B607 -20160301055034 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251DA82003 -20160301055101 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251DE323BB -20160301055123 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251E13DB33 -20160301055136 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251E2A2203 -20160301055141 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251E2F180B -20160301055208 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251E6B2E8B -20160301055248 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251ECCA61B -20160301055312 2 6 100 2047 5 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251EFFD5C7 -20160301055319 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251F08AD6B -20160301055413 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251F881A4B -20160301055420 2 6 100 2047 5 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251F8FC967 -20160301055438 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251FB8102B -20160301055505 2 6 100 2047 2 F030C513D5C6694FB09539ECF9D8290608A96280EDDEB74FD66DD43CACE3A5BFD6BC4F02EF38E44F68296DA50091214D9E6C518D715D76E19CCCA0578886B93ADA36E8AFDC23B311DA04EB8AC2FF31F3B87BD27C283519DF9CFCAA9D4EF822ECD2AD5593D3819399CEF3FAF0B786071496A9BD94164F739A2D1E0DEBB798BAEF0540B4388D3762523B68E100D6EE231DD95BEB4F4472E9E2236A24E0891DF5A19222A6C69D531C9E73DEF6ADAC84D61BC4EEA36E2A9FD64902461BFAF9BF81D699E141EE77A03996DC4586D3487A0E6189696C1D67F91E91595EB584AD1DF9EF5FC64160EAC3F2D88B4FB0E20A7925FE133D71EF9E1DD018101AAF251FF16983 -20160301061411 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26C5D83833 -20160301061835 2 6 100 3071 5 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26C6AAA907 -20160301062447 2 6 100 3071 5 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26C7D2DF17 -20160301062535 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26C7F0856B -20160301062652 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26C8266573 -20160301062708 2 6 100 3071 5 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26C82B4297 -20160301063801 2 6 100 3071 5 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26CA342897 -20160301063920 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26CA6B6B53 -20160301064001 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26CA83D25B -20160301064133 2 6 100 3071 5 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26CAC6E0AF -20160301064312 2 6 100 3071 5 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26CB0B8B2F -20160301064624 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26CB9E9EBB -20160301064954 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26CC41F773 -20160301065030 2 6 100 3071 5 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26CC56680F -20160301065134 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26CC82B2B3 -20160301065432 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26CD0A0833 -20160301065614 2 6 100 3071 5 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26CD54CA17 -20160301070010 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26CE0A7B73 -20160301070046 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26CE21045B -20160301070141 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26CE4560CB -20160301070334 2 6 100 3071 5 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26CE9951EF -20160301070607 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26CF0C830B -20160301070911 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26CF96B75B -20160301070931 2 6 100 3071 5 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26CF9EB207 -20160301071405 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D07614DB -20160301071648 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D0F1177B -20160301071915 2 6 100 3071 5 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D15E484F -20160301071932 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D16371F3 -20160301072032 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D18BD843 -20160301072158 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D1C7632B -20160301072445 2 6 100 3071 5 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D2450187 -20160301072709 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D2B15CFB -20160301073130 2 6 100 3071 5 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D37B3327 -20160301073142 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D37C7FA3 -20160301073822 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D4B57B13 -20160301074016 2 6 100 3071 5 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D50A615F -20160301074134 2 6 100 3071 5 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D5419827 -20160301074208 2 6 100 3071 5 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D554AA2F -20160301074359 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D5A29FEB -20160301074457 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D5C6DA83 -20160301074620 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D601594B -20160301074846 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D66D7E6B -20160301074917 2 6 100 3071 5 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D67D64E7 -20160301075053 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D6C27B8B -20160301075132 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D6DB9C33 -20160301075225 2 6 100 3071 5 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D6FE9337 -20160301075252 2 6 100 3071 5 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D70AF577 -20160301075345 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D72CB613 -20160301075358 2 6 100 3071 2 E2871F8AF82B8E1038DDACF268D3690580ED64FC99F13D64B8322F1F6F19B0860BD4CB74BD2FF72ADF1090B0506E77743EA2C3102093C10A5045A17F92E403AE24B4E9276F9999A4AAD7DF5F2C03EB72B6BB303FE894149BFD670A13ADEDEFBD726A12A7F32919BC4FFFC8FA3E2E73645B432EB894D6906D1E6E8CD5C8BB882953EAA0306508205B6BC0B99177C81E9E9192D8185185CE82CF310AD42A24DB83039A4F10D1C55E7EA7D4C020BD12947A25732829D1AC6100ED9DA3F4D834D8EB28875F37B399C5AE21D6A122950A41680857CEB6A25158A108E8E0338047A2DD979AB97E9F84ABA18FB1DD43FD630F494CEACF0F7FFEF38BC14968B0FDF4942927D0169B46E84D52356EB1B7D04EFCDF2239AEA21A63B6F64E83AC18F81EB6EAEF03328B830860C184B4434B39FA6AE31C751FB5BA1AEA1BD8D41457D9AE58C6EFD230493454BA3C5EB791E74CAB907D0AF1173FFB99D78953660B23127550350A9A09B0116099087A04B56078C274874507ED92ECD2D98A7F064C26D72F088B -20160301080151 2 6 100 3071 5 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F1FA94507 -20160301080332 2 6 100 3071 5 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F1FF62A2F -20160301080512 2 6 100 3071 5 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F203E0E3F -20160301080759 2 6 100 3071 5 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F20BE897F -20160301081008 2 6 100 3071 2 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F211E8DAB -20160301081510 2 6 100 3071 2 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F220FBEBB -20160301081725 2 6 100 3071 2 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F22727C13 -20160301082213 2 6 100 3071 5 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F2352279F -20160301083400 2 6 100 3071 5 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F25905AEF -20160301083955 2 6 100 3071 2 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F26AB557B -20160301084035 2 6 100 3071 5 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F26C1D647 -20160301084145 2 6 100 3071 2 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F26F0E75B -20160301084827 2 6 100 3071 2 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F282FE7DB -20160301084906 2 6 100 3071 5 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F2847CBF7 -20160301085226 2 6 100 3071 2 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F28E1E963 -20160301085254 2 6 100 3071 2 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F28EF835B -20160301085737 2 6 100 3071 2 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F29D012DB -20160301085933 2 6 100 3071 2 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F2A259503 -20160301090045 2 6 100 3071 5 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F2A569E5F -20160301090201 2 6 100 3071 5 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F2A89EEB7 -20160301090441 2 6 100 3071 5 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F2B037B2F -20160301090534 2 6 100 3071 2 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F2B2559FB -20160301090628 2 6 100 3071 2 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F2B484193 -20160301092125 2 6 100 3071 5 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F2E1E1337 -20160301092513 2 6 100 3071 2 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F2ECC261B -20160301093051 2 6 100 3071 2 F5B3EB8BEBA51E3899E7F8C7E202FBB132EF5731B3C2AC07945AEDA6A77A194E69538E08ABB8BBC3FC5AC2D3F66E582AA280D1832065E63F462AE71CD69CB3523656358545BF625F0F0BA9A8902D2A09484BE915E4AB809B8C767F84AADC75744E07F691893DA5DCCCD3FE8A7140858A9CF09A52E3A8F1050913A592B5750BC54682523B6920F626D87A717D6680B4EE430317DDF7B36458D479ADF6855FE46D865D02F8161D8BD8F4D0F330EE27B28AA40D48B6EA8E183223FCBC4E9C4F1F615DE750A5F8BE130EE46DC23970AD5A3CB93F5822A53084553A3B27A72ADD55958935D98B06D6398B00A718EA6BCE075DD6708F714002AF5A75C67D087DB8308B6FCEC775DBE8415F57CCD39C13496F0782D4834C03241D1B2EFE5CD07D702BD489DE25DAF08CA1DE5FDA5962A8CC6E0283B992640B8706B076531844CF66D26BEC2DD5A0BCDABE6A048BA55F8C25621E8CAA55F2D9E011896DEA823CF9FFBC76143FF7F4653C3BBDC34138A482A150A221E2CA2BE774B7BD22B2481F2FD6418B -20160301101954 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29E60ED3CB -20160301104238 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29E7F21B53 -20160301105433 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29E8EA1923 -20160301110823 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29EA099523 -20160301111806 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29EAD0379B -20160301112515 2 6 100 4095 5 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29EB5F9FF7 -20160301112655 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29EB7A3C73 -20160301113152 2 6 100 4095 5 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29EBD8A1AF -20160301114603 2 6 100 4095 5 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29ED0421CF -20160301115854 2 6 100 4095 5 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29EE10BE07 -20160301122138 2 6 100 4095 5 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29EFED1757 -20160301124138 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29F18BB82B -20160301124341 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29F1AE9F93 -20160301130540 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29F378431B -20160301132038 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29F4B041CB -20160301132156 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29F4C33A3B -20160301133248 2 6 100 4095 5 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29F59F1817 -20160301135039 2 6 100 4095 5 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29F70D3707 -20160301135200 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29F720CFD3 -20160301135955 2 6 100 4095 5 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29F7BFD4BF -20160301141625 2 6 100 4095 5 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29F9118567 -20160301143329 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29FA446E3B -20160301143411 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29FA4A5D73 -20160301143511 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29FA57571B -20160301145341 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29FBCEC3DB -20160301150532 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29FCBAFB3B -20160301150756 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29FCE5B5B3 -20160301151026 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29FD119B83 -20160301152435 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29FE2CAD43 -20160301152638 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29FE504DD3 -20160301153829 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29FF425A73 -20160301154015 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29FF5FBCDB -20160301154135 2 6 100 4095 5 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29FF725ADF -20160301154325 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F29FF9005B3 -20160301155218 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F2A00430653 -20160301160626 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F2A01612A43 -20160301160831 2 6 100 4095 5 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F2A01842FE7 -20160301161542 2 6 100 4095 2 EF7840BC7248E3E12D223BD86584358750562F5FCB298632E269C7F4347DC441CEBCBAF5B8AD25C3A3EE85A97FC342EF2B320425ACE6A816200E4A46596E6D911E8E5940E4ED1F64275D1A2A1E2DC8A34E26026A8DD9D20AF2E36B2BEB467168E516F1DF9145DBA60CE4BE46B34E918D36F581B2860BEBD153A09BF5B51348137CEB0BFA43FDEF5398C538CB9854BED966017DC918E4EA26E0E1A283AEA90F41B2D27CBC34E6AA64FE7E370D532BE4A0DB2E77958CA6E570DEDA817FB91351B65E227BAF96383323820AC5CF785CD686E99398773DF19C1E33D7199A5104337AD3C8CF78FE1AF5D8A4A2B8C092E1FD2688F2829E006C050257DC4C16576AB12AC01AE40F35785586902058735024E0CF90B1DD3B547647AC6F98A70BE3CA9EF80E9A1E408D29FDBE7935625B9AB863891D6D30A54903DD23933303055B8E864751CEB7A153A841D2E1CD3C5943C7F6F1BB2836ED387BE4FB3075363317A1E813965497F5CC621A72B1CF5B50813B418F391FB7C4530B6C19416B4A942063012798536BBF853166697747F39827832A3D135ABFB03BF15990787F64D25E629ED1A6009BADF5447730445ACF2684715A84ECBC4B3A1E2C93E3EFCF4D9373E1355740776F66353576D7359C69EAE48FCFB06CA7536F4B132BFCE6DB2FDBD687B24E7A0AD1EBCBF887A7258C24D8AC9BB86BF847D9AC980919AD9BAF3F2A020ED50B -20160301165149 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE54C87A80B -20160301165241 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE54C91EA2B -20160301165750 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE54CFA74E3 -20160301173839 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE5504AEAFB -20160301174247 2 6 100 4095 5 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE5509AF4D7 -20160301174504 2 6 100 4095 5 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE550BFB1D7 -20160301180608 2 6 100 4095 5 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE5526F5F0F -20160301181854 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE55377C36B -20160301182221 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE553B4B8F3 -20160301183911 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE55510470B -20160301184110 2 6 100 4095 5 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE555338897 -20160301184426 2 6 100 4095 5 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE55571A23F -20160301190148 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE556DEB983 -20160301192446 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE558BD1523 -20160301193428 2 6 100 4095 5 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE559875F5F -20160301193505 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE5598BF0AB -20160301194148 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE55A0E82C3 -20160301195020 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE55AB8837B -20160301195917 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE55B6C5AB3 -20160301200332 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE55BBC661B -20160301201317 2 6 100 4095 5 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE55C7D9887 -20160301201523 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE55CA30A3B -20160301202029 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE55D044403 -20160301203514 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE55E324A43 -20160301203700 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE55E4D607B -20160301204309 2 6 100 4095 5 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE55EC519A7 -20160301205135 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE55F6BDE23 -20160301205244 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE55F7B0B23 -20160301205520 2 6 100 4095 5 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE55FA81627 -20160301205558 2 6 100 4095 5 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE55FACF2AF -20160301213318 2 6 100 4095 5 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE562B75737 -20160301214847 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE563F5D2EB -20160301215746 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE564AA7C23 -20160301220025 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE564DC00EB -20160301222154 2 6 100 4095 5 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE5669AE6CF -20160301223932 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE567FEFC33 -20160301225302 2 6 100 4095 5 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE569139497 -20160301225705 2 6 100 4095 5 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE5695E7AB7 -20160301230308 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE569D3D2B3 -20160301230751 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE56A2CD9CB -20160301231012 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE56A537EDB -20160301231655 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE56AD78EE3 -20160301232437 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE56B7299EB -20160301232518 2 6 100 4095 2 E268D4796069A7E90EC81DC69831656A982D57FD2C1E7810FD32855F3A67C150F52C2B45EC5C1183DE82AE98202BCD0CA7D1CD0A4D15AE296B23B6FCC0BD171005C939D9D1D75DEA733A6B4F3DA9A96759881B7482ABC3CF967763F261D0D6BEDDEE374F138597B347A57A4E21F8F801CD8F8A33FB3638FE0CE021E052AD5CE00E23E3A6644C844E8F79749384DBD4AC2D46B7804D797174F4BF19F92D8710B18BAE576F69449EA91681A92B0E8E95EECB47CCB0720DA611EF8686A09A7DB37726E1357EA9A1CFB7B2DB04529147BD30F96515123A7B5540890860D45C7C033DC0FAF079A0A7825C6A6DFD9B87189F2EEFBE5F68BA9B1DDA8E3BF26ECA3A8A261BF5C67E2A01C8E4BDFAA1C221950596216C69468493E424DBBCEFB8BCCF0A83C773123087F355A15EE7515BC3C6536FFCA05B50F8FB7F3A57103DDB6FA82E2B902991086E2EA9284CB09FEC7A4184EBA09A700930188711313FD16C27B338BA4BA55736E0C7B4C6E731933BD9FD7DDC80BC3A23676FF871FE3E21945BFC83B22C3992E2219F75A6C7AD05F66F2D09B8C805C2E1FFBEDBE5115FD9FB023B58B37FAFEA2CDE16C52A54BD7090C03438EF19F04D8FC630055FC96AFEA891B8CDF6016A6E101A9C27C1E6A5A3B81DC785B6E8808EF59414B58C1CBC5E3E1428DA520F1AA2E8BF6A6554F2DCA1CE30972E13BED33D2744621C763D387AE56B78E563 -20160302001351 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDF880CFD33 -20160302060207 2 6 100 6143 5 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDF915C8E67 -20160302080221 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDF9484D603 -20160302085858 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDF95FD5243 -20160302110323 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDF99425D23 -20160302115537 2 6 100 6143 5 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDF9AA4530F -20160302121026 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDF9AFF17B3 -20160302125303 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDF9C1752FB -20160302132855 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDF9D055A3B -20160302145027 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDF9F210C3B -20160302160128 2 6 100 6143 5 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFA0F799CF -20160302164318 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFA205C49B -20160302193543 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFA66F725B -20160302223446 2 6 100 6143 5 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFAB045BFF -20160302230706 2 6 100 6143 5 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFABD44B9F -20160303005014 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFAE7817DB -20160303013053 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFAF76805B -20160303031806 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFB234F5BB -20160303034446 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFB2DCD713 -20160303042131 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFB3CABEBB -20160303052710 2 6 100 6143 5 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFB569F28F -20160303064237 2 6 100 6143 5 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFB744D6A7 -20160303074318 2 6 100 6143 5 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFB8C38E87 -20160303091435 2 6 100 6143 5 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFBB0B707F -20160303111232 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFBE003643 -20160303112343 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFBE40A0B3 -20160303113550 2 6 100 6143 5 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFBE87B0BF -20160303120708 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFBF49A92B -20160303122005 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFBF954093 -20160303134821 2 6 100 6143 5 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFC1C0AD17 -20160303183137 2 6 100 6143 5 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFC8B45457 -20160303204451 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFCBFBCF5B -20160303210530 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFCC756893 -20160303224116 2 6 100 6143 2 D9752DD196C5E138B7F542FD56561455DDBDF05DCC107F8A5C8F393529CEBAE3CECA54E85766015CBFE1856D830D7A20385951C0941FF754570F697951C77F6FC064C28B708E8A691BDA8C6C1921C7559288EE8A024EB50D923EFF9F143E76B053D2B5FF1779C1CDC0E5856BBE4396928E605009866CFD212C68183120D5A7EA14BD3878690406069F8BC9AED334AEB6C25FD4CD9421F860893256B1A7741F729982BC109E3B6DF4D86CCFCDC1EBAB2EB13836E7988CB9F32F3EC5120E6B2DD74FF13E456A1A01E313E00A728D2ED690A656DACB1C71C6BADCA959CD944EBA762FC8B0B3CEF237386ED3D4FC6983A8F950B956DC76C09B6AAE22B5B8501B73B6E685FA40AA56139A8C02F6E0B7836E3F08EB5F9D4EC83A8BDA394FC5DA24D2CF078AE7491E3856A18FCA2C68BF9BC82ABCDE494CDFB31F82E5FE8C20D7832412F478BFC67A2B4B2CF5F266DDF53CB62372957861B95FFD2C82C46E48ACD75CAEC30E8453C8A24020ABB6143665441179478D8E33E505C2E34C1EA8F22205CA8FB31A48209BCF10ACD56B6B0060DE1836A4C9EF3C062C552C1BC8528D262FF0A2BEB56626C69A8CC7BA24F65FC39768212BB7C41BFFEDDAFD1A1528F6258F2ABC102F693425FDDF20D9EC9601FBFDC6FCD43E551C082A8A1373A1CB5E83BCD8175D9B60662D03ED5894D3EF4325180633C33FA1DD0964CC0CAEDE403146E7A5B8ED74FC6AB359EE1909A45A445429B17C04658E7F4F31F84DD194FDFBF3EF345C1B4EF2563E16351808FE4262B52D0C8AA748DF502FEF3A92C9F6A6A03BDE903DD1392177265313C08E767B003614AC6C6BFC501AAC24737BB3C8CC0160D81FC3BC6244974E1D83D15E676976F92999AEE25A66E7FE124A94D52A902E035FA5F866833D7AD3387BE2423095930671D8588E49510AEC9430ED1F03A02F3160124D893833D44FA4B51FED9044AE5B4136105466D5CD711FDFC37690183BA1D4930347148433D76B98A857EF4962FE0F48A16F20454555411EC778B248529F50503C4E0D62A122EEF42CA6BEFC7B3517CCB75A293AF2532E29FC2889DFDFCEC94F0B -20160304002011 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F213AE3B5BB -20160304013213 2 6 100 6143 5 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F213CCC818F -20160304014837 2 6 100 6143 5 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F213D3357F7 -20160304050100 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F21426DAC33 -20160304070516 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F2145B0AFE3 -20160304085926 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F2148A9E96B -20160304092251 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F21493F5C9B -20160304092815 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F21495C2BA3 -20160304115839 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F214D4FED23 -20160304122842 2 6 100 6143 5 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F214E130FAF -20160304143749 2 6 100 6143 5 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F215161823F -20160304160139 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F2153888D53 -20160304160440 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F215394B933 -20160304162214 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F215400CF9B -20160304212008 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F215BACC633 -20160304221341 2 6 100 6143 5 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F215D065E4F -20160304221614 2 6 100 6143 5 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F215D0E8A6F -20160305022340 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F216368CBBB -20160305044620 2 6 100 6143 5 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F216709F6C7 -20160305053801 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F2168484233 -20160305060125 2 6 100 6143 5 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F2168D0E0E7 -20160305081042 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F216C1797FB -20160305094218 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F216E608403 -20160305095044 2 6 100 6143 5 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F216E8BAD0F -20160305095440 2 6 100 6143 5 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F216E9B001F -20160305111737 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F2170A72F1B -20160305152313 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F2176C19D53 -20160305152947 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F2176E37BCB -20160305154608 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F217744E9E3 -20160305161226 2 6 100 6143 5 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F2177E547CF -20160305173357 2 6 100 6143 2 FC87210E608B51094653AB8D5963CAEF1C053FBDBBEDF91B83BBD945C79B4F67E96E8FA2C32DD50643434724257CC86C29F3CA2D266A719934B4D350E933D37153610C332F148D4B22D7D790A2A83995B0600254F640BD5E48B7D97D1BCEE76515FE078CE062EFB08529A5670F773DF514EC5392403D50C33577AFCDDE7D90224AEED69799AE17968CADDBFDC81A6E10B1CDE4A0D3F41C4B82CE346E0621973BE07918EAD36D7C67BCF2984D0F78BCD1E540847CA4DC90D909845862D4F699ABFA17F5749554774BC2C59443265CE386C655055202009B32590EB0FD85F203E63425342E756AB57F5BA14BD2E283B617A230E11A955442F0C1F53AF4F08DFD1D2606DD5DD04486C40A0E6D2DB2B390D664A97D32ED7868A6AAC5F2E534B7C880EE0F6834EC100D547B823547443D02980F1EBB2EBB6D57E9368BC70C440BB5406220630583D59AB11C489B0B0B8591A7F9FF322BFD4B9FE0672800A402F9734652EF151B44180D4EA7A713C66873A245691AAF295272BFF02979772EC48D65CF34540F38EDF2B95BDF8E7A88062866A8F5471F29993E1D4A4F1638A447D237964907CA1090C0CE1D4FDD79277219F9E1CE63E3E95BAFF8017639969710AE8520769B09C318BDD8A0CB3560DDC3A6281E1816EF16D942980934B6B381D44FD19311FDE8457113B6F8FBC9101EC20F6F216712BC17A63A753F0724BA90EA9A4766FF93BBA39020CC72E0B33CB6CC3C3D87A13CB86BA9C1A9B9086DBD905F62B29782E5AAD4C27704913415E583A0EF1F2586C612DCA66CA31FD1F797752EC984E543616C7575ADC6BDAB9788F82C9258DF1E58777440BDAD5D93A2CBEAC466D6BE37CC4307CA0534B00B6EBEE4C3958BC587117E8E26D13E36B1D4A9D0F7DB2F00E9568EB21F6530EF635650C51DC9D04B788439BE01ACBF5501D673896A170037E0048882DCF5A09F7605AEFEA5615A534B5CAE77D46B00E27CAC0C7685AA235EBC0941B056FCE7737E3BD6597EF0C5774D1535F294645B12025F17474F9066DA7DFD867B72E3706FAEECD892C05D92494D7A3BEE52080BAC6FCA8F2179D3586B -20160305235825 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B0B4DFC33 -20160306022229 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B0D65D0DB -20160306093737 2 6 100 7679 5 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B13D7D927 -20160306094452 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B13E933BB -20160306160337 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B1971D123 -20160306224032 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B1F3B6DAB -20160306225345 2 6 100 7679 5 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B1F6160BF -20160306233854 2 6 100 7679 5 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B2005324F -20160307010902 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B214E9673 -20160307051433 2 6 100 7679 5 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B24C9A09F -20160307062817 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B25CA759B -20160307113227 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B2A201EFB -20160307123109 2 6 100 7679 5 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B2AEC017F -20160307185147 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B3059D223 -20160308031623 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B3779276B -20160308074434 2 6 100 7679 5 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B3B36AF7F -20160308080500 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B3B735E1B -20160308090559 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B3C46A863 -20160308204809 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B45F50A43 -20160308220844 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B47098FDB -20160309000534 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B4893E51B -20160309035855 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B4B9D5AF3 -20160309042540 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B4BEF4FBB -20160309152136 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B54B515AB -20160309192852 2 6 100 7679 5 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B57FBEBF7 -20160310013359 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B5CE29283 -20160310035549 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B5EB8EE13 -20160310075706 2 6 100 7679 5 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B61EA384F -20160310173812 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B6993761B -20160310190029 2 6 100 7679 5 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B6A9FDA07 -20160310193821 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B6B156863 -20160311033330 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B714D2463 -20160311043906 2 6 100 7679 5 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B7225A617 -20160311054129 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B72E8A083 -20160311060123 2 6 100 7679 5 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B7320D78F -20160311060829 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B732F58C3 -20160311071819 2 6 100 7679 2 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B740FC84B -20160311081031 2 6 100 7679 5 CDE6C545B0D2F4A803F7AA7269ADA925DA60EAE55764AE38A7C61738B71DA67096F9E2CABF9B30B2E33E1FE97BFE4CE54B53041F2B2A0DAEF6135B6FB4990BE5C32AA56F223B6FDA4599B58517C6B78EA50C8E17CBB37865B5DB8AB5AB0F9A30B27AD76B11F758F10643A569346816280CE9368A159957E161B5E877CBD33D838B725F3CBAA53F6BC1B8F0062B9ED6D756CBB077B92A0A010636B4B92D570C8E0E3BA5553A92B7F1BF41C7AF7354849491B1C63886EE4A52DDBCF24444D5EA1636F883C1B5482E5ECBCA45BB5C741E9A302554B218DEC84908A75D6A2FB12CD96B1C6046A27FCBEDF260AA445C90A156DC17A1147861792E81840E71D0C8DA6BFC54BE0AA2409B7B23807FC07EF4B2B88B6AA9755809D084448E20D06890B4F299F4A38653F34BB52F38E06E4BC7AECD019E6E06FE39238F661726D7FD4AF8F5CFD49177CE8F8D324C99A00D4FF37B5CE5845106893B0AB4600F0A47BC5C3A536969498548EB86BC2ADB0155F9D2F94B02E7198CCE6E03D091191F63F7CD9AF5F2781D32C105A5DD8425090F90FD2099FE37630A69DB179A7161A226B0CD24C93C087B3AC90EF711C2358DC39EA53C0B9BEAF30851B9DCC5BCE27B4595D391DB68336FF330D3A1E90358A2CB1B35765C6F629D737EF13D6565390D25F3DC8E5A17FDDAF740568659F064CC5DB9F4A3A6CA3BA027A58CD18880F4941CC9B372BDB9B3398FBC357B7672EFEA922537846A4F4B7F393B927786A30DEEC3E5234CFB2D9CE459D1CB2140DE33052CF325BF81C4AA80928FB4906B6700F9CC2628747894CDF90FE2C2F07303F435CFD182F661B19E802092BEDB3E22C275A9AB635DD60A442E2E3D6B61CB204898EB0F0D888CE8903FA8521B9EF18046904F63B66C70B2C503CD1E2A2EEF203274D59D5A86F1B2758B9DDC9F97708841322C99BE9A47524A8BE01D7152B9ACF12C0181BB8C1884DD03FF26FA916FD95A4325DAC03139C80F7931F24694AFDDC150848579C28276BC4DA72400277F560A1E9701186148B5ADADDA2BCC8F7ED47A999DC77C3D6C7E20AD7F3C0A4DFAD3B8EEA0C0C402A28B27B01EAE661CF48CB7A8E14FF0597612798D954B1AC078984BAC3353F2A9829E9F29D88562F5EF90DF5A5E81A97C4BC9565F2F915B43ECD333B189D3C774E18B397D3B6640D8F4902DE3A90BF4E2646302A4BE7341A40F83AEC49B7DC31C0B91CF4BF022EBC8623CDFAD234CECD39942649B386CC65EBED4676F6B0FBC015D2C300B252A7DE8DC6434270DF9918D48FF541CAFFEE9485166EFB82C4F4FB2FA109C6C16D475052E530B12FB81DF189F77C08A9DC2F6A4F37E38601B74B68FAF -20160311170649 2 6 100 7679 5 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9B171F787 -20160311195449 2 6 100 7679 5 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9B3EAFC07 -20160312113901 2 6 100 7679 2 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9C1FC4A03 -20160312141825 2 6 100 7679 2 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9C45A6C9B -20160312221956 2 6 100 7679 5 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9CB35C95F -20160313023234 2 6 100 7679 2 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9CED021AB -20160313062450 2 6 100 7679 5 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9D2124DF7 -20160313135733 2 6 100 7679 2 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9D880F89B -20160314002320 2 6 100 7679 2 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9E14CBED3 -20160314074608 2 6 100 7679 2 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9E75C54D3 -20160314135741 2 6 100 7679 2 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9EC7E3DAB -20160314140815 2 6 100 7679 5 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9EC9AC0E7 -20160314202745 2 6 100 7679 2 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9F1BD98C3 -20160314223316 2 6 100 7679 2 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9F36F08D3 -20160315005016 2 6 100 7679 5 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9F54715BF -20160315013952 2 6 100 7679 2 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9F5E3A7F3 -20160315060542 2 6 100 7679 2 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9F968A573 -20160315072619 2 6 100 7679 2 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9FA7969D3 -20160315105849 2 6 100 7679 2 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9FD4C31DB -20160315120521 2 6 100 7679 5 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9FE292087 -20160315121136 2 6 100 7679 2 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073B9FE352FC3 -20160315152946 2 6 100 7679 2 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073BA00CB151B -20160315165331 2 6 100 7679 5 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073BA01DFD347 -20160315184225 2 6 100 7679 5 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073BA034D7527 -20160315214330 2 6 100 7679 2 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073BA05A75E33 -20160316020204 2 6 100 7679 5 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073BA0912D52F -20160316065014 2 6 100 7679 5 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073BA0CD7441F -20160316121031 2 6 100 7679 2 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073BA1102A093 -20160316165356 2 6 100 7679 5 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073BA14B5C017 -20160316191831 2 6 100 7679 2 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073BA168B1623 -20160316230539 2 6 100 7679 5 EC435B7E292EBAAEC94B8E8A53ED9F3FF717BB820D4893F0BBE6589BD3AF344B765A6000950C6244B2E4262E7E500BF699AF0FF49605A15EB80C61429C9FB79F658C3E0F8DB516AF9703BCB5E84ABA314292808DC70D183C513609A6D345F5D8676256E25108EE70B210C0293B5C804CF21FD843D2F5F79F91F57CF2C2EFB7052CA5F73544F0568A68FA5583CA6EDD300817AAB25E650B0AB9523C6C60156726F4B5243A8BE580308BB6297E23785893119D49B2407D4D8DACD551D08A5F9BB32BD7965313EC6C9DDCD685A62F7AFC8E71DF10F9E1FA25EB3DCD41D7DBDEFE5DB565BAE0CB62F192AA573A126FB92C9638457E73EB4C007268142D9506B17D20A4D73B51E21983D9AC86F7ABBDCE9B9D10BE307642C49382E27B45ADB32E9FF7A2203F395C71EAF7656DF83F57E527CCA37A2BE9AFBA89FB718DB95CC041BF4025FF1CB5F463C8A09FD374AF3F143EE53FF4B369117BDBE0743335B1B5650B68C5B4F64E42D4CF0B329316F4FCD5E66F4A1359F2B29684961CA04EC5AC787FD4BF990F3FBE698D69FAF946DE12A4215392928E29ACF24F940AE4046C74BC6E799EE1D85BA8264C6C7DFF62A244CA2D05C4352870E0E8EF71F884AEFA4A4CA704B6C6607D2E59D36253350AF73C1FBE9C5D61A26A9024B715B45ECF1487D23970C5E405B46029403DD95B2F5672E61863E48CBB280300B2CF87C749F0ACC52940819688C819250B71E54397C8792AAB31655BCE19FAD3A7C59BD64904CC806304AEB6DC8B534081CD2EFD2808977FAC9BAB540EC153DD98D8B33984EC40BCFBC0C5D5B95AB3E183961DB2EE8883B174A3CFEC21CBE7F200FDD2879C1BA808B65A03B02793688FBB1F753333A23A4139766DD3ECD30742E55C25474D068CAB008BA6957CB014E4D46C4BF3084C8343D61231B6B997A8BCEE761D907E4323B92EED55575A38048D686B04F6614B7F931BF1F7D2CF35912E3472F424B11FEBA41F6D569B1A13002A33D5660844A896436AA4D8BC74B6951C75F883D747690B6AD3501B84C6C5B4E29C4153A98C0F2DF38CAFDF00E15CFE8DB0939E5611518DB4547CB2880B5F2D431526082D608384FA3BDD78B75157F25C7A2448249E635C20051C39577AE777C75E7B424CB647B76C9880E905E401DA09DE7A6A5F3E59376B24DCAC613C6EF263741FA15E83B64C78C03016FD34AB608D77100FD8733F130F63A0725B8E7CCD344F5E9A460D2F4F5BE139A6B57A3955A47726A02D6425EF8D1440709517F2DE1D8BB1D054BF69B77E44B4C4427F26EC6303F91CF197298214820264AFACBD355F08E278734BDBF1E116ADF6C1C03ADF5E73212A7073BA1974D157 -20160317204037 2 6 100 8191 5 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F505984F7 -20160317232704 2 6 100 8191 2 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F52635AA3 -20160318065706 2 6 100 8191 2 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F57FAD16B -20160318115527 2 6 100 8191 5 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F5BAEDEAF -20160318183751 2 6 100 8191 5 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F608FC39F -20160318220732 2 6 100 8191 2 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F6315D9EB -20160318231533 2 6 100 8191 5 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F63E5739F -20160319161235 2 6 100 8191 2 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F7037DD73 -20160319230645 2 6 100 8191 2 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F751E7BE3 -20160320013744 2 6 100 8191 5 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F76DF3D47 -20160320040506 2 6 100 8191 5 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F789CABBF -20160321132428 2 6 100 8191 2 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F8FC5A85B -20160321160901 2 6 100 8191 5 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F91961EDF -20160321181311 2 6 100 8191 2 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F92F8EDBB -20160321224946 2 6 100 8191 5 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F9615911F -20160321230806 2 6 100 8191 2 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F963FE5D3 -20160322064427 2 6 100 8191 2 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F9B60592B -20160322090339 2 6 100 8191 2 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F9CE9AD5B -20160322103202 2 6 100 8191 2 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F9DDFC97B -20160322120630 2 6 100 8191 5 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F9EE9F43F -20160322130823 2 6 100 8191 2 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27F9F927B4B -20160322151455 2 6 100 8191 2 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27FA0F6C9EB -20160322151924 2 6 100 8191 2 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27FA0FAAD73 -20160323004347 2 6 100 8191 5 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27FA73E643F -20160323011842 2 6 100 8191 2 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27FA794B363 -20160323041407 2 6 100 8191 5 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27FA98073AF -20160323042341 2 6 100 8191 2 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27FA992813B -20160324042502 2 6 100 8191 5 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27FB9535E6F -20160324084810 2 6 100 8191 2 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27FBC2024D3 -20160324112528 2 6 100 8191 5 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27FBDCE47F7 -20160324195325 2 6 100 8191 5 D8320CDE33443FD11E472910A82D580EF614A690CF5313E998A695702508351835AF6D1DF2FA7AF2F1B234CB85E4174D67D9A32B8CC58DAF6DCFD555275B1D038D5EAAC00E0396BFF8A3686F1BB5DADDEB3C5F12B02358C7A1249A01CB1AA2AB3FAC5FC95CB7D16A38DBCD11804212872394D9A2E2F2797A3062AC5AF0C0C57F5ABEF3608546608EC08F197CE2CCF0490875BE4BCF1BD35358AF5694217F2E3DE713800F3C4071622FDBAD20CAEBE2BA60C80DF012DA576EE24A753749C0BAD8707A2382B6E909FF0B8F4A304EEDB1BF04CA0747166981279FE69248AF0DD177702DA2DC709E301D7D6FE985A7D3F7A1678A9BEF306D6036F143806563C42ADFFD8D70595F0C60BA39F0D392CE7EF7CA57547DB2E35B0464FEC6F59F6095F93BD0A241589CAEE15E2226873D31876900E534999F1D2E23E7239FF679377580065A861D3E29FA7215979BDE039ED1FFED26CC2F5541C5CD907E81434EED0479D8737262CCB2807A70504088F23E72A3D949F37C2C8E957DC2FE64BB9CE028013270F42E022BA671F1670EBD20413453A3CF19F53A1A6BDE5D744E39BBF9377384AAF0FBAF475DD1067A2906244CB87F919159DDC71256A251F1BBA789B18D97602C9C1254A4443849C16E0CE2A7A0B6AA6F117788A92C1CB3F60E2C8E539840E3AF49B9248D3E1CAACB08B43146F07CC53D2573086ED062D108C9AC924F58265CCEF3731D39FE5D4F983EADD0E9F9D8B68D953AA9342B8604AFE7916E544D88870F2ED0AFC2CD0C47DD1E5F361004D97B5108D13CD127DEC8609FA2C65FF1714FD45F3B2B3809BAC06DFCA198B71B3929E2A7B62538E5B1B8B5024D8BB78438883911A6FCA870DB16F8F2DA46D9C611F785428A356B40C07B2B8A72E157E3497DE2982AAAE4D2D9F4368469A7AD4061AEE188DA4317D826721B9F9B1A361FECF0C725E0AB6F17C147D2C62A4D11989DB1503F85763FA3E4A49BAB6BDD05C95199158D421B115F40B124EE448803E07496DE7C2682D4AF433662978CFDCFAC88C9100C46CC16929A10E3082BCAD4444D59FE57717FB4BE8DE45F4D84716D204AC97CBA5A7824765636C571AD6780AAA7510E832EECC54D571A780F90BC6A1B54DE8CC83ECB797A9065CC9807CC99DD7638AFC500D05FD2EDEB795227CAA37EBBC04A37DF07762E0319F27B523282D11DEFD85A1DBA40C87EA1EA4D1B9B2A2FC34F9F5395AE51E3A994FE25C680022E5ABD19D11703C2CB6EEE1780F76FEA8601FAE9E27BC16F832BC16776609DC2B0E3D605E635258A95907A148D583B44E202BA4A48211DA3358B7B391B6F3AD0F84D9D7F97DFFA9D819C3D316A59173E8CA970240349A89E09F0A9B1A4B4C6FFCDD878A977BC9EB254318574C40C49D2DCE56FF803601E1752BE3824F94D0D66C1C5FDADCC9670BFC85C422811D27FC34000DF -20160325054405 2 6 100 8191 5 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD3C9827F7 -20160325073844 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD3DFD683B -20160326035547 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD4D2BE973 -20160326072058 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD4FA14E4B -20160326092507 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD511CC0FB -20160326124028 2 6 100 8191 5 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD537EA3E7 -20160326204702 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD595EF333 -20160327004038 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD5C324F5B -20160327062851 2 6 100 8191 5 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD606E1A47 -20160327081155 2 6 100 8191 5 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD61A5005F -20160327123555 2 6 100 8191 5 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD64D2A70F -20160327223323 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD6BD47A7B -20160328011117 2 6 100 8191 5 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD6DAD19BF -20160328031621 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD6F1E5643 -20160328081352 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD7291B183 -20160328130100 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD75E7418B -20160328200420 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD7AC63CBB -20160328203420 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD7B12C7E3 -20160329051003 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD80FE5033 -20160329150013 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD87A1FCEB -20160329205744 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD8BA2A65B -20160330010039 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD8E545E13 -20160330064620 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD922B39AB -20160330195544 2 6 100 8191 5 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD9AE926F7 -20160330202118 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD9B2841A3 -20160331010824 2 6 100 8191 5 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DD9E522A6F -20160331155606 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DDA80BFF2B -20160401003202 2 6 100 8191 5 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DDADA756E7 -20160401083841 2 6 100 8191 5 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DDB2E0BFC7 -20160401133333 2 6 100 8191 5 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DDB612067F -20160401171656 2 6 100 8191 2 E8E5A3AF93DBD4FB99E4325B3B9308AE7731E7E27B532A2D0AF5306CB249EF6C63C7DFB66FC19B8E84A5672B378D77DD413933ACA7F62EABCD4012865D9336A47AD7E596B21EA5B6A2695C0F6C1C70D92CFF3CA18522B29993AA0A43A6849CEFFF53DF7E33C833B5B0037D8906528C80F98C2FC22F0C43B933795D153ECD05FC0D734F4EC61BBBD611F61CACA7CEC4FEF72A127074ACF73A11B1004A954C48D18E74B534E318069C5CE76C1D9BBB0326432B3C39F26058B6D6077B562CBE0DCA4E5B53F1CF9B80EB4F40DA6DAADF924DD2E7A689321F1558FFB55DA7B91009767791BDA252285D117D45A77FF044F467273CDEA8D4B5AC83DBF16DDB8F5FA4C1556129FFF4213D199DE4E0996BAA284FEC13A86A9F81E7FEAD84B4C59CC6DD641ADDE2E74DEAAD096E53F1F9509BF4A5405BAE67B7A1107E685D6CB934A422673ED632BD91BF84758C9B504DBFF7835E36B038C74400C983452CFEE72FACF76D3AE196BA44DF804657B92D6B646DA47910E53FAE8979C1DA9120C672CD4AAD18A7BDBA2AD397F7B0E01AA7AF4700F9A83EDBA90D25F74C1DCE0520BA9DE24636629D0140BB4BC6C2A703103E5A234BBB9154AEBA22D48F8EBC37368CCC68DC6BA310E2060EC37BCA2BF7DBD68F951BB23D7C018DB2CBC74752F5CED8ECA04EC743A8F4B503831DB09C387F6BD3A7DF1A25BCA452FFB852B134B67CCE4B0141E84B3D796BFDE7BFB2C34760C64200D40728560598B6FB965C0187495318A6EE97E6648F476939AE82F3D9D51761652672CFB3263385219E41D9A26ECFD975AB2005F67B9B6DB6D72ACE42C5079C2E11BEF3B2C0B334E9D4C2EFE518AD4BB8C0A9A995F99B4625D570E283D41EB4542BA37ADCEB772E45F77A72071874CBF8E9C2022DB9FAB62BB8BB11F72416193D10F4A493BDD9FB68A3BADF8130AE380D1987CD5ECCD6D9F5AD2F219D0076964D17F2232E5DAACB832D6E54A0CDAE72302C52604675053C5ED83680DB1D5A2FB9D4885B61E29465FDC016B9CE5DD93582A7221167E77C194C6E7A6D00E98A3E0FBE3987B1C5C1562AE878FC14AC7458003F949665D92F4F01B7A511C9C9126B79E32258AD5BFAB38B91B710AFDD222312DB543EA712C60CF8C8C0C9A7968A9AED867EA11E9718D25EF8A21F18A2F2B3FB28944F8E049705ADC399296AFBA30228CC7AF6D39F49689A16FF5FD64F09A2233970885EB76AEF2650D9A16CA594A3C67F0640095D10FB6E818BDC512F36446FB7277480BA1947D49A8AB5D78965DB16F2E50BFD09910DB0DD99654A32E07C86CF1601D618E7B9D2745C4CFC983E3D48FFE5A08AA471B29DD0E7BBE6DC1DE82FF8988E76835D0E03C177945886DC273C9C91B8B0950E7619490125AFC453772CB66D45D3CEBA3AFA919AE4AEF42D36AF7EDC4C5F030B5720C82FB229E9DDB86F198B +20170623034823 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EAE4E76CB +20170623034906 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EAEB63283 +20170623034928 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EAEE49C27 +20170623034936 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EAEF2BE1B +20170623034957 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EAF22F2D7 +20170623035029 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EAF68D3A7 +20170623035052 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EAF9A9793 +20170623035228 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB085C01B +20170623035326 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB1140217 +20170623035332 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB11ACBD7 +20170623035408 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB16AD187 +20170623035414 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB1737B53 +20170623035442 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB1B1C483 +20170623035454 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB1C8B93B +20170623035510 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB1EAD06B +20170623035525 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB208DA8B +20170623035553 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB2498F17 +20170623035604 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB25D82D3 +20170623035609 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB262420F +20170623035735 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB3376DEF +20170623035801 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB370E193 +20170623035916 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB426D9CF +20170623035935 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB44E559B +20170623035955 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB4777177 +20170623040012 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB4995E77 +20170623040023 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB4ACAF8B +20170623040032 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB4BB1ADB +20170623040120 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB52D4F1F +20170623040131 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB542306B +20170623040202 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB5899CB7 +20170623040216 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB5A317FB +20170623040224 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB5AEBE43 +20170623040246 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB5E190BF +20170623040254 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB5EBE533 +20170623040334 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB649ECAF +20170623040448 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C4B50D13 +20170623040459 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C4C9F477 +20170623040510 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C4DDC50B +20170623040603 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C55E2BE7 +20170623040614 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C5715757 +20170623040626 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C58A0617 +20170623040632 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C5910FF7 +20170623040709 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C5E85ABB +20170623040729 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C61714B7 +20170623040745 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C6362DF7 +20170623040759 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C64F9EEB +20170623040829 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C6949627 +20170623040836 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C69F6763 +20170623040925 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C712B23B +20170623040941 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C7336C6F +20170623041004 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C76418FB +20170623041040 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C7B6A153 +20170623041049 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C7C6F12F +20170623041059 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C7D798EF +20170623041129 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C81D54F3 +20170623041311 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C919987F +20170623041314 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C91A831B +20170623041341 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C95422FF +20170623041350 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C9646B7F +20170623041354 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C9662E87 +20170623041503 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CA105123 +20170623041522 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CA3BE707 +20170623041541 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CA620DAB +20170623041546 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CA66FFC3 +20170623041620 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CAB69493 +20170623041704 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CB1C2B4B +20170623041709 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CB1FD10B +20170623041747 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CB7550DB +20170623041822 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CBC63D2B +20170623041830 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CBD499AB +20170623043901 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5508B03E93 +20170623044452 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5509C5C937 +20170623044600 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5509F436FB +20170623044825 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB550A640733 +20170623045050 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB550AD6755B +20170623045124 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB550AE93B43 +20170623045420 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB550B6F1ED3 +20170623045805 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB550C20298F +20170623045930 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB550C5914BF +20170623050341 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB550D1A1773 +20170623050720 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB550DC219FB +20170623051801 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB550FBDD1AF +20170623052216 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5510842093 +20170623052416 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5510DBFCD7 +20170623052526 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB55110BB843 +20170623052831 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB551196B36B +20170623053119 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB551217A237 +20170623053458 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5512C20307 +20170623053734 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB55133990CB +20170623054412 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5514721AB3 +20170623054517 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB55149F4D0B +20170623055017 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB551583DD9B +20170623055422 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB55163A7903 +20170623055449 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5516475E5F +20170623055516 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5516556F37 +20170623055539 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB55165F8F67 +20170623055716 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5516A5CA13 +20170623055812 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5516C8A4A3 +20170623055846 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5516DBF96B +20170623060438 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5517E20F03 +20170623060534 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB551803F1D7 +20170623060551 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB55180824C7 +20170623060759 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5518622977 +20170623061152 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB55190DD957 +20170623061950 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EBBB813F +20170623062054 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EBE73A63 +20170623062250 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EC3B7BBB +20170623062850 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21ED5538D7 +20170623063051 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EDADBD87 +20170623063106 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EDB14127 +20170623063228 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EDEBD58B +20170623063242 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EDEE14B3 +20170623063301 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EDF542E7 +20170623063538 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EE64F8A3 +20170623063759 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EEC9D597 +20170623064815 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F0A8EB1F +20170623065609 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F21F5CB7 +20170623070150 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F32604CB +20170623070933 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F48C5ED3 +20170623071215 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F5044ECB +20170623071504 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F5815613 +20170623071625 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F5B8F8AB +20170623071723 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F5DE3F7B +20170623071945 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F645009B +20170623072445 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F721A837 +20170623072516 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F731AF17 +20170623073343 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F8B6F58F +20170623073442 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F8DA7A47 +20170623073826 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F983F783 +20170623074239 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FA40B7CF +20170623074307 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FA4F193B +20170623074345 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FA61D323 +20170623074648 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FAEB991B +20170623074919 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FB5876F7 +20170623075011 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FB79557F +20170623075040 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FB88E5F7 +20170623075211 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FBC86DF3 +20170623075233 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FBD19D1B +20170623075313 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FBE8A97F +20170623080026 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FD35417B +20170623082844 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069919E3F0A3 +20170623084111 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906991AE37AEB +20170623091322 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906991D857A5F +20170623095654 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB4799848190699210172E7 +20170623095828 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069921188C6B +20170623095901 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB4799848190699211B667F +20170623100423 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069921818383 +20170623101338 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB4799848190699223C1F3B +20170623101757 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB4799848190699228B3683 +20170623104910 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB4799848190699250221BB +20170623110231 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB4799848190699260AC373 +20170623110814 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906992672C113 +20170623113826 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069928D90D4F +20170623120249 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906992AC1BA3F +20170623121815 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906992BFC1B7B +20170623122456 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906992C7EB0CF +20170623123432 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906992D3D886B +20170623125910 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906992F34AA0B +20170623130350 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906992F8B1CFF +20170623131900 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069930BE28FB +20170623132006 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069930CCBBC3 +20170623134400 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069932B40887 +20170623134659 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069932E77127 +20170623140059 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069934031953 +20170623140936 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069934AC3B0F +20170623142309 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069935BCCF33 +20170623142743 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906993611A26B +20170623150027 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069938A6965B +20170623150107 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069938AB78CB +20170623150738 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB4799848190699392AA267 +20170623152234 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988DA657F33 +20170623152823 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988DAD58DFF +20170623153243 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988DB1F719B +20170623153719 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988DB76316F +20170623154606 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988DC289BA3 +20170623155435 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988DCCFF757 +20170623161905 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988DEC7BD43 +20170623163928 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988E064A38B +20170623164410 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988E0BD160B +20170623172908 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988E467E87B +20170623174045 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988E54CE16F +20170623175902 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988E6CA185F +20170623180229 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988E706D14B +20170623180811 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988E76F7CD3 +20170623180923 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988E77E8123 +20170623182724 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988E8D82A2B +20170623185420 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988EAF9DAE7 +20170623195226 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988EFA2202B +20170623195633 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988EFEED5BF +20170623201051 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F10F59CB +20170623202959 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F2921927 +20170623203734 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F32287EB +20170623204218 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F37F8B03 +20170623204329 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F38F411F +20170623204840 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F3EE7B13 +20170623205709 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F493374B +20170623205814 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F4A24813 +20170623210627 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F53F787B +20170623210958 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F57EC8EB +20170623211248 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F5B1A9D7 +20170623213826 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F7B2A7AF +20170623213924 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F7BDBA73 +20170623214723 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F8513E37 +20170623233949 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D915376BC3 +20170624020214 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D918FF036F +20170624030028 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D91A80668F +20170624033630 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D91B697BC3 +20170624052652 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D91E5556DB +20170624075515 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D922262F73 +20170624103157 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D92638CCD7 +20170624120558 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D92895C273 +20170624130210 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D92A0429E7 +20170624131317 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D92A441063 +20170624132538 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D92A8E794F +20170624133715 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D92AD26E07 +20170624145051 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D92CB7412F +20170624163751 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D92F668E7B +20170624172739 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D930A8FC4B +20170624174055 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D930F6B80B +20170624185924 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D932ED85B7 +20170624220917 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D937BF2B3B +20170624222456 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D9381B839B +20170625033902 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D94007305B +20170625053719 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D942F8C1E7 +20170625062259 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D944178FAB +20170625072908 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D945B1B3DF +20170625075138 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D9463A10C3 +20170625080610 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D94691AE5B +20170625112146 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D94B5B8CDB +20170625113648 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D94BB43777 +20170625131459 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D94E2020A7 +20170625141110 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D94F7F2B87 +20170625144415 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D9504A46D3 +20170625145639 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D9508CDF97 +20170625203254 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D958CDC1DB +20170625215049 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D95AA6BE13 +20170625220255 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D95AE8D4FF +20170626000351 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973A06777EB +20170626010044 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973A1E685DB +20170626011405 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973A237A0AB +20170626020723 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973A39C76DB +20170626021405 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973A3C0D837 +20170626025354 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973A4CB1E73 +20170626025848 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973A4E33427 +20170626034407 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973A60D840F +20170626042648 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973A7271AD3 +20170626063327 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973AA7A8227 +20170626073301 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973AC001F7B +20170626073912 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973AC204247 +20170626083935 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973ADB29CEF +20170626085130 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973ADFA675B +20170626103016 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973B0702723 +20170626110918 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973B1648BFF +20170626113343 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973B1F924B3 +20170626150922 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973B78B107B +20170626162428 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973B972EB6B +20170626171558 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973BAC16547 +20170626231518 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973C3C4E533 +20170627001636 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973C53DC917 +20170627023229 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973C8A24E33 +20170627055348 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973CDB0A037 +20170627085558 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973D234059B +20170627111046 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973D57B1B3B +20170627114331 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973D63E6527 +20170627143549 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973DA76351B +20170627150713 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973DB2FF40B +20170627151417 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973DB566CC3 +20170627162358 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973DD096627 +20170627175138 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973DF2B3477 +20170627180034 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973DF5CD463 +20170627192816 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973E16B337B +20170627194138 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973E1B23A4B +20170627235654 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6CE22848CB +20170628025708 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6CE4C7FC03 +20170628090844 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6CEA316C0F +20170628104935 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6CEB9D111B +20170628114328 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6CEC57837B +20170628155547 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6CEFEB085F +20170628161354 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6CF024A37B +20170629103301 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6CF75BD46F +20170629121023 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6CF8B74F97 +20170630003105 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D0331EC63 +20170630052003 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D04F2C61B +20170630145450 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D0CF7BF93 +20170701010810 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D1578081F +20170701015400 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D161119BF +20170701082405 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D1B5FB48B +20170701092427 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D1C2B0E47 +20170701161137 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D21ABD21B +20170702022204 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D29CF7033 +20170702023811 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D29FB9AAF +20170702062241 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D2CED4213 +20170702082528 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D2E88DA5F +20170702151719 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D33FAA757 +20170702175101 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D360021F3 +20170702200102 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D37A9C6C7 +20170703011731 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D3BCD4977 +20170703155054 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D431F42D3 +20170704184253 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936A2722BB3 +20170704204537 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936A4446CCB +20170705051520 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936ABC7F083 +20170705084652 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936AED1CC73 +20170705094007 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936AF8A26FF +20170705115139 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936B15913CF +20170705123819 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936B1FD105B +20170705150548 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936B411305B +20170705152103 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936B43D87FB +20170705174143 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936B637D557 +20170706120313 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936C5C0BE63 +20170706131942 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936C6CA2F0F +20170706141404 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936C781A68B +20170706153843 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936C8A1C2AB +20170706173242 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936CA322EEF +20170706183451 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936CB02939B +20170706184330 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936CB163C7B +20170706195815 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936CC15613B +20170707002909 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936CFBE39B3 +20170707012259 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936D06F0ADF +20170707064939 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936D4E0A703 +20170707065604 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936D4EE0BAF +20170707120623 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936D9082CA3 +20170707121752 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936D928FC67 +20170707164931 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936DCD75823 +20170707220455 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936E0F28243 +20170707233018 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936E20BF7B3 +20170708014205 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936E3C89587 +20170708023140 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936E469C123 +20170708053646 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936E6DBCAE7 +20170708071735 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936E8297A7F +20170708072409 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936E836D247 +20170708102649 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936EA984FCF +20170708144918 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936EE06AB6B +20170708163647 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936EF6DD803 +20170708181531 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936F0B07D83 +20170708234000 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936F4E4D5BF +20170709023719 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936F727B0C3 +20170709063946 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936FA3DA1B3 +20170709093311 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936FC71EB57 +20170709151341 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D14593700D34957 +20170709162318 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D14593701B3041F +20170709184215 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D1459370374B3A3 +20170709215933 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D14593705ED75E7 +20170710000252 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145937077174C3 +20170710052851 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D1459370B975DE3 +20170710074510 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C8898200FD23 +20170710114649 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C88984F315BB +20170711033842 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C88990A1C3A7 +20170711064933 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C88992F18383 +20170711070835 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C8899321BE1B +20170712081942 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889A5694573 +20170712175235 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889AC1C9503 +20170712184856 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889ACBA643B +20170712224446 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889AF76B1E3 +20170713034208 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889B2F38EEF +20170713034622 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889B2F6567F +20170713071216 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889B55B411B +20170713222010 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889BFD2C803 +20170714013005 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889C1EF6397 +20170714094721 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889C7A27293 +20170714141853 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889CAA42B27 +20170714204505 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889CEF31E77 +20170714205139 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889CEFD860B +20170714214942 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889CF9B7253 +20170714230801 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889D071D153 +20170715054028 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889D4C6B33F +20170715152910 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889DB4248D3 +20170715213011 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889DF38680B +20170716095854 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889E75F9737 +20170716115603 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889E896321F +20170717072754 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889F528B29F +20170718103850 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889FB304F4F +20170718123146 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889FC58729F +20170718203220 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C88A012AA89B +20170718211015 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C88A0186FF33 +20170719070720 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225378FA20B88F +20170719080355 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225378FABF2F5B +20170719081323 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225378FAD37237 +20170719083433 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225378FB0C1BEB +20170719124018 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225378FDE8D93F +20170720083815 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253790C2785C7 +20170720203303 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225379147CF99B +20170721064950 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253791BAF7AFB +20170721151849 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225379217C124F +20170721220636 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225379260D3263 +20170722033935 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA22537929DAE9CB +20170722155118 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225379320A3B27 +20170722181755 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA22537933A7A623 +20170722212038 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225379359D2C63 +20170722230812 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA22537936C5DA37 +20170723005838 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA22537937F9469F +20170723041453 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253793A1DBF1B +20170723051250 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253793AB9FC9B +20170723112206 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253793EBF09F7 +20170723140224 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253794072005B +20170723170945 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225379427689A7 +20170724050156 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253794A23E407 +20170724065019 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253794B47E553 +20170725032628 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225379588A6BE3 +20170725142722 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253795F8CFE9B +20170725192821 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA22537962B35BAB +20170726032919 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA22537967BE1D7F +20170726062511 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA22537969930233 +20170726073958 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253796A4B8B7B +20170726144150 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253796EA9D3DF +20170726150548 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253796EE14A73 diff --git a/moduli.c b/moduli.c index e983b07b74c9..233cba8e881a 100644 --- a/moduli.c +++ b/moduli.c @@ -1,4 +1,4 @@ -/* $OpenBSD: moduli.c,v 1.31 2016/09/12 01:22:38 deraadt Exp $ */ +/* $OpenBSD: moduli.c,v 1.32 2017/12/08 03:45:52 deraadt Exp $ */ /* * Copyright 1994 Phil Karn * Copyright 1996-1998, 2003 William Allen Simpson @@ -412,8 +412,8 @@ gen_candidates(FILE *out, u_int32_t memory, u_int32_t power, BIGNUM *start) time(&time_stop); - logit("%.24s Sieved with %u small primes in %ld seconds", - ctime(&time_stop), largetries, (long) (time_stop - time_start)); + logit("%.24s Sieved with %u small primes in %lld seconds", + ctime(&time_stop), largetries, (long long)(time_stop - time_start)); for (j = r = 0; j < largebits; j++) { if (BIT_TEST(LargeSieve, j)) diff --git a/monitor.c b/monitor.c index f517da482ce5..c68e1b0d912f 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.174 2017/10/02 19:33:20 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.180 2018/03/03 03:15:51 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -116,6 +116,7 @@ extern u_char session_id[]; extern Buffer auth_debug; extern int auth_debug_init; extern Buffer loginmsg; +extern struct sshauthopt *auth_opts; /* XXX move to permanent ssh->authctxt? */ /* State exported from the child */ static struct sshbuf *child_state; @@ -172,6 +173,7 @@ static Authctxt *authctxt; static u_char *key_blob = NULL; static u_int key_bloblen = 0; static int key_blobtype = MM_NOKEY; +static struct sshauthopt *key_opts = NULL; static char *hostbased_cuser = NULL; static char *hostbased_chost = NULL; static char *auth_method = "unknown"; @@ -252,7 +254,6 @@ struct mon_table mon_dispatch_postauth20[] = { struct mon_table *mon_dispatch; /* Specifies if a certain message is allowed at the moment */ - static void monitor_permit(struct mon_table *ent, enum monitor_reqtype type, int permit) { @@ -289,12 +290,15 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) debug3("preauth child monitor started"); - close(pmonitor->m_recvfd); - close(pmonitor->m_log_sendfd); + if (pmonitor->m_recvfd >= 0) + close(pmonitor->m_recvfd); + if (pmonitor->m_log_sendfd >= 0) + close(pmonitor->m_log_sendfd); pmonitor->m_log_sendfd = pmonitor->m_recvfd = -1; authctxt = _authctxt; memset(authctxt, 0, sizeof(*authctxt)); + ssh->authctxt = authctxt; authctxt->loginmsg = &loginmsg; @@ -329,7 +333,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) fatal("%s: unexpected authentication from %d", __func__, ent->type); if (authctxt->pw->pw_uid == 0 && - !auth_root_allowed(auth_method)) + !auth_root_allowed(ssh, auth_method)) authenticated = 0; #ifdef USE_PAM /* PAM needs to perform account checks after auth */ @@ -363,6 +367,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) debug("%s: %s has been authenticated by privileged process", __func__, authctxt->user); + ssh->authctxt = NULL; ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user); mm_get_keystate(pmonitor); @@ -371,8 +376,10 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) while (pmonitor->m_log_recvfd != -1 && monitor_read_log(pmonitor) == 0) ; - close(pmonitor->m_sendfd); - close(pmonitor->m_log_recvfd); + if (pmonitor->m_recvfd >= 0) + close(pmonitor->m_recvfd); + if (pmonitor->m_log_sendfd >= 0) + close(pmonitor->m_log_sendfd); pmonitor->m_sendfd = pmonitor->m_log_recvfd = -1; } @@ -409,7 +416,7 @@ monitor_child_postauth(struct monitor *pmonitor) monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); - if (!no_pty_flag) { + if (auth_opts->permit_pty_flag) { monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); monitor_permit(mon_dispatch, MONITOR_REQ_PTYCLEANUP, 1); } @@ -554,9 +561,11 @@ monitor_reset_key_state(void) free(key_blob); free(hostbased_cuser); free(hostbased_chost); + sshauthopt_free(key_opts); key_blob = NULL; key_bloblen = 0; key_blobtype = MM_NOKEY; + key_opts = NULL; hostbased_cuser = NULL; hostbased_chost = NULL; } @@ -760,12 +769,10 @@ mm_answer_pwnamallow(int sock, Buffer *m) for (i = 0; i < options.nx; i++) \ buffer_put_cstring(m, options.x[i]); \ } while (0) -#define M_CP_STRARRAYOPT_ALLOC(x, nx) M_CP_STRARRAYOPT(x, nx) /* See comment in servconf.h */ COPY_MATCH_STRING_OPTS(); #undef M_CP_STROPT #undef M_CP_STRARRAYOPT -#undef M_CP_STRARRAYOPT_ALLOC /* Create valid auth method lists */ if (auth2_setup_methods_lists(authctxt) != 0) { @@ -826,6 +833,7 @@ mm_answer_authserv(int sock, Buffer *m) int mm_answer_authpassword(int sock, Buffer *m) { + struct ssh *ssh = active_state; /* XXX */ static int call_count; char *passwd; int authenticated; @@ -836,7 +844,7 @@ mm_answer_authpassword(int sock, Buffer *m) passwd = buffer_get_string(m, &plen); /* Only authenticate if the context is valid */ authenticated = options.password_authentication && - auth_password(authctxt, passwd); + auth_password(ssh, passwd); explicit_bzero(passwd, strlen(passwd)); free(passwd); @@ -1127,15 +1135,16 @@ mm_answer_pam_free_ctx(int sock, Buffer *m) int mm_answer_keyallowed(int sock, Buffer *m) { + struct ssh *ssh = active_state; /* XXX */ struct sshkey *key; char *cuser, *chost; u_char *blob; u_int bloblen, pubkey_auth_attempt; enum mm_keytype type = 0; - int allowed = 0; + int r, allowed = 0; + struct sshauthopt *opts = NULL; debug3("%s entering", __func__); - type = buffer_get_int(m); cuser = buffer_get_string(m, NULL); chost = buffer_get_string(m, NULL); @@ -1154,28 +1163,31 @@ mm_answer_keyallowed(int sock, Buffer *m) switch (type) { case MM_USERKEY: - allowed = options.pubkey_authentication && - !auth2_key_already_used(authctxt, key) && - match_pattern_list(sshkey_ssh_name(key), - options.pubkey_key_types, 0) == 1 && - user_key_allowed(authctxt->pw, key, - pubkey_auth_attempt); auth_method = "publickey"; - if (options.pubkey_authentication && - (!pubkey_auth_attempt || allowed != 1)) - auth_clear_options(); + if (!options.pubkey_authentication) + break; + if (auth2_key_already_used(authctxt, key)) + break; + if (match_pattern_list(sshkey_ssh_name(key), + options.pubkey_key_types, 0) != 1) + break; + allowed = user_key_allowed(ssh, authctxt->pw, key, + pubkey_auth_attempt, &opts); break; case MM_HOSTKEY: - allowed = options.hostbased_authentication && - !auth2_key_already_used(authctxt, key) && - match_pattern_list(sshkey_ssh_name(key), - options.hostbased_key_types, 0) == 1 && - hostbased_key_allowed(authctxt->pw, + auth_method = "hostbased"; + if (!options.hostbased_authentication) + break; + if (auth2_key_already_used(authctxt, key)) + break; + if (match_pattern_list(sshkey_ssh_name(key), + options.hostbased_key_types, 0) != 1) + break; + allowed = hostbased_key_allowed(authctxt->pw, cuser, chost, key); auth2_record_info(authctxt, "client user \"%.100s\", client host \"%.100s\"", cuser, chost); - auth_method = "hostbased"; break; default: fatal("%s: unknown key type %d", __func__, type); @@ -1183,7 +1195,10 @@ mm_answer_keyallowed(int sock, Buffer *m) } } - debug3("%s: key is %s", __func__, allowed ? "allowed" : "not allowed"); + debug3("%s: %s authentication%s: %s key is %s", __func__, + auth_method, pubkey_auth_attempt ? "" : " test", + (key == NULL || !authctxt->valid) ? "invalid" : sshkey_type(key), + allowed ? "allowed" : "not allowed"); auth2_record_key(authctxt, 0, key); sshkey_free(key); @@ -1196,6 +1211,7 @@ mm_answer_keyallowed(int sock, Buffer *m) key_blob = blob; key_bloblen = bloblen; key_blobtype = type; + key_opts = opts; hostbased_cuser = cuser; hostbased_chost = chost; } else { @@ -1208,10 +1224,13 @@ mm_answer_keyallowed(int sock, Buffer *m) buffer_clear(m); buffer_put_int(m, allowed); - buffer_put_int(m, forced_command != NULL); - + if (opts != NULL && (r = sshauthopt_serialise(opts, m, 1)) != 0) + fatal("%s: sshauthopt_serialise: %s", __func__, ssh_err(r)); mm_request_send(sock, MONITOR_ANS_KEYALLOWED, m); + if (!allowed) + sshauthopt_free(opts); + return (0); } @@ -1257,18 +1276,13 @@ monitor_valid_userblob(u_char *data, u_int datalen) free(userstyle); free(cp); buffer_skip_string(&b); - if (datafellows & SSH_BUG_PKAUTH) { - if (!buffer_get_char(&b)) - fail++; - } else { - cp = buffer_get_cstring(&b, NULL); - if (strcmp("publickey", cp) != 0) - fail++; - free(cp); - if (!buffer_get_char(&b)) - fail++; - buffer_skip_string(&b); - } + cp = buffer_get_cstring(&b, NULL); + if (strcmp("publickey", cp) != 0) + fail++; + free(cp); + if (!buffer_get_char(&b)) + fail++; + buffer_skip_string(&b); buffer_skip_string(&b); if (buffer_len(&b) != 0) fail++; @@ -1339,20 +1353,29 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser, int mm_answer_keyverify(int sock, struct sshbuf *m) { + struct ssh *ssh = active_state; /* XXX */ struct sshkey *key; u_char *signature, *data, *blob; + char *sigalg; size_t signaturelen, datalen, bloblen; int r, ret, valid_data = 0, encoded_ret; if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 || (r = sshbuf_get_string(m, &signature, &signaturelen)) != 0 || - (r = sshbuf_get_string(m, &data, &datalen)) != 0) + (r = sshbuf_get_string(m, &data, &datalen)) != 0 || + (r = sshbuf_get_cstring(m, &sigalg, NULL)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); if (hostbased_cuser == NULL || hostbased_chost == NULL || !monitor_allowed_key(blob, bloblen)) fatal("%s: bad key, not previously allowed", __func__); + /* Empty signature algorithm means NULL. */ + if (*sigalg == '\0') { + free(sigalg); + sigalg = NULL; + } + /* XXX use sshkey_froms here; need to change key_blob, etc. */ if ((r = sshkey_from_blob(blob, bloblen, &key)) != 0) fatal("%s: bad public key blob: %s", __func__, ssh_err(r)); @@ -1375,7 +1398,7 @@ mm_answer_keyverify(int sock, struct sshbuf *m) fatal("%s: bad signature data blob", __func__); ret = sshkey_verify(key, signature, signaturelen, data, datalen, - active_state->compat); + sigalg, active_state->compat); debug3("%s: %s %p signature %s", __func__, auth_method, key, (ret == 0) ? "verified" : "unverified"); auth2_record_key(authctxt, ret == 0, key); @@ -1383,7 +1406,10 @@ mm_answer_keyverify(int sock, struct sshbuf *m) free(blob); free(signature); free(data); + free(sigalg); + if (key_blobtype == MM_USERKEY) + auth_activate_options(ssh, key_opts); monitor_reset_key_state(); sshkey_free(key); diff --git a/monitor_wrap.c b/monitor_wrap.c index 69212aaf330b..9666bda4ba8a 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.94 2017/10/02 19:33:20 djm Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.99 2018/03/03 03:15:51 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -76,7 +76,6 @@ #include "atomicio.h" #include "monitor_fdpass.h" #include "misc.h" -#include "uuencode.h" #include "channels.h" #include "session.h" @@ -287,19 +286,15 @@ mm_getpwnamallow(const char *username) newopts->x = buffer_get_string(&m, NULL); \ } while (0) #define M_CP_STRARRAYOPT(x, nx) do { \ - for (i = 0; i < newopts->nx; i++) \ - newopts->x[i] = buffer_get_string(&m, NULL); \ - } while (0) -#define M_CP_STRARRAYOPT_ALLOC(x, nx) do { \ newopts->x = newopts->nx == 0 ? \ NULL : xcalloc(newopts->nx, sizeof(*newopts->x)); \ - M_CP_STRARRAYOPT(x, nx); \ + for (i = 0; i < newopts->nx; i++) \ + newopts->x[i] = buffer_get_string(&m, NULL); \ } while (0) /* See comment in servconf.h */ COPY_MATCH_STRING_OPTS(); #undef M_CP_STROPT #undef M_CP_STRARRAYOPT -#undef M_CP_STRARRAYOPT_ALLOC copy_set_server_options(&options, newopts, 1); log_change_level(options.log_level); @@ -356,7 +351,7 @@ mm_inform_authserv(char *service, char *style) /* Do the password authentication */ int -mm_auth_password(Authctxt *authctxt, char *password) +mm_auth_password(struct ssh *ssh, char *password) { Buffer m; int authenticated = 0; @@ -383,34 +378,38 @@ mm_auth_password(Authctxt *authctxt, char *password) } int -mm_user_key_allowed(struct passwd *pw, struct sshkey *key, - int pubkey_auth_attempt) +mm_user_key_allowed(struct ssh *ssh, struct passwd *pw, struct sshkey *key, + int pubkey_auth_attempt, struct sshauthopt **authoptp) { return (mm_key_allowed(MM_USERKEY, NULL, NULL, key, - pubkey_auth_attempt)); + pubkey_auth_attempt, authoptp)); } int mm_hostbased_key_allowed(struct passwd *pw, const char *user, const char *host, struct sshkey *key) { - return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0)); + return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0, NULL)); } int mm_key_allowed(enum mm_keytype type, const char *user, const char *host, - struct sshkey *key, int pubkey_auth_attempt) + struct sshkey *key, int pubkey_auth_attempt, struct sshauthopt **authoptp) { Buffer m; u_char *blob; u_int len; - int allowed = 0, have_forced = 0; + int r, allowed = 0; + struct sshauthopt *opts = NULL; debug3("%s entering", __func__); + if (authoptp != NULL) + *authoptp = NULL; + /* Convert the key to a blob and the pass it over */ if (!key_to_blob(key, &blob, &len)) - return (0); + return 0; buffer_init(&m); buffer_put_int(&m, type); @@ -423,18 +422,24 @@ mm_key_allowed(enum mm_keytype type, const char *user, const char *host, mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYALLOWED, &m); debug3("%s: waiting for MONITOR_ANS_KEYALLOWED", __func__); - mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KEYALLOWED, &m); + mm_request_receive_expect(pmonitor->m_recvfd, + MONITOR_ANS_KEYALLOWED, &m); allowed = buffer_get_int(&m); - - /* fake forced command */ - auth_clear_options(); - have_forced = buffer_get_int(&m); - forced_command = have_forced ? xstrdup("true") : NULL; - + if (allowed && type == MM_USERKEY) { + if ((r = sshauthopt_deserialise(&m, &opts)) != 0) + fatal("%s: sshauthopt_deserialise: %s", + __func__, ssh_err(r)); + } buffer_free(&m); - return (allowed); + if (authoptp != NULL) { + *authoptp = opts; + opts = NULL; + } + sshauthopt_free(opts); + + return allowed; } /* @@ -445,7 +450,7 @@ mm_key_allowed(enum mm_keytype type, const char *user, const char *host, int mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen, - const u_char *data, size_t datalen, u_int compat) + const u_char *data, size_t datalen, const char *sigalg, u_int compat) { Buffer m; u_char *blob; @@ -462,6 +467,7 @@ mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen, buffer_put_string(&m, blob, len); buffer_put_string(&m, sig, siglen); buffer_put_string(&m, data, datalen); + buffer_put_cstring(&m, sigalg == NULL ? "" : sigalg); free(blob); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m); diff --git a/monitor_wrap.h b/monitor_wrap.h index 9e032d204b40..762332704764 100644 --- a/monitor_wrap.h +++ b/monitor_wrap.h @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.h,v 1.35 2017/05/31 08:09:45 markus Exp $ */ +/* $OpenBSD: monitor_wrap.h,v 1.37 2018/03/03 03:15:51 djm Exp $ */ /* * Copyright 2002 Niels Provos @@ -35,6 +35,8 @@ enum mm_keytype { MM_NOKEY, MM_HOSTKEY, MM_USERKEY }; struct monitor; struct Authctxt; +struct sshkey; +struct sshauthopt; void mm_log_handler(LogLevel, const char *, void *); int mm_is_monitor(void); @@ -44,14 +46,15 @@ int mm_key_sign(struct sshkey *, u_char **, u_int *, const u_char *, u_int, void mm_inform_authserv(char *, char *); struct passwd *mm_getpwnamallow(const char *); char *mm_auth2_read_banner(void); -int mm_auth_password(struct Authctxt *, char *); +int mm_auth_password(struct ssh *, char *); int mm_key_allowed(enum mm_keytype, const char *, const char *, struct sshkey *, - int); -int mm_user_key_allowed(struct passwd *, struct sshkey *, int); + int, struct sshauthopt **); +int mm_user_key_allowed(struct ssh *, struct passwd *, struct sshkey *, int, + struct sshauthopt **); int mm_hostbased_key_allowed(struct passwd *, const char *, const char *, struct sshkey *); int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t, - const u_char *, size_t, u_int); + const u_char *, size_t, const char *, u_int); #ifdef GSSAPI OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); diff --git a/opacket.c b/opacket.c index ad244b452634..fca48e5f5193 100644 --- a/opacket.c +++ b/opacket.c @@ -1,3 +1,4 @@ +/* $OpenBSD: opacket.c,v 1.7 2017/10/20 01:56:39 djm Exp $ */ /* Written by Markus Friedl. Placed in the public domain. */ #include "includes.h" diff --git a/opacket.h b/opacket.h index c49d0c04a790..b2c2e7f6a28b 100644 --- a/opacket.h +++ b/opacket.h @@ -1,3 +1,4 @@ +/* $OpenBSD: opacket.h,v 1.12 2017/10/20 01:56:39 djm Exp $ */ #ifndef _OPACKET_H /* Written by Markus Friedl. Placed in the public domain. */ diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in index ac8ae4305d0b..8e3b42991382 100644 --- a/openbsd-compat/Makefile.in +++ b/openbsd-compat/Makefile.in @@ -1,5 +1,3 @@ -# $Id: Makefile.in,v 1.56 2014/09/30 23:43:08 djm Exp $ - sysconfdir=@sysconfdir@ piddir=@piddir@ srcdir=@srcdir@ @@ -16,11 +14,84 @@ RANLIB=@RANLIB@ INSTALL=@INSTALL@ LDFLAGS=-L. @LDFLAGS@ -OPENBSD=base64.o basename.o bcrypt_pbkdf.o bindresvport.o blowfish.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt_long.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o reallocarray.o realpath.o recallocarray.o rresvport.o setenv.o setproctitle.o sha1.o sha2.o rmd160.o md5.o sigact.o strcasestr.o strlcat.o strlcpy.o strmode.o strnlen.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o strtoull.o timingsafe_bcmp.o vis.o blowfish.o bcrypt_pbkdf.o explicit_bzero.o freezero.o +OPENBSD=base64.o \ + basename.o \ + bcrypt_pbkdf.o \ + bcrypt_pbkdf.o \ + bindresvport.o \ + blowfish.o \ + daemon.o \ + dirname.o \ + explicit_bzero.o \ + fmt_scaled.o \ + freezero.o \ + getcwd.o \ + getgrouplist.o \ + getopt_long.o \ + getrrsetbyname.o \ + glob.o \ + inet_aton.o \ + inet_ntoa.o \ + inet_ntop.o \ + md5.o \ + mktemp.o \ + pwcache.o \ + readpassphrase.o \ + reallocarray.o \ + realpath.o \ + recallocarray.o \ + rmd160.o \ + rresvport.o \ + setenv.o \ + setproctitle.o \ + sha1.o \ + sha2.o \ + sigact.o \ + strcasestr.o \ + strlcat.o \ + strlcpy.o \ + strmode.o \ + strndup.o \ + strnlen.o \ + strptime.o \ + strsep.o \ + strtoll.o \ + strtonum.o \ + strtoull.o \ + strtoul.o \ + timingsafe_bcmp.o \ + vis.o -COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-err.o bsd-getpagesize.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-malloc.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xcrypt.o kludge-fd_set.o +COMPAT= arc4random.o \ + bsd-asprintf.o \ + bsd-closefrom.o \ + bsd-cygwin_util.o \ + bsd-err.o \ + bsd-flock.o \ + bsd-getpagesize.o \ + bsd-getpeereid.o \ + bsd-malloc.o \ + bsd-misc.o \ + bsd-nextstep.o \ + bsd-openpty.o \ + bsd-poll.o \ + bsd-setres_id.o \ + bsd-signal.o \ + bsd-snprintf.o \ + bsd-statvfs.o \ + bsd-waitpid.o \ + fake-rfc2553.o \ + getrrsetbyname-ldns.o \ + kludge-fd_set.o \ + openssl-compat.o \ + xcrypt.o -PORTS=port-aix.o port-irix.o port-linux.o port-solaris.o port-tun.o port-uw.o +PORTS= port-aix.o \ + port-irix.o \ + port-linux.o \ + port-solaris.o \ + port-net.o \ + port-uw.o .c.o: $(CC) $(CFLAGS) $(CPPFLAGS) -c $< diff --git a/openbsd-compat/bsd-cray.c b/openbsd-compat/bsd-cray.c deleted file mode 100644 index c02e6326123c..000000000000 --- a/openbsd-compat/bsd-cray.c +++ /dev/null @@ -1,816 +0,0 @@ -/* - * - * bsd-cray.c - * - * Copyright (c) 2002, Cray Inc. (Wendy Palm ) - * Significant portions provided by - * Wayne Schroeder, SDSC - * William Jones, UTexas - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * - * Created: Apr 22 16.34:00 2002 wp - * - * This file contains functions required for proper execution - * on UNICOS systems. - * - */ -#ifdef _UNICOS - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "ssh.h" - -#include "includes.h" -#include "sys/types.h" - -#ifndef HAVE_STRUCT_SOCKADDR_STORAGE -# define _SS_MAXSIZE 128 /* Implementation specific max size */ -# define _SS_PADSIZE (_SS_MAXSIZE - sizeof (struct sockaddr)) - -# define ss_family ss_sa.sa_family -#endif /* !HAVE_STRUCT_SOCKADDR_STORAGE */ - -#ifndef IN6_IS_ADDR_LOOPBACK -# define IN6_IS_ADDR_LOOPBACK(a) \ - (((u_int32_t *) (a))[0] == 0 && ((u_int32_t *) (a))[1] == 0 && \ - ((u_int32_t *) (a))[2] == 0 && ((u_int32_t *) (a))[3] == htonl (1)) -#endif /* !IN6_IS_ADDR_LOOPBACK */ - -#ifndef AF_INET6 -/* Define it to something that should never appear */ -#define AF_INET6 AF_MAX -#endif - -#include "log.h" -#include "servconf.h" -#include "bsd-cray.h" - -#define MAXACID 80 - -extern ServerOptions options; - -char cray_tmpdir[TPATHSIZ + 1]; /* job TMPDIR path */ - -struct sysv sysv; /* system security structure */ -struct usrv usrv; /* user security structure */ - -/* - * Functions. - */ -void cray_retain_utmp(struct utmp *, int); -void cray_delete_tmpdir(char *, int, uid_t); -void cray_init_job(struct passwd *); -void cray_set_tmpdir(struct utmp *); -void cray_login_failure(char *, int); -int cray_setup(uid_t, char *, const char *); -int cray_access_denied(char *); - -void -cray_login_failure(char *username, int errcode) -{ - struct udb *ueptr; /* UDB pointer for username */ - ia_failure_t fsent; /* ia_failure structure */ - ia_failure_ret_t fret; /* ia_failure return stuff */ - struct jtab jtab; /* job table structure */ - int jid = 0; /* job id */ - - if ((jid = getjtab(&jtab)) < 0) - debug("cray_login_failure(): getjtab error"); - - getsysudb(); - if ((ueptr = getudbnam(username)) == UDB_NULL) - debug("cray_login_failure(): getudbname() returned NULL"); - endudb(); - - memset(&fsent, '\0', sizeof(fsent)); - fsent.revision = 0; - fsent.uname = username; - fsent.host = (char *)get_canonical_hostname(options.use_dns); - fsent.ttyn = "sshd"; - fsent.caller = IA_SSHD; - fsent.flags = IA_INTERACTIVE; - fsent.ueptr = ueptr; - fsent.jid = jid; - fsent.errcode = errcode; - fsent.pwdp = NULL; - fsent.exitcode = 0; /* dont exit in ia_failure() */ - - fret.revision = 0; - fret.normal = 0; - - /* - * Call ia_failure because of an login failure. - */ - ia_failure(&fsent, &fret); -} - -/* - * Cray access denied - */ -int -cray_access_denied(char *username) -{ - struct udb *ueptr; /* UDB pointer for username */ - int errcode; /* IA errorcode */ - - errcode = 0; - getsysudb(); - if ((ueptr = getudbnam(username)) == UDB_NULL) - debug("cray_login_failure(): getudbname() returned NULL"); - endudb(); - - if (ueptr != NULL && ueptr->ue_disabled) - errcode = IA_DISABLED; - if (errcode) - cray_login_failure(username, errcode); - - return (errcode); -} - -/* - * record_failed_login: generic "login failed" interface function - */ -void -record_failed_login(const char *user, const char *hostname, const char *ttyname) -{ - cray_login_failure((char *)user, IA_UDBERR); -} - -int -cray_setup (uid_t uid, char *username, const char *command) -{ - extern struct udb *getudb(); - extern char *setlimits(); - - int err; /* error return */ - time_t system_time; /* current system clock */ - time_t expiration_time; /* password expiration time */ - int maxattempts; /* maximum no. of failed login attempts */ - int SecureSys; /* unicos security flag */ - int minslevel = 0; /* system minimum security level */ - int i, j; - int valid_acct = -1; /* flag for reading valid acct */ - char acct_name[MAXACID] = { "" }; /* used to read acct name */ - struct jtab jtab; /* Job table struct */ - struct udb ue; /* udb entry for logging-in user */ - struct udb *up; /* pointer to UDB entry */ - struct secstat secinfo; /* file security attributes */ - struct servprov init_info; /* used for sesscntl() call */ - int jid; /* job ID */ - int pid; /* process ID */ - char *sr; /* status return from setlimits() */ - char *ttyn = NULL; /* ttyname or command name*/ - char hostname[MAXHOSTNAMELEN]; - /* passwd stuff for ia_user */ - passwd_t pwdacm, pwddialup, pwdudb, pwdwal, pwddce; - ia_user_ret_t uret; /* stuff returned from ia_user */ - ia_user_t usent; /* ia_user main structure */ - int ia_rcode; /* ia_user return code */ - ia_failure_t fsent; /* ia_failure structure */ - ia_failure_ret_t fret; /* ia_failure return stuff */ - ia_success_t ssent; /* ia_success structure */ - ia_success_ret_t sret; /* ia_success return stuff */ - int ia_mlsrcode; /* ia_mlsuser return code */ - int secstatrc; /* [f]secstat return code */ - - if (SecureSys = (int)sysconf(_SC_CRAY_SECURE_SYS)) { - getsysv(&sysv, sizeof(struct sysv)); - minslevel = sysv.sy_minlvl; - if (getusrv(&usrv) < 0) - fatal("getusrv() failed, errno = %d", errno); - } - hostname[0] = '\0'; - strlcpy(hostname, - (char *)get_canonical_hostname(options.use_dns), - MAXHOSTNAMELEN); - /* - * Fetch user's UDB entry. - */ - getsysudb(); - if ((up = getudbnam(username)) == UDB_NULL) - fatal("cannot fetch user's UDB entry"); - - /* - * Prevent any possible fudging so perform a data - * safety check and compare the supplied uid against - * the udb's uid. - */ - if (up->ue_uid != uid) - fatal("IA uid missmatch"); - endudb(); - - if ((jid = getjtab(&jtab)) < 0) { - debug("getjtab"); - return(-1); - } - pid = getpid(); - ttyn = ttyname(0); - if (SecureSys) { - if (ttyn != NULL) - secstatrc = secstat(ttyn, &secinfo); - else - secstatrc = fsecstat(1, &secinfo); - - if (secstatrc == 0) - debug("[f]secstat() successful"); - else - fatal("[f]secstat() error, rc = %d", secstatrc); - } - if ((ttyn == NULL) && ((char *)command != NULL)) - ttyn = (char *)command; - /* - * Initialize all structures to call ia_user - */ - usent.revision = 0; - usent.uname = username; - usent.host = hostname; - usent.ttyn = ttyn; - usent.caller = IA_SSHD; - usent.pswdlist = &pwdacm; - usent.ueptr = &ue; - usent.flags = IA_INTERACTIVE | IA_FFLAG; - pwdacm.atype = IA_SECURID; - pwdacm.pwdp = NULL; - pwdacm.next = &pwdudb; - - pwdudb.atype = IA_UDB; - pwdudb.pwdp = NULL; - pwdudb.next = &pwddce; - - pwddce.atype = IA_DCE; - pwddce.pwdp = NULL; - pwddce.next = &pwddialup; - - pwddialup.atype = IA_DIALUP; - pwddialup.pwdp = NULL; - /* pwddialup.next = &pwdwal; */ - pwddialup.next = NULL; - - pwdwal.atype = IA_WAL; - pwdwal.pwdp = NULL; - pwdwal.next = NULL; - - uret.revision = 0; - uret.pswd = NULL; - uret.normal = 0; - - ia_rcode = ia_user(&usent, &uret); - switch (ia_rcode) { - /* - * These are acceptable return codes from ia_user() - */ - case IA_UDBWEEK: /* Password Expires in 1 week */ - expiration_time = ue.ue_pwage.time + ue.ue_pwage.maxage; - printf ("WARNING - your current password will expire %s\n", - ctime((const time_t *)&expiration_time)); - break; - case IA_UDBEXPIRED: - if (ttyname(0) != NULL) { - /* Force a password change */ - printf("Your password has expired; Choose a new one.\n"); - execl("/bin/passwd", "passwd", username, 0); - exit(9); - } - break; - case IA_NORMAL: /* Normal Return Code */ - break; - case IA_BACKDOOR: - /* XXX: can we memset it to zero here so save some of this */ - strlcpy(ue.ue_name, "root", sizeof(ue.ue_name)); - strlcpy(ue.ue_dir, "/", sizeof(ue.ue_dir)); - strlcpy(ue.ue_shell, "/bin/sh", sizeof(ue.ue_shell)); - - ue.ue_passwd[0] = '\0'; - ue.ue_age[0] = '\0'; - ue.ue_comment[0] = '\0'; - ue.ue_loghost[0] = '\0'; - ue.ue_logline[0] = '\0'; - - ue.ue_uid = -1; - ue.ue_nice[UDBRC_INTER] = 0; - - for (i = 0; i < MAXVIDS; i++) - ue.ue_gids[i] = 0; - - ue.ue_logfails = 0; - ue.ue_minlvl = ue.ue_maxlvl = ue.ue_deflvl = minslevel; - ue.ue_defcomps = 0; - ue.ue_comparts = 0; - ue.ue_permits = 0; - ue.ue_trap = 0; - ue.ue_disabled = 0; - ue.ue_logtime = 0; - break; - case IA_CONSOLE: /* Superuser not from Console */ - case IA_TRUSTED: /* Trusted user */ - if (options.permit_root_login > PERMIT_NO) - break; /* Accept root login */ - default: - /* - * These are failed return codes from ia_user() - */ - switch (ia_rcode) - { - case IA_BADAUTH: - printf("Bad authorization, access denied.\n"); - break; - case IA_DISABLED: - printf("Your login has been disabled. Contact the system "); - printf("administrator for assistance.\n"); - break; - case IA_GETSYSV: - printf("getsysv() failed - errno = %d\n", errno); - break; - case IA_MAXLOGS: - printf("Maximum number of failed login attempts exceeded.\n"); - printf("Access denied.\n"); - break; - case IA_UDBPWDNULL: - if (SecureSys) - printf("NULL Password not allowed on MLS systems.\n"); - break; - default: - break; - } - - /* - * Authentication failed. - */ - printf("sshd: Login incorrect, (0%o)\n", - ia_rcode-IA_ERRORCODE); - - /* - * Initialize structure for ia_failure - * which will exit. - */ - fsent.revision = 0; - fsent.uname = username; - fsent.host = hostname; - fsent.ttyn = ttyn; - fsent.caller = IA_SSHD; - fsent.flags = IA_INTERACTIVE; - fsent.ueptr = &ue; - fsent.jid = jid; - fsent.errcode = ia_rcode; - fsent.pwdp = uret.pswd; - fsent.exitcode = 1; - - fret.revision = 0; - fret.normal = 0; - - /* - * Call ia_failure because of an IA failure. - * There is no return because ia_failure exits. - */ - ia_failure(&fsent, &fret); - - exit(1); - } - - ia_mlsrcode = IA_NORMAL; - if (SecureSys) { - debug("calling ia_mlsuser()"); - ia_mlsrcode = ia_mlsuser(&ue, &secinfo, &usrv, NULL, 0); - } - if (ia_mlsrcode != IA_NORMAL) { - printf("sshd: Login incorrect, (0%o)\n", - ia_mlsrcode-IA_ERRORCODE); - /* - * Initialize structure for ia_failure - * which will exit. - */ - fsent.revision = 0; - fsent.uname = username; - fsent.host = hostname; - fsent.ttyn = ttyn; - fsent.caller = IA_SSHD; - fsent.flags = IA_INTERACTIVE; - fsent.ueptr = &ue; - fsent.jid = jid; - fsent.errcode = ia_mlsrcode; - fsent.pwdp = uret.pswd; - fsent.exitcode = 1; - fret.revision = 0; - fret.normal = 0; - - /* - * Call ia_failure because of an IA failure. - * There is no return because ia_failure exits. - */ - ia_failure(&fsent,&fret); - exit(1); - } - - /* Provide login status information */ - if (options.print_lastlog && ue.ue_logtime != 0) { - printf("Last successful login was : %.*s ", 19, - (char *)ctime(&ue.ue_logtime)); - - if (*ue.ue_loghost != '\0') { - printf("from %.*s\n", sizeof(ue.ue_loghost), - ue.ue_loghost); - } else { - printf("on %.*s\n", sizeof(ue.ue_logline), - ue.ue_logline); - } - - if (SecureSys && (ue.ue_logfails != 0)) { - printf(" followed by %d failed attempts\n", - ue.ue_logfails); - } - } - - /* - * Call ia_success to process successful I/A. - */ - ssent.revision = 0; - ssent.uname = username; - ssent.host = hostname; - ssent.ttyn = ttyn; - ssent.caller = IA_SSHD; - ssent.flags = IA_INTERACTIVE; - ssent.ueptr = &ue; - ssent.jid = jid; - ssent.errcode = ia_rcode; - ssent.us = NULL; - ssent.time = 1; /* Set ue_logtime */ - - sret.revision = 0; - sret.normal = 0; - - ia_success(&ssent, &sret); - - /* - * Query for account, iff > 1 valid acid & askacid permbit - */ - if (((ue.ue_permbits & PERMBITS_ACCTID) || - (ue.ue_acids[0] >= 0) && (ue.ue_acids[1] >= 0)) && - ue.ue_permbits & PERMBITS_ASKACID) { - if (ttyname(0) != NULL) { - debug("cray_setup: ttyname true case, %.100s", ttyname); - while (valid_acct == -1) { - printf("Account (? for available accounts)" - " [%s]: ", acid2nam(ue.ue_acids[0])); - fgets(acct_name, MAXACID, stdin); - switch (acct_name[0]) { - case EOF: - exit(0); - break; - case '\0': - valid_acct = ue.ue_acids[0]; - strlcpy(acct_name, acid2nam(valid_acct), MAXACID); - break; - case '?': - /* Print the list 3 wide */ - for (i = 0, j = 0; i < MAXVIDS; i++) { - if (ue.ue_acids[i] == -1) { - printf("\n"); - break; - } - if (++j == 4) { - j = 1; - printf("\n"); - } - printf(" %s", - acid2nam(ue.ue_acids[i])); - } - if (ue.ue_permbits & PERMBITS_ACCTID) { - printf("\"acctid\" permbit also allows" - " you to select any valid " - "account name.\n"); - } - printf("\n"); - break; - default: - valid_acct = nam2acid(acct_name); - if (valid_acct == -1) - printf( - "Account id not found for" - " account name \"%s\"\n\n", - acct_name); - break; - } - /* - * If an account was given, search the user's - * acids array to verify they can use this account. - */ - if ((valid_acct != -1) && - !(ue.ue_permbits & PERMBITS_ACCTID)) { - for (i = 0; i < MAXVIDS; i++) { - if (ue.ue_acids[i] == -1) - break; - if (valid_acct == ue.ue_acids[i]) - break; - } - if (i == MAXVIDS || - ue.ue_acids[i] == -1) { - fprintf(stderr, "Cannot set" - " account name to " - "\"%s\", permission " - "denied\n\n", acct_name); - valid_acct = -1; - } - } - } - } else { - /* - * The client isn't connected to a terminal and can't - * respond to an acid prompt. Use default acid. - */ - debug("cray_setup: ttyname false case, %.100s", - ttyname); - valid_acct = ue.ue_acids[0]; - } - } else { - /* - * The user doesn't have the askacid permbit set or - * only has one valid account to use. - */ - valid_acct = ue.ue_acids[0]; - } - if (acctid(0, valid_acct) < 0) { - printf ("Bad account id: %d\n", valid_acct); - exit(1); - } - - /* - * Now set shares, quotas, limits, including CPU time for the - * (interactive) job and process, and set up permissions - * (for chown etc), etc. - */ - if (setshares(ue.ue_uid, valid_acct, printf, 0, 0)) { - printf("Unable to give %d shares to <%s>(%d/%d)\n", - ue.ue_shares, ue.ue_name, ue.ue_uid, valid_acct); - exit(1); - } - - sr = setlimits(username, C_PROC, pid, UDBRC_INTER); - if (sr != NULL) { - debug("%.200s", sr); - exit(1); - } - sr = setlimits(username, C_JOB, jid, UDBRC_INTER); - if (sr != NULL) { - debug("%.200s", sr); - exit(1); - } - /* - * Place the service provider information into - * the session table (Unicos) or job table (Unicos/mk). - * There exist double defines for the job/session table in - * unicos/mk (jtab.h) so no need for a compile time switch. - */ - memset(&init_info, '\0', sizeof(init_info)); - init_info.s_sessinit.si_id = URM_SPT_LOGIN; - init_info.s_sessinit.si_pid = getpid(); - init_info.s_sessinit.si_sid = jid; - sesscntl(0, S_SETSERVPO, (int)&init_info); - - /* - * Set user and controlling tty security attributes. - */ - if (SecureSys) { - if (setusrv(&usrv) == -1) { - debug("setusrv() failed, errno = %d",errno); - exit(1); - } - } - - return (0); -} - -/* - * The rc.* and /etc/sdaemon methods of starting a program on unicos/unicosmk - * can have pal privileges that sshd can inherit which - * could allow a user to su to root with out a password. - * This subroutine clears all privileges. - */ -void -drop_cray_privs() -{ -#if defined(_SC_CRAY_PRIV_SU) - priv_proc_t *privstate; - int result; - extern int priv_set_proc(); - extern priv_proc_t *priv_init_proc(); - - /* - * If ether of theses two flags are not set - * then don't allow this version of ssh to run. - */ - if (!sysconf(_SC_CRAY_PRIV_SU)) - fatal("Not PRIV_SU system."); - if (!sysconf(_SC_CRAY_POSIX_PRIV)) - fatal("Not POSIX_PRIV."); - - debug("Setting MLS labels.");; - - if (sysconf(_SC_CRAY_SECURE_MAC)) { - usrv.sv_minlvl = SYSLOW; - usrv.sv_actlvl = SYSHIGH; - usrv.sv_maxlvl = SYSHIGH; - } else { - usrv.sv_minlvl = sysv.sy_minlvl; - usrv.sv_actlvl = sysv.sy_minlvl; - usrv.sv_maxlvl = sysv.sy_maxlvl; - } - usrv.sv_actcmp = 0; - usrv.sv_valcmp = sysv.sy_valcmp; - - usrv.sv_intcat = TFM_SYSTEM; - usrv.sv_valcat |= (TFM_SYSTEM | TFM_SYSFILE); - - if (setusrv(&usrv) < 0) { - fatal("%s(%d): setusrv(): %s", __FILE__, __LINE__, - strerror(errno)); - } - - if ((privstate = priv_init_proc()) != NULL) { - result = priv_set_proc(privstate); - if (result != 0 ) { - fatal("%s(%d): priv_set_proc(): %s", - __FILE__, __LINE__, strerror(errno)); - } - priv_free_proc(privstate); - } - debug ("Privileges should be cleared..."); -#else - /* XXX: do this differently */ -# error Cray systems must be run with _SC_CRAY_PRIV_SU on! -#endif -} - - -/* - * Retain utmp/wtmp information - used by cray accounting. - */ -void -cray_retain_utmp(struct utmp *ut, int pid) -{ - int fd; - struct utmp utmp; - - if ((fd = open(UTMP_FILE, O_RDONLY)) != -1) { - /* XXX use atomicio */ - while (read(fd, (char *)&utmp, sizeof(utmp)) == sizeof(utmp)) { - if (pid == utmp.ut_pid) { - ut->ut_jid = utmp.ut_jid; - strncpy(ut->ut_tpath, utmp.ut_tpath, sizeof(utmp.ut_tpath)); - strncpy(ut->ut_host, utmp.ut_host, sizeof(utmp.ut_host)); - strncpy(ut->ut_name, utmp.ut_name, sizeof(utmp.ut_name)); - break; - } - } - close(fd); - } else - fatal("Unable to open utmp file"); -} - -/* - * tmpdir support. - */ - -/* - * find and delete jobs tmpdir. - */ -void -cray_delete_tmpdir(char *login, int jid, uid_t uid) -{ - static char jtmp[TPATHSIZ]; - struct stat statbuf; - int child, c, wstat; - - for (c = 'a'; c <= 'z'; c++) { - snprintf(jtmp, TPATHSIZ, "%s/jtmp.%06d%c", JTMPDIR, jid, c); - if (stat(jtmp, &statbuf) == 0 && statbuf.st_uid == uid) - break; - } - - if (c > 'z') - return; - - if ((child = fork()) == 0) { - execl(CLEANTMPCMD, CLEANTMPCMD, login, jtmp, (char *)NULL); - fatal("cray_delete_tmpdir: execl of CLEANTMPCMD failed"); - } - - while (waitpid(child, &wstat, 0) == -1 && errno == EINTR) - ; -} - -/* - * Remove tmpdir on job termination. - */ -void -cray_job_termination_handler(int sig) -{ - int jid; - char *login = NULL; - struct jtab jtab; - - if ((jid = waitjob(&jtab)) == -1 || - (login = uid2nam(jtab.j_uid)) == NULL) - return; - - cray_delete_tmpdir(login, jid, jtab.j_uid); -} - -/* - * Set job id and create tmpdir directory. - */ -void -cray_init_job(struct passwd *pw) -{ - int jid; - int c; - - jid = setjob(pw->pw_uid, WJSIGNAL); - if (jid < 0) - fatal("System call setjob failure"); - - for (c = 'a'; c <= 'z'; c++) { - snprintf(cray_tmpdir, TPATHSIZ, "%s/jtmp.%06d%c", JTMPDIR, jid, c); - if (mkdir(cray_tmpdir, JTMPMODE) != 0) - continue; - if (chown(cray_tmpdir, pw->pw_uid, pw->pw_gid) != 0) { - rmdir(cray_tmpdir); - continue; - } - break; - } - - if (c > 'z') - cray_tmpdir[0] = '\0'; -} - -void -cray_set_tmpdir(struct utmp *ut) -{ - int jid; - struct jtab jbuf; - - if ((jid = getjtab(&jbuf)) < 0) - return; - - /* - * Set jid and tmpdir in utmp record. - */ - ut->ut_jid = jid; - strncpy(ut->ut_tpath, cray_tmpdir, TPATHSIZ); -} -#endif /* UNICOS */ - -#ifdef _UNICOSMP -#include -/* - * Set job id and create tmpdir directory. - */ -void -cray_init_job(struct passwd *pw) -{ - initrm_silent(pw->pw_uid); - return; -} -#endif /* _UNICOSMP */ diff --git a/openbsd-compat/bsd-cray.h b/openbsd-compat/bsd-cray.h deleted file mode 100644 index ca626a021c1a..000000000000 --- a/openbsd-compat/bsd-cray.h +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright (c) 2002, Cray Inc. (Wendy Palm ) - * Significant portions provided by - * Wayne Schroeder, SDSC - * William Jones, UTexas - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * - * Created: Apr 22 16.34:00 2002 wp - * - * This file contains functions required for proper execution - * on UNICOS systems. - * - */ - -#ifndef _BSD_CRAY_H -#define _BSD_CRAY_H - -#ifdef _UNICOS - -void cray_init_job(struct passwd *); -void cray_job_termination_handler(int); -void cray_login_failure(char *, int ); -int cray_access_denied(char *); -extern char cray_tmpdir[]; - -#define CUSTOM_FAILED_LOGIN 1 - -#ifndef IA_SSHD -# define IA_SSHD IA_LOGIN -#endif -#ifndef MAXHOSTNAMELEN -# define MAXHOSTNAMELEN 64 -#endif -#ifndef _CRAYT3E -# define TIOCGPGRP (tIOC|20) -#endif - -#endif /* UNICOS */ - -#endif /* _BSD_CRAY_H */ diff --git a/openbsd-compat/bsd-flock.c b/openbsd-compat/bsd-flock.c new file mode 100644 index 000000000000..9b15d1eaf49e --- /dev/null +++ b/openbsd-compat/bsd-flock.c @@ -0,0 +1,81 @@ +/* $NetBSD: flock.c,v 1.6 2008/04/28 20:24:12 martin Exp $ */ + +/*- + * Copyright (c) 2001 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Todd Vierling. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * Emulate flock() with fcntl(), where available. + * Otherwise, don't do locking; just pretend success. + */ + +#include "includes.h" + +#ifndef HAVE_FLOCK +#include +#include + +int +flock(int fd, int op) +{ + int rc = 0; + +#if defined(F_SETLK) && defined(F_SETLKW) + struct flock fl = {0}; + + switch (op & (LOCK_EX|LOCK_SH|LOCK_UN)) { + case LOCK_EX: + fl.l_type = F_WRLCK; + break; + + case LOCK_SH: + fl.l_type = F_RDLCK; + break; + + case LOCK_UN: + fl.l_type = F_UNLCK; + break; + + default: + errno = EINVAL; + return -1; + } + + fl.l_whence = SEEK_SET; + rc = fcntl(fd, op & LOCK_NB ? F_SETLK : F_SETLKW, &fl); + + if (rc && (errno == EAGAIN)) + errno = EWOULDBLOCK; +#else + rc = -1; + errno = ENOSYS; +#endif + + return rc; +} +#endif diff --git a/openbsd-compat/bsd-getpagesize.c b/openbsd-compat/bsd-getpagesize.c index 9daddfbd3865..416a8d4cb72f 100644 --- a/openbsd-compat/bsd-getpagesize.c +++ b/openbsd-compat/bsd-getpagesize.c @@ -1,5 +1,7 @@ /* Placed in the public domain */ +#include "includes.h" + #ifndef HAVE_GETPAGESIZE #include diff --git a/openbsd-compat/bsd-malloc.c b/openbsd-compat/bsd-malloc.c index 6402ab588b09..482facdc9a34 100644 --- a/openbsd-compat/bsd-malloc.c +++ b/openbsd-compat/bsd-malloc.c @@ -50,6 +50,8 @@ rpl_realloc(void *ptr, size_t size) { if (size == 0) size = 1; + if (ptr == 0) + return malloc(size); return realloc(ptr, size); } #endif diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c index 29f6ad38c5a1..3daf610711a3 100644 --- a/openbsd-compat/bsd-misc.c +++ b/openbsd-compat/bsd-misc.c @@ -104,16 +104,6 @@ const char *strerror(int e) } #endif -#if !defined(HAVE_STRSIGNAL) -char *strsignal(int sig) -{ - static char buf[16]; - - (void)snprintf(buf, sizeof(buf), "%d", sig); - return buf; -} -#endif - #ifndef HAVE_UTIMES int utimes(char *filename, struct timeval *tvp) { @@ -221,33 +211,6 @@ tcsendbreak(int fd, int duration) } #endif /* HAVE_TCSENDBREAK */ -mysig_t -mysignal(int sig, mysig_t act) -{ -#ifdef HAVE_SIGACTION - struct sigaction sa, osa; - - if (sigaction(sig, NULL, &osa) == -1) - return (mysig_t) -1; - if (osa.sa_handler != act) { - memset(&sa, 0, sizeof(sa)); - sigemptyset(&sa.sa_mask); - sa.sa_flags = 0; -#ifdef SA_INTERRUPT - if (sig == SIGALRM) - sa.sa_flags |= SA_INTERRUPT; -#endif - sa.sa_handler = act; - if (sigaction(sig, &sa, NULL) == -1) - return (mysig_t) -1; - } - return (osa.sa_handler); -#else - #undef signal - return (signal(sig, act)); -#endif -} - #ifndef HAVE_STRDUP char * strdup(const char *str) @@ -275,7 +238,7 @@ isblank(int c) pid_t getpgid(pid_t pid) { -#if defined(HAVE_GETPGRP) && !defined(GETPGRP_VOID) +#if defined(HAVE_GETPGRP) && !defined(GETPGRP_VOID) && GETPGRP_VOID == 0 return getpgrp(pid); #elif defined(HAVE_GETPGRP) if (pid == 0) @@ -319,3 +282,45 @@ llabs(long long j) return (j < 0 ? -j : j); } #endif + +#ifndef HAVE_BZERO +void +bzero(void *b, size_t n) +{ + (void)memset(b, 0, n); +} +#endif + +#ifndef HAVE_RAISE +int +raise(int sig) +{ + kill(getpid(), sig); +} +#endif + +#ifndef HAVE_GETSID +pid_t +getsid(pid_t pid) +{ + errno = ENOSYS; + return -1; +} +#endif + +#ifdef FFLUSH_NULL_BUG +#undef fflush +int _ssh_compat_fflush(FILE *f) +{ + int r1, r2, r3; + + if (f == NULL) { + r2 = fflush(stdout); + r3 = fflush(stderr); + if (r1 == -1 || r2 == -1 || r3 == -1) + return -1; + return 0; + } + return fflush(f); +} +#endif diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h index 0b1a3504f2cc..52ec528538b5 100644 --- a/openbsd-compat/bsd-misc.h +++ b/openbsd-compat/bsd-misc.h @@ -49,10 +49,6 @@ int setegid(uid_t); const char *strerror(int); #endif -#if !defined(HAVE_STRSIGNAL) -char *strsignal(int); -#endif - #if !defined(HAVE_SETLINEBUF) #define setlinebuf(a) (setvbuf((a), NULL, _IOLBF, 0)) #endif @@ -98,12 +94,6 @@ int tcsendbreak(int, int); int unsetenv(const char *); #endif -/* wrapper for signal interface */ -typedef void (*mysig_t)(int); -mysig_t mysignal(int sig, mysig_t act); - -#define signal(a,b) mysignal(a,b) - #ifndef HAVE_ISBLANK int isblank(int); #endif @@ -143,4 +133,28 @@ void warn(const char *, ...) __attribute__((format(printf, 1, 2))); long long llabs(long long); #endif +#if defined(HAVE_DECL_BZERO) && HAVE_DECL_BZERO == 0 +void bzero(void *, size_t); +#endif + +#ifndef HAVE_RAISE +int raise(int); +#endif + +#ifndef HAVE_GETSID +pid_t getsid(pid_t); +#endif + +#ifndef HAVE_FLOCK +# define LOCK_SH 0x01 +# define LOCK_EX 0x02 +# define LOCK_NB 0x04 +# define LOCK_UN 0x08 +int flock(int, int); +#endif + +#ifdef FFLUSH_NULL_BUG +# define fflush(x) (_ssh_compat_fflush(x)) +#endif + #endif /* _BSD_MISC_H */ diff --git a/openbsd-compat/bsd-openpty.c b/openbsd-compat/bsd-openpty.c index b28235860e7a..e8ad542f8d55 100644 --- a/openbsd-compat/bsd-openpty.c +++ b/openbsd-compat/bsd-openpty.c @@ -147,31 +147,6 @@ openpty(int *amaster, int *aslave, char *name, struct termios *termp, } return (0); -#elif defined(_UNICOS) - char ptbuf[64], ttbuf[64]; - int i; - int highpty; - - highpty = 128; -#ifdef _SC_CRAY_NPTY - if ((highpty = sysconf(_SC_CRAY_NPTY)) == -1) - highpty = 128; -#endif /* _SC_CRAY_NPTY */ - - for (i = 0; i < highpty; i++) { - snprintf(ptbuf, sizeof(ptbuf), "/dev/pty/%03d", i); - snprintf(ttbuf, sizeof(ttbuf), "/dev/ttyp%03d", i); - if ((*amaster = open(ptbuf, O_RDWR|O_NOCTTY)) == -1) - continue; - /* Open the slave side. */ - if ((*aslave = open(ttbuf, O_RDWR|O_NOCTTY)) == -1) { - close(*amaster); - return (-1); - } - return (0); - } - return (-1); - #else /* BSD-style pty code. */ char ptbuf[64], ttbuf[64]; diff --git a/openbsd-compat/bsd-signal.c b/openbsd-compat/bsd-signal.c new file mode 100644 index 000000000000..979010e84b5f --- /dev/null +++ b/openbsd-compat/bsd-signal.c @@ -0,0 +1,62 @@ +/* + * Copyright (c) 1999-2004 Damien Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include "includes.h" + +#include +#include +#include + +#include "openbsd-compat/bsd-signal.h" + +#undef signal + +mysig_t +mysignal(int sig, mysig_t act) +{ +#ifdef HAVE_SIGACTION + struct sigaction sa, osa; + + if (sigaction(sig, NULL, &osa) == -1) + return (mysig_t) -1; + if (osa.sa_handler != act) { + memset(&sa, 0, sizeof(sa)); + sigemptyset(&sa.sa_mask); + sa.sa_flags = 0; +#ifdef SA_INTERRUPT + if (sig == SIGALRM) + sa.sa_flags |= SA_INTERRUPT; +#endif + sa.sa_handler = act; + if (sigaction(sig, &sa, NULL) == -1) + return (mysig_t) -1; + } + return (osa.sa_handler); +#else + return (signal(sig, act)); +#endif +} + +#if !defined(HAVE_STRSIGNAL) +char *strsignal(int sig) +{ + static char buf[16]; + + (void)snprintf(buf, sizeof(buf), "%d", sig); + return buf; +} +#endif + diff --git a/openbsd-compat/bsd-signal.h b/openbsd-compat/bsd-signal.h new file mode 100644 index 000000000000..4cb8cb7a0b92 --- /dev/null +++ b/openbsd-compat/bsd-signal.h @@ -0,0 +1,39 @@ +/* + * Copyright (c) 1999-2004 Damien Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef _BSD_SIGNAL_H +#define _BSD_SIGNAL_H + +#include "includes.h" + +#ifndef _NSIG +# ifdef NSIG +# define _NSIG NSIG +# else +# define _NSIG 128 +# endif +#endif + +/* wrapper for signal interface */ +typedef void (*mysig_t)(int); +mysig_t mysignal(int sig, mysig_t act); +#define signal(a,b) mysignal(a,b) + +#if !defined(HAVE_STRSIGNAL) +char *strsignal(int); +#endif + +#endif /* _BSD_SIGNAL_H */ diff --git a/openbsd-compat/bsd-statvfs.c b/openbsd-compat/bsd-statvfs.c index 458dbe89c16c..e3bd87d985a3 100644 --- a/openbsd-compat/bsd-statvfs.c +++ b/openbsd-compat/bsd-statvfs.c @@ -25,6 +25,10 @@ #include +#ifndef MNAMELEN +# define MNAMELEN 32 +#endif + static void copy_statfs_to_statvfs(struct statvfs *to, struct statfs *from) { @@ -37,7 +41,11 @@ copy_statfs_to_statvfs(struct statvfs *to, struct statfs *from) to->f_ffree = from->f_ffree; to->f_favail = from->f_ffree; /* no exact equivalent */ to->f_fsid = 0; /* XXX fix me */ +#ifdef HAVE_STRUCT_STATFS_F_FLAGS to->f_flag = from->f_flags; +#else + to->f_flag = 0; +#endif to->f_namemax = MNAMELEN; } diff --git a/openbsd-compat/bsd-statvfs.h b/openbsd-compat/bsd-statvfs.h index 815ec03b280d..e2a4c15f7039 100644 --- a/openbsd-compat/bsd-statvfs.h +++ b/openbsd-compat/bsd-statvfs.h @@ -26,6 +26,9 @@ #ifdef HAVE_SYS_STATFS_H #include #endif +#ifdef HAVE_SYS_VFS_H +#include +#endif #ifndef HAVE_FSBLKCNT_T typedef unsigned long fsblkcnt_t; diff --git a/openbsd-compat/freezero.c b/openbsd-compat/freezero.c index 3af8f4a733e9..90b9d3813566 100644 --- a/openbsd-compat/freezero.c +++ b/openbsd-compat/freezero.c @@ -16,11 +16,15 @@ #include "includes.h" +#include + #ifndef HAVE_FREEZERO void freezero(void *ptr, size_t sz) { + if (ptr == NULL) + return; explicit_bzero(ptr, sz); free(ptr); } diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h index cac799e8446f..b48fb9342d19 100644 --- a/openbsd-compat/openbsd-compat.h +++ b/openbsd-compat/openbsd-compat.h @@ -170,15 +170,24 @@ int BSDgetopt(int argc, char * const *argv, const char *opts); #include "openbsd-compat/getopt.h" #endif -#if defined(HAVE_DECL_WRITEV) && HAVE_DECL_WRITEV == 0 +#if ((defined(HAVE_DECL_READV) && HAVE_DECL_READV == 0) || \ + (defined(HAVE_DECL_WRITEV) && HAVE_DECL_WRITEV == 0)) # include # include + +# if defined(HAVE_DECL_READV) && HAVE_DECL_READV == 0 +int readv(int, struct iovec *, int); +# endif + +# if defined(HAVE_DECL_WRITEV) && HAVE_DECL_WRITEV == 0 int writev(int, struct iovec *, int); +# endif #endif /* Home grown routines */ #include "bsd-misc.h" #include "bsd-setres_id.h" +#include "bsd-signal.h" #include "bsd-statvfs.h" #include "bsd-waitpid.h" #include "bsd-poll.h" @@ -315,14 +324,13 @@ char *shadow_pw(struct passwd *pw); #include "fake-rfc2553.h" /* Routines for a single OS platform */ -#include "bsd-cray.h" #include "bsd-cygwin_util.h" #include "port-aix.h" #include "port-irix.h" #include "port-linux.h" #include "port-solaris.h" -#include "port-tun.h" +#include "port-net.h" #include "port-uw.h" /* _FORTIFY_SOURCE breaks FD_ISSET(n)/FD_SET(n) for n > FD_SETSIZE. Avoid. */ diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index c2970c4db8c7..79c868966996 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c @@ -32,6 +32,7 @@ #include "hostfile.h" #include "auth.h" #include "ssh.h" +#include "ssh_api.h" #include "log.h" #ifdef _AIX @@ -171,8 +172,9 @@ aix_valid_authentications(const char *user) * returns 0. */ int -sys_auth_passwd(Authctxt *ctxt, const char *password) +sys_auth_passwd(struct ssh *ssh, const char *password) { + Authctxt *ctxt = ssh->authctxt; char *authmsg = NULL, *msg = NULL, *name = ctxt->pw->pw_name; int authsuccess = 0, expired, reenter, result; diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c index e4c5d1b7c089..8c5325cc3ed5 100644 --- a/openbsd-compat/port-linux.c +++ b/openbsd-compat/port-linux.c @@ -33,7 +33,6 @@ #ifdef WITH_SELINUX #include -#include #include #ifndef SSH_SELINUX_UNCONFINED_TYPE @@ -139,6 +138,7 @@ ssh_selinux_setup_pty(char *pwname, const char *tty) security_context_t new_tty_ctx = NULL; security_context_t user_ctx = NULL; security_context_t old_tty_ctx = NULL; + security_class_t chrclass; if (!ssh_selinux_enabled()) return; @@ -153,9 +153,12 @@ ssh_selinux_setup_pty(char *pwname, const char *tty) error("%s: getfilecon: %s", __func__, strerror(errno)); goto out; } - + if ((chrclass = string_to_security_class("chr_file")) == 0) { + error("%s: couldn't get security class for chr_file", __func__); + goto out; + } if (security_compute_relabel(user_ctx, old_tty_ctx, - SECCLASS_CHR_FILE, &new_tty_ctx) != 0) { + chrclass, &new_tty_ctx) != 0) { error("%s: security_compute_relabel: %s", __func__, strerror(errno)); goto out; diff --git a/openbsd-compat/port-tun.c b/openbsd-compat/port-net.c similarity index 77% rename from openbsd-compat/port-tun.c rename to openbsd-compat/port-net.c index 7579c6084a1f..7050629c31f7 100644 --- a/openbsd-compat/port-tun.c +++ b/openbsd-compat/port-net.c @@ -36,6 +36,90 @@ #include "channels.h" #include "ssherr.h" +/* + * This file contains various portability code for network support, + * including tun/tap forwarding and routing domains. + */ + +#if defined(SYS_RDOMAIN_LINUX) || defined(SSH_TUN_LINUX) +#include +#endif + +#if defined(SYS_RDOMAIN_LINUX) +char * +sys_get_rdomain(int fd) +{ + char dev[IFNAMSIZ + 1]; + socklen_t len = sizeof(dev) - 1; + + if (getsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, dev, &len) == -1) { + error("%s: cannot determine VRF for fd=%d : %s", + __func__, fd, strerror(errno)); + return NULL; + } + dev[len] = '\0'; + return strdup(dev); +} + +int +sys_set_rdomain(int fd, const char *name) +{ + if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, + name, strlen(name)) == -1) { + error("%s: setsockopt(%d, SO_BINDTODEVICE, %s): %s", + __func__, fd, name, strerror(errno)); + return -1; + } + return 0; +} + +int +sys_valid_rdomain(const char *name) +{ + int fd; + + /* + * This is a pretty crappy way to test. It would be better to + * check whether "name" represents a VRF device, but apparently + * that requires an rtnetlink transaction. + */ + if ((fd = socket(AF_INET, SOCK_STREAM, 0)) == -1) + return 0; + if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, + name, strlen(name)) == -1) { + close(fd); + return 0; + } + close(fd); + return 1; +} +#elif defined(SYS_RDOMAIN_XXX) +/* XXX examples */ +char * +sys_get_rdomain(int fd) +{ + return NULL; +} + +int +sys_set_rdomain(int fd, const char *name) +{ + return -1; +} + +int +valid_rdomain(const char *name) +{ + return 0; +} + +void +sys_set_process_rdomain(const char *name) +{ + fatal("%s: not supported", __func__); +} +#endif /* defined(SYS_RDOMAIN_XXX) */ + /* * This is the portable version of the SSH tunnel forwarding, it * uses some preprocessor definitions for various platform-specific @@ -52,16 +136,18 @@ */ #if defined(SSH_TUN_LINUX) -#include #include int -sys_tun_open(int tun, int mode) +sys_tun_open(int tun, int mode, char **ifname) { struct ifreq ifr; int fd = -1; const char *name = NULL; + if (ifname != NULL) + *ifname = NULL; + if ((fd = open("/dev/net/tun", O_RDWR)) == -1) { debug("%s: failed to open tunnel control interface: %s", __func__, strerror(errno)); @@ -99,6 +185,9 @@ sys_tun_open(int tun, int mode) else debug("%s: %s mode %d fd %d", __func__, ifr.ifr_name, mode, fd); + if (ifname != NULL && (*ifname = strdup(ifr.ifr_name))) + goto failed; + return (fd); failed: @@ -116,13 +205,16 @@ sys_tun_open(int tun, int mode) #endif int -sys_tun_open(int tun, int mode) +sys_tun_open(int tun, int mode, char **ifname) { struct ifreq ifr; char name[100]; int fd = -1, sock, flag; const char *tunbase = "tun"; + if (ifname != NULL) + *ifname = NULL; + if (mode == SSH_TUNMODE_ETHERNET) { #ifdef SSH_TUN_NO_L2 debug("%s: no layer 2 tunnelling support", __func__); @@ -180,6 +272,9 @@ sys_tun_open(int tun, int mode) goto failed; } + if (ifname != NULL && (*ifname = strdup(ifr.ifr_name))) + goto failed; + close(sock); return (fd); diff --git a/openbsd-compat/port-tun.h b/openbsd-compat/port-net.h similarity index 74% rename from openbsd-compat/port-tun.h rename to openbsd-compat/port-net.h index 103514370fd3..3a0d1104bf6d 100644 --- a/openbsd-compat/port-tun.h +++ b/openbsd-compat/port-net.h @@ -22,7 +22,7 @@ struct ssh; #if defined(SSH_TUN_LINUX) || defined(SSH_TUN_FREEBSD) # define CUSTOM_SYS_TUN_OPEN -int sys_tun_open(int, int); +int sys_tun_open(int, int, char **); #endif #if defined(SSH_TUN_COMPAT_AF) || defined(SSH_TUN_PREPEND_AF) @@ -31,4 +31,18 @@ int sys_tun_infilter(struct ssh *, struct Channel *, char *, int); u_char *sys_tun_outfilter(struct ssh *, struct Channel *, u_char **, size_t *); #endif +#if defined(SYS_RDOMAIN_LINUX) +# define HAVE_SYS_GET_RDOMAIN +# define HAVE_SYS_SET_RDOMAIN +# define HAVE_SYS_VALID_RDOMAIN +char *sys_get_rdomain(int fd); +int sys_set_rdomain(int fd, const char *name); +int sys_valid_rdomain(const char *name); +#endif + +#if defined(SYS_RDOMAIN_XXX) +# define HAVE_SYS_SET_PROCESS_RDOMAIN +void sys_set_process_rdomain(const char *name); +#endif + #endif diff --git a/openbsd-compat/port-uw.c b/openbsd-compat/port-uw.c index db24dbb94414..014cac264b15 100644 --- a/openbsd-compat/port-uw.c +++ b/openbsd-compat/port-uw.c @@ -47,12 +47,14 @@ #include "hostfile.h" #include "auth.h" #include "ssh.h" +#include "ssh_api.h" int nischeck(char *); int -sys_auth_passwd(Authctxt *authctxt, const char *password) +sys_auth_passwd(struct ssh *ssh, const char *password) { + Authctxt *authctxt = ssh->authctxt; struct passwd *pw = authctxt->pw; char *salt; int result; diff --git a/openbsd-compat/readpassphrase.c b/openbsd-compat/readpassphrase.c index 24aed6e46778..ff8ff3dec77f 100644 --- a/openbsd-compat/readpassphrase.c +++ b/openbsd-compat/readpassphrase.c @@ -46,14 +46,6 @@ # define _POSIX_VDISABLE VDISABLE #endif -#ifndef _NSIG -# ifdef NSIG -# define _NSIG NSIG -# else -# define _NSIG 128 -# endif -#endif - static volatile sig_atomic_t signo[_NSIG]; static void handler(int); diff --git a/openbsd-compat/regress/Makefile.in b/openbsd-compat/regress/Makefile.in index dabdb091211d..529331be5c26 100644 --- a/openbsd-compat/regress/Makefile.in +++ b/openbsd-compat/regress/Makefile.in @@ -1,5 +1,3 @@ -# $Id: Makefile.in,v 1.5 2014/06/17 13:06:08 dtucker Exp $ - sysconfdir=@sysconfdir@ piddir=@piddir@ srcdir=@srcdir@ diff --git a/openbsd-compat/strndup.c b/openbsd-compat/strndup.c new file mode 100644 index 000000000000..ebb4eccfb819 --- /dev/null +++ b/openbsd-compat/strndup.c @@ -0,0 +1,43 @@ +/* $OpenBSD: strndup.c,v 1.2 2015/08/31 02:53:57 guenther Exp $ */ + +/* + * Copyright (c) 2010 Todd C. Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include "config.h" +#if !defined(HAVE_STRNDUP) || defined(BROKEN_STRNDUP) +#include + +#include +#include +#include + +char * +strndup(const char *str, size_t maxlen) +{ + char *copy; + size_t len; + + len = strnlen(str, maxlen); + copy = malloc(len + 1); + if (copy != NULL) { + (void)memcpy(copy, str, len); + copy[len] = '\0'; + } + + return copy; +} +DEF_WEAK(strndup); +#endif /* HAVE_STRNDUP */ diff --git a/openbsd-compat/strnlen.c b/openbsd-compat/strnlen.c index 93d515595c97..8cc6b96b59ce 100644 --- a/openbsd-compat/strnlen.c +++ b/openbsd-compat/strnlen.c @@ -19,7 +19,7 @@ /* OPENBSD ORIGINAL: lib/libc/string/strnlen.c */ #include "config.h" -#ifndef HAVE_STRNLEN +#if !defined(HAVE_STRNLEN) || defined(BROKEN_STRNLEN) #include #include diff --git a/opensshd.init.in b/opensshd.init.in index 3908566b793b..99e5a51ab8b7 100755 --- a/opensshd.init.in +++ b/opensshd.init.in @@ -17,7 +17,6 @@ PIDFILE=$piddir/sshd.pid PidFile=`grep "^PidFile" ${sysconfdir}/sshd_config | tr "=" " " | awk '{print $2}'` [ X$PidFile = X ] || PIDFILE=$PidFile SSH_KEYGEN=$prefix/bin/ssh-keygen -HOST_KEY_RSA1=$sysconfdir/ssh_host_key HOST_KEY_DSA=$sysconfdir/ssh_host_dsa_key HOST_KEY_RSA=$sysconfdir/ssh_host_rsa_key @COMMENT_OUT_ECC@HOST_KEY_ECDSA=$sysconfdir/ssh_host_ecdsa_key @@ -25,9 +24,6 @@ HOST_KEY_ED25519=$sysconfdir/ssh_host_ed25519_key checkkeys() { -@COMMENT_OUT_RSA1@ if [ ! -f $HOST_KEY_RSA1 ]; then -@COMMENT_OUT_RSA1@ ${SSH_KEYGEN} -t rsa1 -f ${HOST_KEY_RSA1} -N "" -@COMMENT_OUT_RSA1@ fi if [ ! -f $HOST_KEY_DSA ]; then ${SSH_KEYGEN} -t dsa -f ${HOST_KEY_DSA} -N "" fi diff --git a/packet.c b/packet.c index f114ea52c648..4bfb507261a3 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.264 2017/09/12 06:32:07 djm Exp $ */ +/* $OpenBSD: packet.c,v 1.269 2017/12/18 23:13:42 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -557,6 +557,18 @@ ssh_local_port(struct ssh *ssh) return ssh->local_port; } +/* Returns the routing domain of the input socket, or NULL if unavailable */ +const char * +ssh_packet_rdomain_in(struct ssh *ssh) +{ + if (ssh->rdomain_in != NULL) + return ssh->rdomain_in; + if (!ssh_packet_connection_is_on_socket(ssh)) + return NULL; + ssh->rdomain_in = get_rdomain(ssh->state->connection_in); + return ssh->rdomain_in; +} + /* Closes the connection and clears and frees internal data structures. */ static void @@ -1320,7 +1332,7 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) for (;;) { if (state->packet_timeout_ms != -1) { ms_to_timeval(&timeout, ms_remain); - gettimeofday(&start, NULL); + monotime_tv(&start); } if ((r = select(state->connection_in + 1, setp, NULL, NULL, timeoutp)) >= 0) @@ -1774,6 +1786,8 @@ ssh_packet_send_debug(struct ssh *ssh, const char *fmt,...) vsnprintf(buf, sizeof(buf), fmt, args); va_end(args); + debug3("sending debug message: %s", buf); + if ((r = sshpkt_start(ssh, SSH2_MSG_DEBUG)) != 0 || (r = sshpkt_put_u8(ssh, 0)) != 0 || /* always display */ (r = sshpkt_put_cstring(ssh, buf)) != 0 || @@ -1783,8 +1797,8 @@ ssh_packet_send_debug(struct ssh *ssh, const char *fmt,...) fatal("%s: %s", __func__, ssh_err(r)); } -static void -fmt_connection_id(struct ssh *ssh, char *s, size_t l) +void +sshpkt_fmt_connection_id(struct ssh *ssh, char *s, size_t l) { snprintf(s, l, "%.200s%s%s port %d", ssh->log_preamble ? ssh->log_preamble : "", @@ -1800,7 +1814,7 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r) { char remote_id[512]; - fmt_connection_id(ssh, remote_id, sizeof(remote_id)); + sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id)); switch (r) { case SSH_ERR_CONN_CLOSED: @@ -1862,7 +1876,7 @@ ssh_packet_disconnect(struct ssh *ssh, const char *fmt,...) * Format the message. Note that the caller must make sure the * message is of limited size. */ - fmt_connection_id(ssh, remote_id, sizeof(remote_id)); + sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id)); va_start(args, fmt); vsnprintf(buf, sizeof(buf), fmt, args); va_end(args); @@ -1945,7 +1959,7 @@ ssh_packet_write_wait(struct ssh *ssh) for (;;) { if (state->packet_timeout_ms != -1) { ms_to_timeval(&timeout, ms_remain); - gettimeofday(&start, NULL); + monotime_tv(&start); } if ((ret = select(state->connection_out + 1, NULL, setp, NULL, timeoutp)) >= 0) @@ -2159,7 +2173,9 @@ kex_to_blob(struct sshbuf *m, struct kex *kex) if ((r = sshbuf_put_string(m, kex->session_id, kex->session_id_len)) != 0 || (r = sshbuf_put_u32(m, kex->we_need)) != 0 || + (r = sshbuf_put_cstring(m, kex->hostkey_alg)) != 0 || (r = sshbuf_put_u32(m, kex->hostkey_type)) != 0 || + (r = sshbuf_put_u32(m, kex->hostkey_nid)) != 0 || (r = sshbuf_put_u32(m, kex->kex_type)) != 0 || (r = sshbuf_put_stringb(m, kex->my)) != 0 || (r = sshbuf_put_stringb(m, kex->peer)) != 0 || @@ -2323,7 +2339,9 @@ kex_from_blob(struct sshbuf *m, struct kex **kexp) } if ((r = sshbuf_get_string(m, &kex->session_id, &kex->session_id_len)) != 0 || (r = sshbuf_get_u32(m, &kex->we_need)) != 0 || + (r = sshbuf_get_cstring(m, &kex->hostkey_alg, NULL)) != 0 || (r = sshbuf_get_u32(m, (u_int *)&kex->hostkey_type)) != 0 || + (r = sshbuf_get_u32(m, (u_int *)&kex->hostkey_nid)) != 0 || (r = sshbuf_get_u32(m, &kex->kex_type)) != 0 || (r = sshbuf_get_stringb(m, kex->my)) != 0 || (r = sshbuf_get_stringb(m, kex->peer)) != 0 || diff --git a/packet.h b/packet.h index 40837e9dbceb..a2ece67863a8 100644 --- a/packet.h +++ b/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.82 2017/09/12 06:32:07 djm Exp $ */ +/* $OpenBSD: packet.h,v 1.84 2017/12/10 05:55:29 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -61,6 +61,7 @@ struct ssh { int remote_port; char *local_ipaddr; int local_port; + char *rdomain_in; /* Optional preamble for log messages (e.g. username) */ char *log_preamble; @@ -162,6 +163,7 @@ const char *ssh_remote_ipaddr(struct ssh *); int ssh_remote_port(struct ssh *); const char *ssh_local_ipaddr(struct ssh *); int ssh_local_port(struct ssh *); +const char *ssh_packet_rdomain_in(struct ssh *); void ssh_packet_set_rekey_limits(struct ssh *, u_int64_t, u_int32_t); time_t ssh_packet_get_rekey_timeout(struct ssh *); @@ -200,6 +202,7 @@ int sshpkt_get_cstring(struct ssh *ssh, char **valp, size_t *lenp); int sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g); int sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v); int sshpkt_get_end(struct ssh *ssh); +void sshpkt_fmt_connection_id(struct ssh *ssh, char *s, size_t l); const u_char *sshpkt_ptr(struct ssh *, size_t *lenp); /* OLD API */ diff --git a/pathnames.h b/pathnames.h index 1c221b01b47f..cb44caa4d384 100644 --- a/pathnames.h +++ b/pathnames.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pathnames.h,v 1.27 2017/05/05 10:42:49 naddy Exp $ */ +/* $OpenBSD: pathnames.h,v 1.28 2018/02/23 15:58:37 markus Exp $ */ /* * Author: Tatu Ylonen @@ -39,6 +39,7 @@ #define _PATH_HOST_DSA_KEY_FILE SSHDIR "/ssh_host_dsa_key" #define _PATH_HOST_ECDSA_KEY_FILE SSHDIR "/ssh_host_ecdsa_key" #define _PATH_HOST_ED25519_KEY_FILE SSHDIR "/ssh_host_ed25519_key" +#define _PATH_HOST_XMSS_KEY_FILE SSHDIR "/ssh_host_xmss_key" #define _PATH_HOST_RSA_KEY_FILE SSHDIR "/ssh_host_rsa_key" #define _PATH_DH_MODULI SSHDIR "/moduli" @@ -75,6 +76,7 @@ #define _PATH_SSH_CLIENT_ID_ECDSA _PATH_SSH_USER_DIR "/id_ecdsa" #define _PATH_SSH_CLIENT_ID_RSA _PATH_SSH_USER_DIR "/id_rsa" #define _PATH_SSH_CLIENT_ID_ED25519 _PATH_SSH_USER_DIR "/id_ed25519" +#define _PATH_SSH_CLIENT_ID_XMSS _PATH_SSH_USER_DIR "/id_xmss" /* * Configuration file in user's home directory. This file need not be diff --git a/readconf.c b/readconf.c index f63894f9ca15..88051db5789b 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.279 2017/09/21 19:16:53 markus Exp $ */ +/* $OpenBSD: readconf.c,v 1.283 2018/02/23 15:58:37 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -156,7 +156,7 @@ typedef enum { oPubkeyAuthentication, oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, - oHostKeyAlgorithms, oBindAddress, oPKCS11Provider, + oHostKeyAlgorithms, oBindAddress, oBindInterface, oPKCS11Provider, oClearAllForwardings, oNoHostAuthenticationForLocalhost, oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, oAddressFamily, oGssAuthentication, oGssDelegateCreds, @@ -266,6 +266,7 @@ static struct { { "preferredauthentications", oPreferredAuthentications }, { "hostkeyalgorithms", oHostKeyAlgorithms }, { "bindaddress", oBindAddress }, + { "bindinterface", oBindInterface }, { "clearallforwardings", oClearAllForwardings }, { "enablesshkeysign", oEnableSSHKeysign }, { "verifyhostkeydns", oVerifyHostKeyDNS }, @@ -683,34 +684,6 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw, return result; } -/* Check and prepare a domain name: removes trailing '.' and lowercases */ -static void -valid_domain(char *name, const char *filename, int linenum) -{ - size_t i, l = strlen(name); - u_char c, last = '\0'; - - if (l == 0) - fatal("%s line %d: empty hostname suffix", filename, linenum); - if (!isalpha((u_char)name[0]) && !isdigit((u_char)name[0])) - fatal("%s line %d: hostname suffix \"%.100s\" " - "starts with invalid character", filename, linenum, name); - for (i = 0; i < l; i++) { - c = tolower((u_char)name[i]); - name[i] = (char)c; - if (last == '.' && c == '.') - fatal("%s line %d: hostname suffix \"%.100s\" contains " - "consecutive separators", filename, linenum, name); - if (c != '.' && c != '-' && !isalnum(c) && - c != '_') /* technically invalid, but common */ - fatal("%s line %d: hostname suffix \"%.100s\" contains " - "invalid characters", filename, linenum, name); - last = c; - } - if (name[l - 1] == '.') - name[l - 1] = '\0'; -} - /* * Returns the number of the token pointed to by cp or oBadOption. */ @@ -845,6 +818,7 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host, const struct multistate *multistate_ptr; struct allowed_cname *cname; glob_t gl; + const char *errstr; if (activep == NULL) { /* We are processing a command line directive */ cmdline = 1; @@ -1126,6 +1100,10 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host, charptr = &options->bind_address; goto parse_string; + case oBindInterface: + charptr = &options->bind_interface; + goto parse_string; + case oPKCS11Provider: charptr = &options->pkcs11_provider; goto parse_string; @@ -1159,15 +1137,9 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host, intptr = &options->port; parse_int: arg = strdelim(&s); - if (!arg || *arg == '\0') - fatal("%.200s line %d: Missing argument.", filename, linenum); - if (arg[0] < '0' || arg[0] > '9') - fatal("%.200s line %d: Bad number.", filename, linenum); - - /* Octal, decimal, or hex format? */ - value = strtol(arg, &endofnumber, 0); - if (arg == endofnumber) - fatal("%.200s line %d: Bad number.", filename, linenum); + if ((errstr = atoi_err(arg, &value)) != NULL) + fatal("%s line %d: integer value %s.", + filename, linenum, errstr); if (*activep && *intptr == -1) *intptr = value; break; @@ -1562,7 +1534,10 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host, case oCanonicalDomains: value = options->num_canonical_domains != 0; while ((arg = strdelim(&s)) != NULL && *arg != '\0') { - valid_domain(arg, filename, linenum); + if (!valid_domain(arg, 1, &errstr)) { + fatal("%s line %d: %s", filename, linenum, + errstr); + } if (!*activep || value) continue; if (options->num_canonical_domains >= MAX_CANON_DOMAINS) @@ -1830,6 +1805,7 @@ initialize_options(Options * options) options->log_level = SYSLOG_LEVEL_NOT_SET; options->preferred_authentications = NULL; options->bind_address = NULL; + options->bind_interface = NULL; options->pkcs11_provider = NULL; options->enable_ssh_keysign = - 1; options->no_host_authentication_for_localhost = - 1; @@ -1967,6 +1943,7 @@ fill_default_options(Options * options) #endif add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ED25519, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_XMSS, 0); } if (options->escape_char == -1) options->escape_char = '~'; @@ -2294,11 +2271,13 @@ parse_jump(const char *s, Options *o, int active) if (first) { /* First argument and configuration is active */ - if (parse_user_host_port(cp, &user, &host, &port) != 0) + if (parse_ssh_uri(cp, &user, &host, &port) == -1 || + parse_user_host_port(cp, &user, &host, &port) != 0) goto out; } else { /* Subsequent argument or inactive configuration */ - if (parse_user_host_port(cp, NULL, NULL, NULL) != 0) + if (parse_ssh_uri(cp, NULL, NULL, NULL) == -1 || + parse_user_host_port(cp, NULL, NULL, NULL) != 0) goto out; } first = 0; /* only check syntax for subsequent hosts */ @@ -2323,6 +2302,18 @@ parse_jump(const char *s, Options *o, int active) return ret; } +int +parse_ssh_uri(const char *uri, char **userp, char **hostp, int *portp) +{ + char *path; + int r; + + r = parse_uri("ssh", uri, userp, hostp, portp, &path); + if (r == 0 && path != NULL) + r = -1; /* path not allowed */ + return r; +} + /* XXX the following is a near-vebatim copy from servconf.c; refactor */ static const char * fmt_multistate_int(int val, const struct multistate *m) @@ -2525,6 +2516,7 @@ dump_client_config(Options *o, const char *host) /* String options */ dump_cfg_string(oBindAddress, o->bind_address); + dump_cfg_string(oBindInterface, o->bind_interface); dump_cfg_string(oCiphers, o->ciphers ? o->ciphers : KEX_CLIENT_ENCRYPT); dump_cfg_string(oControlPath, o->control_path); dump_cfg_string(oHostKeyAlgorithms, o->hostkeyalgorithms); diff --git a/readconf.h b/readconf.h index 22fe5c1873c3..f4d9e2b26576 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.123 2017/09/03 23:33:13 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.125 2018/02/23 02:34:33 djm Exp $ */ /* * Author: Tatu Ylonen @@ -81,6 +81,7 @@ typedef struct { char *user_hostfiles[SSH_MAX_HOSTS_FILES]; char *preferred_authentications; char *bind_address; /* local socket address for connection to sshd */ + char *bind_interface; /* local interface for bind address */ char *pkcs11_provider; /* PKCS#11 provider */ int verify_host_key_dns; /* Verify host key using DNS */ @@ -204,6 +205,7 @@ int read_config_file(const char *, struct passwd *, const char *, const char *, Options *, int); int parse_forward(struct Forward *, const char *, int, int); int parse_jump(const char *, Options *, int); +int parse_ssh_uri(const char *, char **, char **, int *); int default_ssh_port(void); int option_clear_or_none(const char *); void dump_client_config(Options *o, const char *host); diff --git a/regress/Makefile b/regress/Makefile index 7d50f9cfa437..d15898ad0ba1 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.95 2017/06/24 06:35:24 djm Exp $ +# $OpenBSD: Makefile,v 1.96 2017/10/24 19:33:32 millert Exp $ REGRESS_TARGETS= unit t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t-exec tests: prep $(REGRESS_TARGETS) @@ -19,6 +19,7 @@ distclean: clean LTESTS= connect \ proxy-connect \ connect-privsep \ + connect-uri \ proto-version \ proto-mismatch \ exit-status \ @@ -42,6 +43,7 @@ LTESTS= connect \ keygen-moduli \ key-options \ scp \ + scp-uri \ sftp \ sftp-chroot \ sftp-cmds \ @@ -49,6 +51,7 @@ LTESTS= connect \ sftp-batch \ sftp-glob \ sftp-perm \ + sftp-uri \ reconfigure \ dynamic-forward \ forwarding \ diff --git a/regress/README.regress b/regress/README.regress index 9b99bdacb6cf..867855017894 100644 --- a/regress/README.regress +++ b/regress/README.regress @@ -100,5 +100,3 @@ Known Issues. - Recent GNU coreutils deprecate "head -[n]": this will cause the yes-head test to fail. The old behaviour can be restored by setting (and exporting) _POSIX2_VERSION=199209 before running the tests. - -$Id: README.regress,v 1.12 2011/05/05 03:48:42 djm Exp $ diff --git a/regress/agent-getpeereid.sh b/regress/agent-getpeereid.sh index 037a5091493a..769c29e8da47 100644 --- a/regress/agent-getpeereid.sh +++ b/regress/agent-getpeereid.sh @@ -1,4 +1,4 @@ -# $OpenBSD: agent-getpeereid.sh,v 1.9 2017/09/13 14:58:26 bluhm Exp $ +# $OpenBSD: agent-getpeereid.sh,v 1.10 2018/02/09 03:40:22 dtucker Exp $ # Placed in the Public Domain. tid="disallow agent attach from other uid" @@ -18,6 +18,7 @@ case "x$SUDO" in xdoas) ;; x) echo "need SUDO to switch to uid $UNPRIV" + echo SKIPPED exit 0 ;; *) echo "unsupported $SUDO - "doas" and "sudo" are allowed" diff --git a/regress/agent-ptrace.sh b/regress/agent-ptrace.sh index bb676d631574..2d795ee32043 100644 --- a/regress/agent-ptrace.sh +++ b/regress/agent-ptrace.sh @@ -1,4 +1,4 @@ -# $OpenBSD: agent-ptrace.sh,v 1.2 2014/02/27 21:21:25 djm Exp $ +# $OpenBSD: agent-ptrace.sh,v 1.3 2015/09/11 04:55:01 djm Exp $ # Placed in the Public Domain. tid="disallow agent ptrace attach" diff --git a/regress/agent.sh b/regress/agent.sh index 0baf0c74a288..7111056c9be4 100644 --- a/regress/agent.sh +++ b/regress/agent.sh @@ -1,4 +1,4 @@ -# $OpenBSD: agent.sh,v 1.12 2017/04/30 23:34:55 djm Exp $ +# $OpenBSD: agent.sh,v 1.13 2017/12/19 00:49:30 djm Exp $ # Placed in the Public Domain. tid="simple agent test" @@ -12,66 +12,106 @@ trace "start agent" eval `${SSHAGENT} -s` > /dev/null r=$? if [ $r -ne 0 ]; then - fail "could not start ssh-agent: exit code $r" -else - ${SSHADD} -l > /dev/null 2>&1 - if [ $? -ne 1 ]; then - fail "ssh-add -l did not fail with exit code 1" - fi - trace "overwrite authorized keys" - printf '' > $OBJ/authorized_keys_$USER - for t in ${SSH_KEYTYPES}; do - # generate user key for agent - rm -f $OBJ/$t-agent - ${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t-agent ||\ - fail "ssh-keygen for $t-agent failed" - # add to authorized keys - cat $OBJ/$t-agent.pub >> $OBJ/authorized_keys_$USER - # add privat key to agent - ${SSHADD} $OBJ/$t-agent > /dev/null 2>&1 - if [ $? -ne 0 ]; then - fail "ssh-add did succeed exit code 0" - fi - done - ${SSHADD} -l > /dev/null 2>&1 - r=$? - if [ $r -ne 0 ]; then - fail "ssh-add -l failed: exit code $r" - fi - # the same for full pubkey output - ${SSHADD} -L > /dev/null 2>&1 - r=$? - if [ $r -ne 0 ]; then - fail "ssh-add -L failed: exit code $r" - fi + fatal "could not start ssh-agent: exit code $r" +fi - trace "simple connect via agent" - ${SSH} -F $OBJ/ssh_proxy somehost exit 52 +${SSHADD} -l > /dev/null 2>&1 +if [ $? -ne 1 ]; then + fail "ssh-add -l did not fail with exit code 1" +fi + +rm -f $OBJ/user_ca_key $OBJ/user_ca_key.pub +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key \ + || fatal "ssh-keygen failed" + +trace "overwrite authorized keys" +printf '' > $OBJ/authorized_keys_$USER + +for t in ${SSH_KEYTYPES}; do + # generate user key for agent + rm -f $OBJ/$t-agent $OBJ/$t-agent.pub* + ${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t-agent ||\ + fatal "ssh-keygen for $t-agent failed" + # Make a certificate for each too. + ${SSHKEYGEN} -qs $OBJ/user_ca_key -I "$t cert" \ + -n estragon $OBJ/$t-agent.pub || fatal "ca sign failed" + + # add to authorized keys + cat $OBJ/$t-agent.pub >> $OBJ/authorized_keys_$USER + # add privat key to agent + ${SSHADD} $OBJ/$t-agent > /dev/null 2>&1 + if [ $? -ne 0 ]; then + fail "ssh-add did succeed exit code 0" + fi + # Remove private key to ensure that we aren't accidentally using it. + rm -f $OBJ/$t-agent +done + +# Remove explicit identity directives from ssh_proxy +mv $OBJ/ssh_proxy $OBJ/ssh_proxy_bak +grep -vi identityfile $OBJ/ssh_proxy_bak > $OBJ/ssh_proxy + +${SSHADD} -l > /dev/null 2>&1 +r=$? +if [ $r -ne 0 ]; then + fail "ssh-add -l failed: exit code $r" +fi +# the same for full pubkey output +${SSHADD} -L > /dev/null 2>&1 +r=$? +if [ $r -ne 0 ]; then + fail "ssh-add -L failed: exit code $r" +fi + +trace "simple connect via agent" +${SSH} -F $OBJ/ssh_proxy somehost exit 52 +r=$? +if [ $r -ne 52 ]; then + fail "ssh connect with failed (exit code $r)" +fi + +for t in ${SSH_KEYTYPES}; do + trace "connect via agent using $t key" + ${SSH} -F $OBJ/ssh_proxy -i $OBJ/$t-agent.pub -oIdentitiesOnly=yes \ + somehost exit 52 r=$? if [ $r -ne 52 ]; then fail "ssh connect with failed (exit code $r)" fi +done - trace "agent forwarding" - ${SSH} -A -F $OBJ/ssh_proxy somehost ${SSHADD} -l > /dev/null 2>&1 - r=$? - if [ $r -ne 0 ]; then - fail "ssh-add -l via agent fwd failed (exit code $r)" - fi - ${SSH} -A -F $OBJ/ssh_proxy somehost \ - "${SSH} -F $OBJ/ssh_proxy somehost exit 52" +trace "agent forwarding" +${SSH} -A -F $OBJ/ssh_proxy somehost ${SSHADD} -l > /dev/null 2>&1 +r=$? +if [ $r -ne 0 ]; then + fail "ssh-add -l via agent fwd failed (exit code $r)" +fi +${SSH} -A -F $OBJ/ssh_proxy somehost \ + "${SSH} -F $OBJ/ssh_proxy somehost exit 52" +r=$? +if [ $r -ne 52 ]; then + fail "agent fwd failed (exit code $r)" +fi + +(printf 'cert-authority,principals="estragon" '; cat $OBJ/user_ca_key.pub) \ + > $OBJ/authorized_keys_$USER +for t in ${SSH_KEYTYPES}; do + trace "connect via agent using $t key" + ${SSH} -F $OBJ/ssh_proxy -i $OBJ/$t-agent.pub \ + -oCertificateFile=$OBJ/$t-agent-cert.pub \ + -oIdentitiesOnly=yes somehost exit 52 r=$? if [ $r -ne 52 ]; then - fail "agent fwd failed (exit code $r)" + fail "ssh connect with failed (exit code $r)" fi +done - trace "delete all agent keys" - ${SSHADD} -D > /dev/null 2>&1 - r=$? - if [ $r -ne 0 ]; then - fail "ssh-add -D failed: exit code $r" - fi - - trace "kill agent" - ${SSHAGENT} -k > /dev/null +trace "delete all agent keys" +${SSHADD} -D > /dev/null 2>&1 +r=$? +if [ $r -ne 0 ]; then + fail "ssh-add -D failed: exit code $r" fi + +trace "kill agent" +${SSHAGENT} -k > /dev/null diff --git a/regress/allow-deny-users.sh b/regress/allow-deny-users.sh index 86805e19322b..4165111e0da1 100644 --- a/regress/allow-deny-users.sh +++ b/regress/allow-deny-users.sh @@ -1,5 +1,6 @@ # Public Domain # Zev Weiss, 2016 +# $OpenBSD: allow-deny-users.sh,v 1.4 2017/10/20 02:13:41 djm Exp $ tid="AllowUsers/DenyUsers" diff --git a/regress/authinfo.sh b/regress/authinfo.sh index e725296c90aa..3caf89478c1b 100644 --- a/regress/authinfo.sh +++ b/regress/authinfo.sh @@ -1,4 +1,4 @@ -# $OpenBSD: authinfo.sh,v 1.1 2017/06/24 06:35:24 djm Exp $ +# $OpenBSD: authinfo.sh,v 1.2 2017/10/25 20:08:36 millert Exp $ # Placed in the Public Domain. tid="authinfo" @@ -6,7 +6,7 @@ tid="authinfo" # Ensure the environment variable doesn't leak when ExposeAuthInfo=no. verbose "ExposeAuthInfo=no" env SSH_USER_AUTH=blah ${SSH} -F $OBJ/ssh_proxy x \ - 'test -z "$SSH_USER_AUTH"' || fail "SSH_USER_AUTH present" + 'env | grep SSH_USER_AUTH >/dev/null' && fail "SSH_USER_AUTH present" verbose "ExposeAuthInfo=yes" echo ExposeAuthInfo=yes >> $OBJ/sshd_proxy diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh index 6a23fe300bf7..30c2c156d2f1 100755 --- a/regress/cert-userkey.sh +++ b/regress/cert-userkey.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cert-userkey.sh,v 1.18 2017/04/30 23:34:55 djm Exp $ +# $OpenBSD: cert-userkey.sh,v 1.19 2018/03/12 00:54:04 djm Exp $ # Placed in the Public Domain. tid="certified user keys" @@ -8,6 +8,7 @@ cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'` +EXTRA_TYPES="" if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512" @@ -15,7 +16,7 @@ fi kname() { case $ktype in - rsa-sha2-*) ;; + rsa-sha2-*) n="$ktype" ;; # subshell because some seds will add a newline *) n=$(echo $1 | sed 's/^dsa/ssh-dss/;s/^rsa/ssh-rsa/;s/^ed/ssh-ed/') ;; esac diff --git a/regress/cfgmatch.sh b/regress/cfgmatch.sh index 2504d04f4c51..dd11e404dc4f 100644 --- a/regress/cfgmatch.sh +++ b/regress/cfgmatch.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cfgmatch.sh,v 1.10 2017/04/30 23:34:55 djm Exp $ +# $OpenBSD: cfgmatch.sh,v 1.11 2017/10/04 18:50:23 djm Exp $ # Placed in the Public Domain. tid="sshd_config match" @@ -41,7 +41,7 @@ stop_client() cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak echo "PermitOpen 127.0.0.1:1" >>$OBJ/sshd_config echo "Match Address 127.0.0.1" >>$OBJ/sshd_config -echo "PermitOpen 127.0.0.1:$PORT" >>$OBJ/sshd_config +echo "PermitOpen 127.0.0.1:2 127.0.0.1:3 127.0.0.1:$PORT" >>$OBJ/sshd_config grep -v AuthorizedKeysFile $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy echo "AuthorizedKeysFile /dev/null" >>$OBJ/sshd_proxy @@ -49,7 +49,7 @@ echo "PermitOpen 127.0.0.1:1" >>$OBJ/sshd_proxy echo "Match user $USER" >>$OBJ/sshd_proxy echo "AuthorizedKeysFile /dev/null $OBJ/authorized_keys_%u" >>$OBJ/sshd_proxy echo "Match Address 127.0.0.1" >>$OBJ/sshd_proxy -echo "PermitOpen 127.0.0.1:$PORT" >>$OBJ/sshd_proxy +echo "PermitOpen 127.0.0.1:2 127.0.0.1:3 127.0.0.1:$PORT" >>$OBJ/sshd_proxy start_sshd diff --git a/regress/connect-uri.sh b/regress/connect-uri.sh new file mode 100644 index 000000000000..f13f15e660df --- /dev/null +++ b/regress/connect-uri.sh @@ -0,0 +1,29 @@ +# $OpenBSD: connect-uri.sh,v 1.1 2017/10/24 19:33:32 millert Exp $ +# Placed in the Public Domain. + +tid="uri connect" + +# Remove Port and User from ssh_config, we want to rely on the URI +cp $OBJ/ssh_config $OBJ/ssh_config.orig +egrep -v '^ +(Port|User) +.*$' $OBJ/ssh_config.orig > $OBJ/ssh_config + +start_sshd + +verbose "$tid: no trailing slash" +${SSH} -F $OBJ/ssh_config "ssh://${USER}@somehost:${PORT}" true +if [ $? -ne 0 ]; then + fail "ssh connection failed" +fi + +verbose "$tid: trailing slash" +${SSH} -F $OBJ/ssh_config "ssh://${USER}@somehost:${PORT}/" true +if [ $? -ne 0 ]; then + fail "ssh connection failed" +fi + +verbose "$tid: with path name" +${SSH} -F $OBJ/ssh_config "ssh://${USER}@somehost:${PORT}/${DATA}" true \ + > /dev/null 2>&1 +if [ $? -eq 0 ]; then + fail "ssh connection succeeded, expected failure" +fi diff --git a/regress/forward-control.sh b/regress/forward-control.sh index 2e9dbb53aa6b..93d05cf6393b 100755 --- a/regress/forward-control.sh +++ b/regress/forward-control.sh @@ -1,4 +1,4 @@ -# $OpenBSD: forward-control.sh,v 1.4 2017/04/30 23:34:55 djm Exp $ +# $OpenBSD: forward-control.sh,v 1.5 2018/03/02 02:51:55 djm Exp $ # Placed in the Public Domain. tid="sshd control of local and remote forwarding" @@ -151,6 +151,33 @@ all_tests() { > ${OBJ}/sshd_proxy check_lfwd $_permit_lfwd "$_prefix, permitopen" check_rfwd $_permit_rfwd "$_prefix, permitopen" + # Check port-forwarding flags in authorized_keys. + # These two should refuse all. + sed "s/^/no-port-forwarding /" \ + < ${OBJ}/authorized_keys_${USER}.bak \ + > ${OBJ}/authorized_keys_${USER} || fatal "sed 3 fail" + ( cat ${OBJ}/sshd_proxy.bak ; + echo "AllowTcpForwarding $_tcpfwd" ) \ + > ${OBJ}/sshd_proxy + check_lfwd N "$_prefix, no-port-forwarding" + check_rfwd N "$_prefix, no-port-forwarding" + sed "s/^/restrict /" \ + < ${OBJ}/authorized_keys_${USER}.bak \ + > ${OBJ}/authorized_keys_${USER} || fatal "sed 4 fail" + ( cat ${OBJ}/sshd_proxy.bak ; + echo "AllowTcpForwarding $_tcpfwd" ) \ + > ${OBJ}/sshd_proxy + check_lfwd N "$_prefix, restrict" + check_rfwd N "$_prefix, restrict" + # This should pass the same cases as _nopermit* + sed "s/^/restrict,port-forwarding /" \ + < ${OBJ}/authorized_keys_${USER}.bak \ + > ${OBJ}/authorized_keys_${USER} || fatal "sed 5 fail" + ( cat ${OBJ}/sshd_proxy.bak ; + echo "AllowTcpForwarding $_tcpfwd" ) \ + > ${OBJ}/sshd_proxy + check_lfwd $_plain_lfwd "$_prefix, restrict,port-forwarding" + check_rfwd $_plain_rfwd "$_prefix, restrict,port-forwarding" } # no-permitopen mismatch-permitopen match-permitopen diff --git a/regress/key-options.sh b/regress/key-options.sh index 2adee6833475..d680737c168b 100755 --- a/regress/key-options.sh +++ b/regress/key-options.sh @@ -1,4 +1,4 @@ -# $OpenBSD: key-options.sh,v 1.4 2017/04/30 23:34:55 djm Exp $ +# $OpenBSD: key-options.sh,v 1.8 2018/03/14 05:35:40 djm Exp $ # Placed in the Public Domain. tid="key options" @@ -21,12 +21,46 @@ for c in 'command="echo bar"' 'no-pty,command="echo bar"'; do done # Test no-pty -sed 's/.*/no-pty &/' $origkeys >$authkeys -verbose "key option proto no-pty" -r=`${SSH} -q -F $OBJ/ssh_proxy somehost tty` -if [ -f "$r" ]; then - fail "key option failed no-pty (pty $r)" -fi +expect_pty_succeed() { + which=$1 + opts=$2 + rm -f $OBJ/data + sed "s/.*/$opts &/" $origkeys >$authkeys + verbose "key option pty $which" + ${SSH} -ttq -F $OBJ/ssh_proxy somehost "tty > $OBJ/data; exit 0" + if [ $? -ne 0 ] ; then + fail "key option failed $which" + else + r=`cat $OBJ/data` + case "$r" in + /dev/*) ;; + *) fail "key option failed $which (pty $r)" ;; + esac + fi +} +expect_pty_fail() { + which=$1 + opts=$2 + rm -f $OBJ/data + sed "s/.*/$opts &/" $origkeys >$authkeys + verbose "key option pty $which" + ${SSH} -ttq -F $OBJ/ssh_proxy somehost "tty > $OBJ/data; exit 0" + if [ $? -eq 0 ]; then + r=`cat $OBJ/data` + if [ -e "$r" ]; then + fail "key option failed $which (pty $r)" + fi + case "$r" in + /dev/*) fail "key option failed $which (pty $r)" ;; + *) ;; + esac + fi +} +# First ensure that we can allocate a pty by default. +expect_pty_succeed "default" "" +expect_pty_fail "no-pty" "no-pty" +expect_pty_fail "restrict" "restrict" +expect_pty_succeed "restrict,pty" "restrict,pty" # Test environment= echo 'PermitUserEnvironment yes' >> $OBJ/sshd_proxy @@ -60,4 +94,22 @@ for f in 127.0.0.1 '127.0.0.0\/8'; do fi done -rm -f "$origkeys" +check_valid_before() { + which=$1 + opts=$2 + expect=$3 + sed "s/.*/$opts &/" $origkeys >$authkeys + verbose "key option expiry-time $which" + ${SSH} -q -F $OBJ/ssh_proxy somehost true + r=$? + case "$expect" in + fail) test $r -eq 0 && fail "key option succeeded $which" ;; + pass) test $r -ne 0 && fail "key option failed $which" ;; + *) fatal "unknown expectation $expect" ;; + esac +} +check_valid_before "default" "" "pass" +check_valid_before "invalid" 'expiry-time="INVALID"' "fail" +check_valid_before "expired" 'expiry-time="19990101"' "fail" +check_valid_before "valid" 'expiry-time="20380101"' "pass" + diff --git a/regress/keys-command.sh b/regress/keys-command.sh index 9c9ada7c7631..4029e2c78637 100755 --- a/regress/keys-command.sh +++ b/regress/keys-command.sh @@ -1,4 +1,4 @@ -# $OpenBSD: keys-command.sh,v 1.3 2015/05/21 06:40:02 djm Exp $ +# $OpenBSD: keys-command.sh,v 1.4 2016/09/26 21:34:38 bluhm Exp $ # Placed in the Public Domain. tid="authorized keys from command" diff --git a/regress/keytype.sh b/regress/keytype.sh index 88b022de4adb..f78a2c171fa5 100755 --- a/regress/keytype.sh +++ b/regress/keytype.sh @@ -1,4 +1,4 @@ -# $OpenBSD: keytype.sh,v 1.5 2017/03/20 22:08:06 djm Exp $ +# $OpenBSD: keytype.sh,v 1.7 2018/03/12 00:54:04 djm Exp $ # Placed in the Public Domain. tid="login with different key types" @@ -17,7 +17,7 @@ for i in `$SSH -Q key`; do esac done -for kt in $ktypes; do +for kt in $ktypes; do rm -f $OBJ/key.$kt bits=`echo ${kt} | awk -F- '{print $2}'` type=`echo ${kt} | awk -F- '{print $1}'` @@ -27,28 +27,28 @@ for kt in $ktypes; do done tries="1 2 3" -for ut in $ktypes; do +for ut in $ktypes; do htypes=$ut #htypes=$ktypes - for ht in $htypes; do + for ht in $htypes; do case $ht in dsa-1024) t=ssh-dss;; ecdsa-256) t=ecdsa-sha2-nistp256;; ecdsa-384) t=ecdsa-sha2-nistp384;; ecdsa-521) t=ecdsa-sha2-nistp521;; ed25519-512) t=ssh-ed25519;; - rsa-*) t=ssh-rsa;; + rsa-*) t=rsa-sha2-512,rsa-sha2-256,ssh-rsa;; esac trace "ssh connect, userkey $ut, hostkey $ht" ( grep -v HostKey $OBJ/sshd_proxy_bak - echo HostKey $OBJ/key.$ht + echo HostKey $OBJ/key.$ht echo PubkeyAcceptedKeyTypes $t echo HostKeyAlgorithms $t ) > $OBJ/sshd_proxy ( grep -v IdentityFile $OBJ/ssh_proxy_bak - echo IdentityFile $OBJ/key.$ut + echo IdentityFile $OBJ/key.$ut echo PubkeyAcceptedKeyTypes $t echo HostKeyAlgorithms $t ) > $OBJ/ssh_proxy diff --git a/regress/limit-keytype.sh b/regress/limit-keytype.sh index c0cf2fed6d86..04f11977e140 100755 --- a/regress/limit-keytype.sh +++ b/regress/limit-keytype.sh @@ -1,4 +1,4 @@ -# $OpenBSD: limit-keytype.sh,v 1.4 2015/10/29 08:05:17 djm Exp $ +# $OpenBSD: limit-keytype.sh,v 1.5 2018/03/12 00:52:57 djm Exp $ # Placed in the Public Domain. tid="restrict pubkey type" @@ -60,7 +60,8 @@ ${SSH} $opts -i $OBJ/user_key2 proxy true || fatal "key2 failed" # Allow plain Ed25519 and RSA. The certificate should fail. verbose "allow rsa,ed25519" -prepare_config "PubkeyAcceptedKeyTypes ssh-rsa,ssh-ed25519" +prepare_config \ + "PubkeyAcceptedKeyTypes rsa-sha2-256,rsa-sha2-512,ssh-rsa,ssh-ed25519" ${SSH} $certopts proxy true && fatal "cert succeeded" ${SSH} $opts -i $OBJ/user_key1 proxy true || fatal "key1 failed" ${SSH} $opts -i $OBJ/user_key2 proxy true || fatal "key2 failed" @@ -74,14 +75,14 @@ ${SSH} $opts -i $OBJ/user_key2 proxy true && fatal "key2 succeeded" # Allow all certs. Plain keys should fail. verbose "allow cert only" -prepare_config "PubkeyAcceptedKeyTypes ssh-*-cert-v01@openssh.com" +prepare_config "PubkeyAcceptedKeyTypes *-cert-v01@openssh.com" ${SSH} $certopts proxy true || fatal "cert failed" ${SSH} $opts -i $OBJ/user_key1 proxy true && fatal "key1 succeeded" ${SSH} $opts -i $OBJ/user_key2 proxy true && fatal "key2 succeeded" # Allow RSA in main config, Ed25519 for non-existent user. verbose "match w/ no match" -prepare_config "PubkeyAcceptedKeyTypes ssh-rsa" \ +prepare_config "PubkeyAcceptedKeyTypes rsa-sha2-256,rsa-sha2-512,ssh-rsa" \ "Match user x$USER" "PubkeyAcceptedKeyTypes +ssh-ed25519" ${SSH} $certopts proxy true && fatal "cert succeeded" ${SSH} $opts -i $OBJ/user_key1 proxy true && fatal "key1 succeeded" diff --git a/regress/misc/fuzz-harness/sig_fuzz.cc b/regress/misc/fuzz-harness/sig_fuzz.cc index 0e535b49a5af..dd1fda091f49 100644 --- a/regress/misc/fuzz-harness/sig_fuzz.cc +++ b/regress/misc/fuzz-harness/sig_fuzz.cc @@ -37,13 +37,13 @@ int LLVMFuzzerTestOneInput(const uint8_t* sig, size_t slen) static const size_t dlen = strlen(data); #ifdef WITH_OPENSSL - sshkey_verify(rsa, sig, slen, (const u_char *)data, dlen, 0); - sshkey_verify(dsa, sig, slen, (const u_char *)data, dlen, 0); - sshkey_verify(ecdsa256, sig, slen, (const u_char *)data, dlen, 0); - sshkey_verify(ecdsa384, sig, slen, (const u_char *)data, dlen, 0); - sshkey_verify(ecdsa521, sig, slen, (const u_char *)data, dlen, 0); + sshkey_verify(rsa, sig, slen, (const u_char *)data, dlen, NULL, 0); + sshkey_verify(dsa, sig, slen, (const u_char *)data, dlen, NULL, 0); + sshkey_verify(ecdsa256, sig, slen, (const u_char *)data, dlen, NULL, 0); + sshkey_verify(ecdsa384, sig, slen, (const u_char *)data, dlen, NULL, 0); + sshkey_verify(ecdsa521, sig, slen, (const u_char *)data, dlen, NULL, 0); #endif - sshkey_verify(ed25519, sig, slen, (const u_char *)data, dlen, 0); + sshkey_verify(ed25519, sig, slen, (const u_char *)data, dlen, NULL, 0); return 0; } diff --git a/regress/misc/kexfuzz/Makefile b/regress/misc/kexfuzz/Makefile index d0aca8dfe7e7..a7bb6b70d211 100644 --- a/regress/misc/kexfuzz/Makefile +++ b/regress/misc/kexfuzz/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.2 2017/04/17 11:02:31 jsg Exp $ +# $OpenBSD: Makefile,v 1.3 2017/12/21 05:46:35 djm Exp $ .include .include @@ -9,6 +9,25 @@ OPENSSL?= yes PROG= kexfuzz SRCS= kexfuzz.c + +SSHREL=../../../../../usr.bin/ssh +.PATH: ${.CURDIR}/${SSHREL} +# From usr.bin/ssh +SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c +SRCS+=atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c ssh-dss.c +SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c +SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c +SRCS+=addrmatch.c bitmap.c packet.c dispatch.c canohost.c ssh_api.c +SRCS+=kex.c kexc25519.c kexc25519c.c kexc25519s.c kexdh.c kexdhc.c kexdhs.c +SRCS+=kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c kexgexs.c +SRCS+=dh.c compat.c +SRCS+=ed25519.c hash.c ge25519.c fe25519.c sc25519.c verify.c +SRCS+=cipher-chachapoly.c chacha.c poly1305.c +SRCS+=smult_curve25519_ref.c + +SRCS+=digest-openssl.c +#SRCS+=digest-libc.c + NOMAN= 1 .if (${OPENSSL:L} == "yes") @@ -49,23 +68,14 @@ CDIAGFLAGS+= -Wswitch CDIAGFLAGS+= -Wtrigraphs CDIAGFLAGS+= -Wuninitialized CDIAGFLAGS+= -Wunused +CDIAGFLAGS+= -Wno-unused-parameter .if ${COMPILER_VERSION:L} != "gcc3" -CDIAGFLAGS+= -Wpointer-sign CDIAGFLAGS+= -Wold-style-definition .endif -SSHREL=../../../../../usr.bin/ssh CFLAGS+=-I${.CURDIR}/${SSHREL} -.if exists(${.CURDIR}/${SSHREL}/lib/${__objdir}) -LDADD+=-L${.CURDIR}/${SSHREL}/lib/${__objdir} -lssh -DPADD+=${.CURDIR}/${SSHREL}/lib/${__objdir}/libssh.a -.else -LDADD+=-L${.CURDIR}/${SSHREL}/lib -lssh -DPADD+=${.CURDIR}/${SSHREL}/lib/libssh.a -.endif - LDADD+= -lutil -lz DPADD+= ${LIBUTIL} ${LIBZ} diff --git a/regress/misc/kexfuzz/README b/regress/misc/kexfuzz/README index abd7b50eeaf2..504c26f3bed3 100644 --- a/regress/misc/kexfuzz/README +++ b/regress/misc/kexfuzz/README @@ -30,3 +30,5 @@ Limitations: kexfuzz can't change the ordering of packets at present. It is limited to replacing individual packets with fuzzed variants with the same type. It really should allow insertion, deletion on replacement of packets too. + +$OpenBSD: README,v 1.3 2017/10/20 02:13:41 djm Exp $ diff --git a/regress/netcat.c b/regress/netcat.c index 98a08b1eceae..56bd09de5485 100644 --- a/regress/netcat.c +++ b/regress/netcat.c @@ -738,7 +738,12 @@ local_listen(char *host, char *port, struct addrinfo hints) #ifdef SO_REUSEPORT ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x)); if (ret == -1) - err(1, "setsockopt"); + err(1, "setsockopt SO_REUSEPORT"); +#endif +#ifdef SO_REUSEADDR + ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &x, sizeof(x)); + if (ret == -1) + err(1, "setsockopt SO_REUSEADDR"); #endif set_common_sockopts(s); diff --git a/regress/proxy-connect.sh b/regress/proxy-connect.sh index f1b9d9f76bd7..39bbd3c96e76 100644 --- a/regress/proxy-connect.sh +++ b/regress/proxy-connect.sh @@ -1,25 +1,19 @@ -# $OpenBSD: proxy-connect.sh,v 1.10 2017/04/30 23:34:55 djm Exp $ +# $OpenBSD: proxy-connect.sh,v 1.11 2017/09/26 22:39:25 dtucker Exp $ # Placed in the Public Domain. tid="proxy connect" -mv $OBJ/sshd_proxy $OBJ/sshd_proxy.orig - -for ps in no yes; do - cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy - echo "UsePrivilegeSeparation $ps" >> $OBJ/sshd_proxy - for c in no yes; do - verbose "plain username privsep=$ps comp=$c" - opts="-oCompression=$c -F $OBJ/ssh_proxy" - SSH_CONNECTION=`${SSH} $opts 999.999.999.999 'echo $SSH_CONNECTION'` - if [ $? -ne 0 ]; then - fail "ssh proxyconnect privsep=$ps comp=$c failed" - fi - if [ "$SSH_CONNECTION" != "UNKNOWN 65535 UNKNOWN 65535" ]; then - fail "bad SSH_CONNECTION privsep=$ps comp=$c: " \ - "$SSH_CONNECTION" - fi - done +for c in no yes; do + verbose "plain username comp=$c" + opts="-oCompression=$c -F $OBJ/ssh_proxy" + SSH_CONNECTION=`${SSH} $opts 999.999.999.999 'echo $SSH_CONNECTION'` + if [ $? -ne 0 ]; then + fail "ssh proxyconnect comp=$c failed" + fi + if [ "$SSH_CONNECTION" != "UNKNOWN 65535 UNKNOWN 65535" ]; then + fail "bad SSH_CONNECTION comp=$c: " \ + "$SSH_CONNECTION" + fi done verbose "username with style" diff --git a/regress/putty-ciphers.sh b/regress/putty-ciphers.sh index 419daabbaa75..191a2bda8d35 100755 --- a/regress/putty-ciphers.sh +++ b/regress/putty-ciphers.sh @@ -15,7 +15,7 @@ for c in aes 3des aes128-ctr aes192-ctr aes256-ctr ; do echo "Cipher=$c" >> ${OBJ}/.putty/sessions/cipher_$c rm -f ${COPY} - env HOME=$PWD ${PLINK} -load cipher_$c -batch -i putty.rsa2 \ + env HOME=$PWD ${PLINK} -load cipher_$c -batch -i ${OBJ}/putty.rsa2 \ cat ${DATA} > ${COPY} if [ $? -ne 0 ]; then fail "ssh cat $DATA failed" diff --git a/regress/putty-kex.sh b/regress/putty-kex.sh index 9d3c6a9f0e7b..71c09701b2c8 100755 --- a/regress/putty-kex.sh +++ b/regress/putty-kex.sh @@ -14,7 +14,7 @@ for k in dh-gex-sha1 dh-group1-sha1 dh-group14-sha1 ; do ${OBJ}/.putty/sessions/kex_$k echo "KEX=$k" >> ${OBJ}/.putty/sessions/kex_$k - env HOME=$PWD ${PLINK} -load kex_$k -batch -i putty.rsa2 true + env HOME=$PWD ${PLINK} -load kex_$k -batch -i ${OBJ}/putty.rsa2 true if [ $? -ne 0 ]; then fail "KEX $k failed" fi diff --git a/regress/putty-transfer.sh b/regress/putty-transfer.sh index 32c79f9ea4b9..4928d4533f6b 100755 --- a/regress/putty-transfer.sh +++ b/regress/putty-transfer.sh @@ -1,4 +1,4 @@ -# $OpenBSD: putty-transfer.sh,v 1.5 2017/04/30 23:34:55 djm Exp $ +# $OpenBSD: putty-transfer.sh,v 1.6 2018/02/23 03:03:00 djm Exp $ # Placed in the Public Domain. tid="putty transfer data" @@ -15,7 +15,7 @@ for c in 0 1 ; do ${OBJ}/.putty/sessions/compression_$c echo "Compression=$c" >> ${OBJ}/.putty/sessions/kex_$k env HOME=$PWD ${PLINK} -load compression_$c -batch \ - -i putty.rsa cat ${DATA} > ${COPY} + -i ${OBJ}/putty.rsa2 cat ${DATA} > ${COPY} if [ $? -ne 0 ]; then fail "ssh cat $DATA failed" fi @@ -26,7 +26,7 @@ for c in 0 1 ; do rm -f ${COPY} dd if=$DATA obs=${s} 2> /dev/null | \ env HOME=$PWD ${PLINK} -load compression_$c \ - -batch -i putty.rsa \ + -batch -i ${OBJ}/putty.rsa2 \ "cat > ${COPY}" if [ $? -ne 0 ]; then fail "ssh cat $DATA failed" diff --git a/regress/scp-uri.sh b/regress/scp-uri.sh new file mode 100644 index 000000000000..c03d8bbe0761 --- /dev/null +++ b/regress/scp-uri.sh @@ -0,0 +1,70 @@ +# $OpenBSD: scp-uri.sh,v 1.2 2017/12/11 11:41:56 dtucker Exp $ +# Placed in the Public Domain. + +tid="scp-uri" + +#set -x + +COPY2=${OBJ}/copy2 +DIR=${COPY}.dd +DIR2=${COPY}.dd2 + +SRC=`dirname ${SCRIPT}` +cp ${SRC}/scp-ssh-wrapper.sh ${OBJ}/scp-ssh-wrapper.scp +chmod 755 ${OBJ}/scp-ssh-wrapper.scp +scpopts="-q -S ${OBJ}/scp-ssh-wrapper.scp" +export SCP # used in scp-ssh-wrapper.scp + +scpclean() { + rm -rf ${COPY} ${COPY2} ${DIR} ${DIR2} + mkdir ${DIR} ${DIR2} +} + +# Remove Port and User from ssh_config, we want to rely on the URI +cp $OBJ/ssh_config $OBJ/ssh_config.orig +egrep -v '^ +(Port|User) +.*$' $OBJ/ssh_config.orig > $OBJ/ssh_config + +verbose "$tid: simple copy local file to remote file" +scpclean +$SCP $scpopts ${DATA} "scp://${USER}@somehost:${PORT}/${COPY}" || fail "copy failed" +cmp ${DATA} ${COPY} || fail "corrupted copy" + +verbose "$tid: simple copy remote file to local file" +scpclean +$SCP $scpopts "scp://${USER}@somehost:${PORT}/${DATA}" ${COPY} || fail "copy failed" +cmp ${DATA} ${COPY} || fail "corrupted copy" + +verbose "$tid: simple copy local file to remote dir" +scpclean +cp ${DATA} ${COPY} +$SCP $scpopts ${COPY} "scp://${USER}@somehost:${PORT}/${DIR}" || fail "copy failed" +cmp ${COPY} ${DIR}/copy || fail "corrupted copy" + +verbose "$tid: simple copy remote file to local dir" +scpclean +cp ${DATA} ${COPY} +$SCP $scpopts "scp://${USER}@somehost:${PORT}/${COPY}" ${DIR} || fail "copy failed" +cmp ${COPY} ${DIR}/copy || fail "corrupted copy" + +verbose "$tid: recursive local dir to remote dir" +scpclean +rm -rf ${DIR2} +cp ${DATA} ${DIR}/copy +$SCP $scpopts -r ${DIR} "scp://${USER}@somehost:${PORT}/${DIR2}" || fail "copy failed" +for i in $(cd ${DIR} && echo *); do + cmp ${DIR}/$i ${DIR2}/$i || fail "corrupted copy" +done + +verbose "$tid: recursive remote dir to local dir" +scpclean +rm -rf ${DIR2} +cp ${DATA} ${DIR}/copy +$SCP $scpopts -r "scp://${USER}@somehost:${PORT}/${DIR}" ${DIR2} || fail "copy failed" +for i in $(cd ${DIR} && echo *); do + cmp ${DIR}/$i ${DIR2}/$i || fail "corrupted copy" +done + +# TODO: scp -3 + +scpclean +rm -f ${OBJ}/scp-ssh-wrapper.exe diff --git a/regress/sftp-chroot.sh b/regress/sftp-chroot.sh index 4ea2fce8570d..ba5bd1efb30e 100755 --- a/regress/sftp-chroot.sh +++ b/regress/sftp-chroot.sh @@ -1,4 +1,4 @@ -# $OpenBSD: sftp-chroot.sh,v 1.5 2016/09/26 21:34:38 bluhm Exp $ +# $OpenBSD: sftp-chroot.sh,v 1.6 2018/02/09 03:42:57 dtucker Exp $ # Placed in the Public Domain. tid="sftp in chroot" @@ -8,8 +8,9 @@ FILENAME=testdata_${USER} PRIVDATA=${CHROOT}/${FILENAME} if [ -z "$SUDO" -a ! -w /var/run ]; then - echo "skipped: need SUDO to create file in /var/run, test won't work without" - exit 0 + echo "need SUDO to create file in /var/run, test won't work without" + echo SKIPPED + exit 0 fi if ! $OBJ/check-perm -m chroot "$CHROOT" ; then diff --git a/regress/sftp-uri.sh b/regress/sftp-uri.sh new file mode 100644 index 000000000000..7be104dfbb40 --- /dev/null +++ b/regress/sftp-uri.sh @@ -0,0 +1,63 @@ +# $OpenBSD: sftp-uri.sh,v 1.1 2017/10/24 19:33:32 millert Exp $ +# Placed in the Public Domain. + +tid="sftp-uri" + +#set -x + +COPY2=${OBJ}/copy2 +DIR=${COPY}.dd +DIR2=${COPY}.dd2 +SRC=`dirname ${SCRIPT}` + +sftpclean() { + rm -rf ${COPY} ${COPY2} ${DIR} ${DIR2} + mkdir ${DIR} ${DIR2} +} + +start_sshd -oForceCommand="internal-sftp -d /" + +# Remove Port and User from ssh_config, we want to rely on the URI +cp $OBJ/ssh_config $OBJ/ssh_config.orig +egrep -v '^ +(Port|User) +.*$' $OBJ/ssh_config.orig > $OBJ/ssh_config + +verbose "$tid: non-interactive fetch to local file" +sftpclean +${SFTP} -q -S "$SSH" -F $OBJ/ssh_config "sftp://${USER}@somehost:${PORT}/${DATA}" ${COPY} || fail "copy failed" +cmp ${DATA} ${COPY} || fail "corrupted copy" + +verbose "$tid: non-interactive fetch to local dir" +sftpclean +cp ${DATA} ${COPY} +${SFTP} -q -S "$SSH" -F $OBJ/ssh_config "sftp://${USER}@somehost:${PORT}/${COPY}" ${DIR} || fail "copy failed" +cmp ${COPY} ${DIR}/copy || fail "corrupted copy" + +verbose "$tid: put to remote directory (trailing slash)" +sftpclean +${SFTP} -q -S "$SSH" -F $OBJ/ssh_config -b - \ + "sftp://${USER}@somehost:${PORT}/${DIR}/" > /dev/null 2>&1 << EOF + version + put ${DATA} copy +EOF +r=$? +if [ $r -ne 0 ]; then + fail "sftp failed with $r" +else + cmp ${DATA} ${DIR}/copy || fail "corrupted copy" +fi + +verbose "$tid: put to remote directory (no slash)" +sftpclean +${SFTP} -q -S "$SSH" -F $OBJ/ssh_config -b - \ + "sftp://${USER}@somehost:${PORT}/${DIR}" > /dev/null 2>&1 << EOF + version + put ${DATA} copy +EOF +r=$? +if [ $r -ne 0 ]; then + fail "sftp failed with $r" +else + cmp ${DATA} ${DIR}/copy || fail "corrupted copy" +fi + +sftpclean diff --git a/regress/sftp.sh b/regress/sftp.sh index b8e9f752791a..a5c88f584359 100644 --- a/regress/sftp.sh +++ b/regress/sftp.sh @@ -1,4 +1,4 @@ -# $OpenBSD: sftp.sh,v 1.5 2013/05/17 10:28:11 dtucker Exp $ +# $OpenBSD: sftp.sh,v 1.6 2017/10/30 21:59:43 djm Exp $ # Placed in the Public Domain. tid="basic sftp put/get" @@ -22,11 +22,11 @@ for B in ${BUFFERSIZE}; do r=$? if [ $r -ne 0 ]; then fail "sftp failed with $r" - else + else cmp $DATA ${COPY}.1 || fail "corrupted copy after get" cmp $DATA ${COPY}.2 || fail "corrupted copy after put" fi done done -rm -f ${COPY}.1 ${COPY}.2 +rm -f ${COPY}.1 ${COPY}.2 rm -f $SFTPCMDFILE diff --git a/regress/sshd-log-wrapper.sh b/regress/sshd-log-wrapper.sh index c00934c780ba..29dc44aa0b53 100644 --- a/regress/sshd-log-wrapper.sh +++ b/regress/sshd-log-wrapper.sh @@ -1,5 +1,5 @@ #!/bin/sh -# $OpenBSD: sshd-log-wrapper.sh,v 1.3 2013/04/07 02:16:03 dtucker Exp $ +# $OpenBSD: sshd-log-wrapper.sh,v 1.4 2016/11/25 02:56:49 dtucker Exp $ # Placed in the Public Domain. # # simple wrapper for sshd proxy mode to catch stderr output diff --git a/regress/test-exec.sh b/regress/test-exec.sh index 68f010b70ddc..b6169f15703a 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.61 2017/07/28 10:32:08 dtucker Exp $ +# $OpenBSD: test-exec.sh,v 1.62 2018/03/16 09:06:31 dtucker Exp $ # Placed in the Public Domain. #SUDO=sudo @@ -503,6 +503,7 @@ if test "$REGRESS_INTEROP_PUTTY" = "yes" ; then # Add a PuTTY key to authorized_keys rm -f ${OBJ}/putty.rsa2 if ! puttygen -t rsa -o ${OBJ}/putty.rsa2 \ + --random-device=/dev/urandom \ --new-passphrase /dev/null < /dev/null > /dev/null; then echo "Your installed version of PuTTY is too old to support --new-passphrase; trying without (may require manual interaction) ..." >&2 puttygen -t rsa -o ${OBJ}/putty.rsa2 < /dev/null > /dev/null @@ -526,6 +527,9 @@ if test "$REGRESS_INTEROP_PUTTY" = "yes" ; then echo "ProxyTelnetCommand=sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy echo "ProxyLocalhost=1" >> ${OBJ}/.putty/sessions/localhost_proxy + PUTTYDIR=${OBJ}/.putty + export PUTTYDIR + REGRESS_INTEROP_PUTTY=yes fi diff --git a/regress/unittests/Makefile b/regress/unittests/Makefile index e975f6ca4160..e464b085adc8 100644 --- a/regress/unittests/Makefile +++ b/regress/unittests/Makefile @@ -1,6 +1,7 @@ -# $OpenBSD: Makefile,v 1.9 2017/03/14 01:20:29 dtucker Exp $ +# $OpenBSD: Makefile,v 1.10 2018/03/03 03:16:17 djm Exp $ REGRESS_FAIL_EARLY?= yes SUBDIR= test_helper sshbuf sshkey bitmap kex hostkeys utf8 match conversion +SUBDIR+=authopt .include diff --git a/regress/unittests/Makefile.inc b/regress/unittests/Makefile.inc index 36d1ff42c06e..b509f4452500 100644 --- a/regress/unittests/Makefile.inc +++ b/regress/unittests/Makefile.inc @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile.inc,v 1.11 2017/04/30 23:33:48 djm Exp $ +# $OpenBSD: Makefile.inc,v 1.12 2017/12/21 00:41:22 djm Exp $ .include .include @@ -30,8 +30,8 @@ CDIAGFLAGS+= -Wswitch CDIAGFLAGS+= -Wtrigraphs CDIAGFLAGS+= -Wuninitialized CDIAGFLAGS+= -Wunused +CDIAGFLAGS+= -Wno-unused-parameter .if ${COMPILER_VERSION:L} != "gcc3" -CDIAGFLAGS+= -Wpointer-sign CDIAGFLAGS+= -Wold-style-definition .endif @@ -47,17 +47,7 @@ LDADD+=-L${.CURDIR}/../test_helper -ltest_helper DPADD+=${.CURDIR}/../test_helper/libtest_helper.a .endif -.if exists(${.CURDIR}/${SSHREL}/lib/${__objdir}) -LDADD+=-L${.CURDIR}/${SSHREL}/lib/${__objdir} -lssh -LIBSSH=${.CURDIR}/${SSHREL}/lib/${__objdir}/libssh.a -.else -LDADD+=-L${.CURDIR}/${SSHREL}/lib -lssh -LIBSSH=${.CURDIR}/${SSHREL}/lib/libssh.a -.endif -DPADD+=${LIBSSH} -${PROG}: ${LIBSSH} -${LIBSSH}: - cd ${.CURDIR}/${SSHREL} && ${MAKE} lib +.PATH: ${.CURDIR}/${SSHREL} LDADD+= -lcrypto DPADD+= ${LIBCRYPTO} diff --git a/regress/unittests/authopt/testdata/all_permit.cert b/regress/unittests/authopt/testdata/all_permit.cert new file mode 100644 index 000000000000..38ac57318525 --- /dev/null +++ b/regress/unittests/authopt/testdata/all_permit.cert @@ -0,0 +1 @@ +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIOv/h7mJS1WkRHukSvqPwKDiNVrcib/VqBLpbHW6xjWCAAAAICeF4LbtRqwIRhewXifa5PKpbSU9P/K8CzeVYj8J/iBoAAAAAAAAAAEAAAABAAAABHVzZXIAAAAIAAAABHVzZXIAAAAANouDYAAAAAA4a2VgAAAAAAAAAIIAAAAVcGVybWl0LVgxMS1mb3J3YXJkaW5nAAAAAAAAABdwZXJtaXQtYWdlbnQtZm9yd2FyZGluZwAAAAAAAAAWcGVybWl0LXBvcnQtZm9yd2FyZGluZwAAAAAAAAAKcGVybWl0LXB0eQAAAAAAAAAOcGVybWl0LXVzZXItcmMAAAAAAAAAAAAAADMAAAALc3NoLWVkMjU1MTkAAAAgKFWCzCzQTh9UkoHphbgwaa86Q16Kern0UjqOr7Q+Jk8AAABTAAAAC3NzaC1lZDI1NTE5AAAAQNe1XDN+J4Eb82TH5J5sYypcabocufjTFRfpU57K+csRP41Yo1FCSEWx95ilUuNvK9Iv3yFDOeVPzdqRqzWoHwE= user key diff --git a/regress/unittests/authopt/testdata/bad_sourceaddr.cert b/regress/unittests/authopt/testdata/bad_sourceaddr.cert new file mode 100644 index 000000000000..9732745ac44f --- /dev/null +++ b/regress/unittests/authopt/testdata/bad_sourceaddr.cert @@ -0,0 +1 @@ +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAILFEJyunlz9scYU3mwbOEJoSSkeO1z20uNBw13tEn+lJAAAAICeF4LbtRqwIRhewXifa5PKpbSU9P/K8CzeVYj8J/iBoAAAAAAAAAAEAAAABAAAABHVzZXIAAAAIAAAABHVzZXIAAAAANouDYAAAAAA4a2VgAAAAHwAAAA5zb3VyY2UtYWRkcmVzcwAAAAkAAAAFeHh4eHgAAACCAAAAFXBlcm1pdC1YMTEtZm9yd2FyZGluZwAAAAAAAAAXcGVybWl0LWFnZW50LWZvcndhcmRpbmcAAAAAAAAAFnBlcm1pdC1wb3J0LWZvcndhcmRpbmcAAAAAAAAACnBlcm1pdC1wdHkAAAAAAAAADnBlcm1pdC11c2VyLXJjAAAAAAAAAAAAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIChVgsws0E4fVJKB6YW4MGmvOkNeinq59FI6jq+0PiZPAAAAUwAAAAtzc2gtZWQyNTUxOQAAAEA5xY/OEAJ3tgg8/KJqaBR5KMdYYRDiMJ6u4VKS9lQOV1HJQvDDvjj3F5k53BIqTJRVQx242YWs+B3C4db/uLgB user key diff --git a/regress/unittests/authopt/testdata/force_command.cert b/regress/unittests/authopt/testdata/force_command.cert new file mode 100644 index 000000000000..f7af27e43030 --- /dev/null +++ b/regress/unittests/authopt/testdata/force_command.cert @@ -0,0 +1 @@ +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIJkpCeqaVl6qnp7qa90KehAmHFecx3HW8HZQ22KEqeKBAAAAICeF4LbtRqwIRhewXifa5PKpbSU9P/K8CzeVYj8J/iBoAAAAAAAAAAEAAAABAAAABHVzZXIAAAAIAAAABHVzZXIAAAAANouDYAAAAAA4a2VgAAAAHAAAAA1mb3JjZS1jb21tYW5kAAAABwAAAANmb28AAACCAAAAFXBlcm1pdC1YMTEtZm9yd2FyZGluZwAAAAAAAAAXcGVybWl0LWFnZW50LWZvcndhcmRpbmcAAAAAAAAAFnBlcm1pdC1wb3J0LWZvcndhcmRpbmcAAAAAAAAACnBlcm1pdC1wdHkAAAAAAAAADnBlcm1pdC11c2VyLXJjAAAAAAAAAAAAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIChVgsws0E4fVJKB6YW4MGmvOkNeinq59FI6jq+0PiZPAAAAUwAAAAtzc2gtZWQyNTUxOQAAAEAxbhjgbXvfEumRP1E7VH8nUfuJyVlDChhCxiPg9Nvb9PFK8cHdDUEybDCzKCsIDieRc3mtLTyEu7Kb52va/B4C user key diff --git a/regress/unittests/authopt/testdata/host.cert b/regress/unittests/authopt/testdata/host.cert new file mode 100644 index 000000000000..6326d0453497 --- /dev/null +++ b/regress/unittests/authopt/testdata/host.cert @@ -0,0 +1 @@ +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIFWMw3ftP29RSefnxQwdvK1KiE2G9Y7rPRrJ7ZsrDiOeAAAAICeF4LbtRqwIRhewXifa5PKpbSU9P/K8CzeVYj8J/iBoAAAAAAAAAAEAAAACAAAABHVzZXIAAAAIAAAABHVzZXIAAAAANouDYAAAAAA4a2VgAAAAAAAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACAoVYLMLNBOH1SSgemFuDBprzpDXop6ufRSOo6vtD4mTwAAAFMAAAALc3NoLWVkMjU1MTkAAABAKTMqwPkaBg23RS7/aj347dc2kY4bWt/sHwzREYSrKRqZ5RNBnSvZOQ8m5euMCEuf92bZ8VJEdF653jRiW6VoBA== user key diff --git a/regress/unittests/authopt/testdata/mktestdata.sh b/regress/unittests/authopt/testdata/mktestdata.sh new file mode 100644 index 000000000000..06a24e39002c --- /dev/null +++ b/regress/unittests/authopt/testdata/mktestdata.sh @@ -0,0 +1,48 @@ +#/bin/sh + +set -xe + +rm -f ca_key ca_key.pub +rm -f user_key user_key.pub +rm -f *.cert + +ssh-keygen -q -f ca_key -t ed25519 -C CA -N '' +ssh-keygen -q -f user_key -t ed25519 -C "user key" -N '' + +sign() { + output=$1 + shift + set -xe + ssh-keygen -q -s ca_key -I user -n user \ + -V 19990101:19991231 -z 1 "$@" user_key.pub + mv user_key-cert.pub "$output" +} + +sign all_permit.cert -Opermit-agent-forwarding -Opermit-port-forwarding \ + -Opermit-pty -Opermit-user-rc -Opermit-X11-forwarding +sign no_permit.cert -Oclear + +sign no_agentfwd.cert -Ono-agent-forwarding +sign no_portfwd.cert -Ono-port-forwarding +sign no_pty.cert -Ono-pty +sign no_user_rc.cert -Ono-user-rc +sign no_x11fwd.cert -Ono-X11-forwarding + +sign only_agentfwd.cert -Oclear -Opermit-agent-forwarding +sign only_portfwd.cert -Oclear -Opermit-port-forwarding +sign only_pty.cert -Oclear -Opermit-pty +sign only_user_rc.cert -Oclear -Opermit-user-rc +sign only_x11fwd.cert -Oclear -Opermit-X11-forwarding + +sign force_command.cert -Oforce-command="foo" +sign sourceaddr.cert -Osource-address="127.0.0.1/32,::1/128" + +# ssh-keygen won't permit generation of certs with invalid source-address +# values, so we do it as a custom extension. +sign bad_sourceaddr.cert -Ocritical:source-address=xxxxx + +sign unknown_critical.cert -Ocritical:blah=foo + +sign host.cert -h + +rm -f user_key ca_key user_key.pub ca_key.pub diff --git a/regress/unittests/authopt/testdata/no_agentfwd.cert b/regress/unittests/authopt/testdata/no_agentfwd.cert new file mode 100644 index 000000000000..bfa5c2e658cb --- /dev/null +++ b/regress/unittests/authopt/testdata/no_agentfwd.cert @@ -0,0 +1 @@ +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIL2qEsLCVtKaBkbCrZicxbPUorcHHrQ8yw5h/26krTOlAAAAICeF4LbtRqwIRhewXifa5PKpbSU9P/K8CzeVYj8J/iBoAAAAAAAAAAEAAAABAAAABHVzZXIAAAAIAAAABHVzZXIAAAAANouDYAAAAAA4a2VgAAAAAAAAAGMAAAAVcGVybWl0LVgxMS1mb3J3YXJkaW5nAAAAAAAAABZwZXJtaXQtcG9ydC1mb3J3YXJkaW5nAAAAAAAAAApwZXJtaXQtcHR5AAAAAAAAAA5wZXJtaXQtdXNlci1yYwAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACAoVYLMLNBOH1SSgemFuDBprzpDXop6ufRSOo6vtD4mTwAAAFMAAAALc3NoLWVkMjU1MTkAAABAdRhISpol01OwV30g39PM/JD1t35muskX4lyCcGpFQ08GQtBuHE/hABOp6apbGBJIC7CZYYF+uHkD7PfGU3NPAQ== user key diff --git a/regress/unittests/authopt/testdata/no_permit.cert b/regress/unittests/authopt/testdata/no_permit.cert new file mode 100644 index 000000000000..351e138aeaa9 --- /dev/null +++ b/regress/unittests/authopt/testdata/no_permit.cert @@ -0,0 +1 @@ +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIGVQtVgp9sD4sc8esIhVWbZaM8d0NxpX3UbEVzTHm9feAAAAICeF4LbtRqwIRhewXifa5PKpbSU9P/K8CzeVYj8J/iBoAAAAAAAAAAEAAAABAAAABHVzZXIAAAAIAAAABHVzZXIAAAAANouDYAAAAAA4a2VgAAAAAAAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACAoVYLMLNBOH1SSgemFuDBprzpDXop6ufRSOo6vtD4mTwAAAFMAAAALc3NoLWVkMjU1MTkAAABAIKlI0TqqraKjYTjIuKhwoxAV/XnzWRJHq8lNs4aj5yDb84un2xXDF/0vXoLjPgVcLgEbksBKKn0i4whp+xn9Ag== user key diff --git a/regress/unittests/authopt/testdata/no_portfwd.cert b/regress/unittests/authopt/testdata/no_portfwd.cert new file mode 100644 index 000000000000..9457dc34e76c --- /dev/null +++ b/regress/unittests/authopt/testdata/no_portfwd.cert @@ -0,0 +1 @@ +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIE6gC/QjjuzGWVDkr8ZyaHhja80V+lKLC/MvmEFa+CEBAAAAICeF4LbtRqwIRhewXifa5PKpbSU9P/K8CzeVYj8J/iBoAAAAAAAAAAEAAAABAAAABHVzZXIAAAAIAAAABHVzZXIAAAAANouDYAAAAAA4a2VgAAAAAAAAAGQAAAAVcGVybWl0LVgxMS1mb3J3YXJkaW5nAAAAAAAAABdwZXJtaXQtYWdlbnQtZm9yd2FyZGluZwAAAAAAAAAKcGVybWl0LXB0eQAAAAAAAAAOcGVybWl0LXVzZXItcmMAAAAAAAAAAAAAADMAAAALc3NoLWVkMjU1MTkAAAAgKFWCzCzQTh9UkoHphbgwaa86Q16Kern0UjqOr7Q+Jk8AAABTAAAAC3NzaC1lZDI1NTE5AAAAQEzpgckYlfc1BK1ir0reDSXo9OIDx4UoDMrNXrFO6I44NXoJJ4TlUUJH07WcKp/Xp5ESCdyVZtqwgHQxZr0+PwI= user key diff --git a/regress/unittests/authopt/testdata/no_pty.cert b/regress/unittests/authopt/testdata/no_pty.cert new file mode 100644 index 000000000000..e8154ec7f8b6 --- /dev/null +++ b/regress/unittests/authopt/testdata/no_pty.cert @@ -0,0 +1 @@ +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIFFjhISpSDR3blDejuCf2T9Fe4aHW53jG7KOH2PV/E7jAAAAICeF4LbtRqwIRhewXifa5PKpbSU9P/K8CzeVYj8J/iBoAAAAAAAAAAEAAAABAAAABHVzZXIAAAAIAAAABHVzZXIAAAAANouDYAAAAAA4a2VgAAAAAAAAAHAAAAAVcGVybWl0LVgxMS1mb3J3YXJkaW5nAAAAAAAAABdwZXJtaXQtYWdlbnQtZm9yd2FyZGluZwAAAAAAAAAWcGVybWl0LXBvcnQtZm9yd2FyZGluZwAAAAAAAAAOcGVybWl0LXVzZXItcmMAAAAAAAAAAAAAADMAAAALc3NoLWVkMjU1MTkAAAAgKFWCzCzQTh9UkoHphbgwaa86Q16Kern0UjqOr7Q+Jk8AAABTAAAAC3NzaC1lZDI1NTE5AAAAQF5c4BdxVYgqbMGAep414IGFK4deCFBCeNUTOLpKodrfb1M0gS4d2qoeMxZvMv5yMf/viKl/gallHzEmcrEcIQY= user key diff --git a/regress/unittests/authopt/testdata/no_user_rc.cert b/regress/unittests/authopt/testdata/no_user_rc.cert new file mode 100644 index 000000000000..6676a0cbd4cb --- /dev/null +++ b/regress/unittests/authopt/testdata/no_user_rc.cert @@ -0,0 +1 @@ +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIFUM0VLATkYh05QeS5uuhB1X50NMom3jTWeQUmrPQ1FwAAAAICeF4LbtRqwIRhewXifa5PKpbSU9P/K8CzeVYj8J/iBoAAAAAAAAAAEAAAABAAAABHVzZXIAAAAIAAAABHVzZXIAAAAANouDYAAAAAA4a2VgAAAAAAAAAGwAAAAVcGVybWl0LVgxMS1mb3J3YXJkaW5nAAAAAAAAABdwZXJtaXQtYWdlbnQtZm9yd2FyZGluZwAAAAAAAAAWcGVybWl0LXBvcnQtZm9yd2FyZGluZwAAAAAAAAAKcGVybWl0LXB0eQAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACAoVYLMLNBOH1SSgemFuDBprzpDXop6ufRSOo6vtD4mTwAAAFMAAAALc3NoLWVkMjU1MTkAAABAcmJ3c2FCKJL9BCLv1Ij+uN1N+NWZmMXYionsSkv42Go4pMZiH3g8UfTd+OKq9Q7GAcCzGXa///6Dr/wqFssoDA== user key diff --git a/regress/unittests/authopt/testdata/no_x11fwd.cert b/regress/unittests/authopt/testdata/no_x11fwd.cert new file mode 100644 index 000000000000..0aff9e6cfea8 --- /dev/null +++ b/regress/unittests/authopt/testdata/no_x11fwd.cert @@ -0,0 +1 @@ +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIPRKPAP+b5S+4zihdgoJrYNcMovFBgKZaJupIhN1kUvkAAAAICeF4LbtRqwIRhewXifa5PKpbSU9P/K8CzeVYj8J/iBoAAAAAAAAAAEAAAABAAAABHVzZXIAAAAIAAAABHVzZXIAAAAANouDYAAAAAA4a2VgAAAAAAAAAGUAAAAXcGVybWl0LWFnZW50LWZvcndhcmRpbmcAAAAAAAAAFnBlcm1pdC1wb3J0LWZvcndhcmRpbmcAAAAAAAAACnBlcm1pdC1wdHkAAAAAAAAADnBlcm1pdC11c2VyLXJjAAAAAAAAAAAAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIChVgsws0E4fVJKB6YW4MGmvOkNeinq59FI6jq+0PiZPAAAAUwAAAAtzc2gtZWQyNTUxOQAAAECMzj6VDfT+BJmIEo1qUKdr8VDLExF92K7KkbNxTH77n7uip7TL24HDfXjYBCvqxSSn9KAGBhnWsIC/GPx6A+cP user key diff --git a/regress/unittests/authopt/testdata/only_agentfwd.cert b/regress/unittests/authopt/testdata/only_agentfwd.cert new file mode 100644 index 000000000000..3cf64b05c2de --- /dev/null +++ b/regress/unittests/authopt/testdata/only_agentfwd.cert @@ -0,0 +1 @@ +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIOvJ28yW5uvA7yxE3ySuyFvPjcRYKAr03CYr4okGTNIFAAAAICeF4LbtRqwIRhewXifa5PKpbSU9P/K8CzeVYj8J/iBoAAAAAAAAAAEAAAABAAAABHVzZXIAAAAIAAAABHVzZXIAAAAANouDYAAAAAA4a2VgAAAAAAAAAB8AAAAXcGVybWl0LWFnZW50LWZvcndhcmRpbmcAAAAAAAAAAAAAADMAAAALc3NoLWVkMjU1MTkAAAAgKFWCzCzQTh9UkoHphbgwaa86Q16Kern0UjqOr7Q+Jk8AAABTAAAAC3NzaC1lZDI1NTE5AAAAQEG2uTgmOSk9dJ0s/Ol1EIERXFP9PF6AauF9t5jBMSthNyvSANSrC/1EIaf4TV5kMYfhZxJXoS0XHQjGndcq2AE= user key diff --git a/regress/unittests/authopt/testdata/only_portfwd.cert b/regress/unittests/authopt/testdata/only_portfwd.cert new file mode 100644 index 000000000000..bb09c3a6335c --- /dev/null +++ b/regress/unittests/authopt/testdata/only_portfwd.cert @@ -0,0 +1 @@ +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIGPoYoExiSyHMyDEvOFgoNZXk5z91u7xq/7357X23TotAAAAICeF4LbtRqwIRhewXifa5PKpbSU9P/K8CzeVYj8J/iBoAAAAAAAAAAEAAAABAAAABHVzZXIAAAAIAAAABHVzZXIAAAAANouDYAAAAAA4a2VgAAAAAAAAAB4AAAAWcGVybWl0LXBvcnQtZm9yd2FyZGluZwAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACAoVYLMLNBOH1SSgemFuDBprzpDXop6ufRSOo6vtD4mTwAAAFMAAAALc3NoLWVkMjU1MTkAAABAHN3YnwipcbDKVn+PObGSoaT9rwlau+yrPYZ50oetvCKng3RMjGaV+roqlv0vjjLcxE9J4Y0ti+9MXtQ0D7beBA== user key diff --git a/regress/unittests/authopt/testdata/only_pty.cert b/regress/unittests/authopt/testdata/only_pty.cert new file mode 100644 index 000000000000..520c89f3be72 --- /dev/null +++ b/regress/unittests/authopt/testdata/only_pty.cert @@ -0,0 +1 @@ +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAILvocWYto5Lg7P46YLbe7U4/b2h9Lr5rWqMZ4Cj4ra7RAAAAICeF4LbtRqwIRhewXifa5PKpbSU9P/K8CzeVYj8J/iBoAAAAAAAAAAEAAAABAAAABHVzZXIAAAAIAAAABHVzZXIAAAAANouDYAAAAAA4a2VgAAAAAAAAABIAAAAKcGVybWl0LXB0eQAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACAoVYLMLNBOH1SSgemFuDBprzpDXop6ufRSOo6vtD4mTwAAAFMAAAALc3NoLWVkMjU1MTkAAABASv2xQvp+Y6E8dCf5pzg3MZaan5bl1ToYXNcmQ3ysGrk9Djkcu8m3TytDpF471KmUejxy/iF4xjs9CDpk7h+SBQ== user key diff --git a/regress/unittests/authopt/testdata/only_user_rc.cert b/regress/unittests/authopt/testdata/only_user_rc.cert new file mode 100644 index 000000000000..fb49c35f3c83 --- /dev/null +++ b/regress/unittests/authopt/testdata/only_user_rc.cert @@ -0,0 +1 @@ +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIJwsRZQ7kx4A8AQ0q/G/3i6sHM48kr4TxJtTcyy3lZAPAAAAICeF4LbtRqwIRhewXifa5PKpbSU9P/K8CzeVYj8J/iBoAAAAAAAAAAEAAAABAAAABHVzZXIAAAAIAAAABHVzZXIAAAAANouDYAAAAAA4a2VgAAAAAAAAABYAAAAOcGVybWl0LXVzZXItcmMAAAAAAAAAAAAAADMAAAALc3NoLWVkMjU1MTkAAAAgKFWCzCzQTh9UkoHphbgwaa86Q16Kern0UjqOr7Q+Jk8AAABTAAAAC3NzaC1lZDI1NTE5AAAAQDhgEXsvoHr21XrxmiZq/sIjWeYapp11XvEVkkTBPVhBnPwtrrUeJbPmGs3gmJkQdv8BYajYpT7TXEX8GvEeLwU= user key diff --git a/regress/unittests/authopt/testdata/only_x11fwd.cert b/regress/unittests/authopt/testdata/only_x11fwd.cert new file mode 100644 index 000000000000..6715585a0f05 --- /dev/null +++ b/regress/unittests/authopt/testdata/only_x11fwd.cert @@ -0,0 +1 @@ +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIDAhZFZBl3eu8Qa8I5BaHCz/mpH8xCjaPusBwo1eJ9OGAAAAICeF4LbtRqwIRhewXifa5PKpbSU9P/K8CzeVYj8J/iBoAAAAAAAAAAEAAAABAAAABHVzZXIAAAAIAAAABHVzZXIAAAAANouDYAAAAAA4a2VgAAAAAAAAAB0AAAAVcGVybWl0LVgxMS1mb3J3YXJkaW5nAAAAAAAAAAAAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIChVgsws0E4fVJKB6YW4MGmvOkNeinq59FI6jq+0PiZPAAAAUwAAAAtzc2gtZWQyNTUxOQAAAEDysfgbhniX/zdA8576rrDJpaO2D7QtQse2KWIM9XmREPkLKeP6FKiXKKFcPQiMyV28rptfvK8bBXAiOvITSUgL user key diff --git a/regress/unittests/authopt/testdata/sourceaddr.cert b/regress/unittests/authopt/testdata/sourceaddr.cert new file mode 100644 index 000000000000..0fcf7b182842 --- /dev/null +++ b/regress/unittests/authopt/testdata/sourceaddr.cert @@ -0,0 +1 @@ +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIJ54qqoPs87gtjN1aJoLUn7ZTYUtcaGxkzLyJvRkYG7nAAAAICeF4LbtRqwIRhewXifa5PKpbSU9P/K8CzeVYj8J/iBoAAAAAAAAAAEAAAABAAAABHVzZXIAAAAIAAAABHVzZXIAAAAANouDYAAAAAA4a2VgAAAALgAAAA5zb3VyY2UtYWRkcmVzcwAAABgAAAAUMTI3LjAuMC4xLzMyLDo6MS8xMjgAAACCAAAAFXBlcm1pdC1YMTEtZm9yd2FyZGluZwAAAAAAAAAXcGVybWl0LWFnZW50LWZvcndhcmRpbmcAAAAAAAAAFnBlcm1pdC1wb3J0LWZvcndhcmRpbmcAAAAAAAAACnBlcm1pdC1wdHkAAAAAAAAADnBlcm1pdC11c2VyLXJjAAAAAAAAAAAAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIChVgsws0E4fVJKB6YW4MGmvOkNeinq59FI6jq+0PiZPAAAAUwAAAAtzc2gtZWQyNTUxOQAAAEAppSUKQ/a9tw/HgIazWceCO3d48GU7mkV4iQMpWWs2nB1dFryY1GDtZrBggAjMviwmBXyM3jIk5vxJDINZXGQJ user key diff --git a/regress/unittests/authopt/testdata/unknown_critical.cert b/regress/unittests/authopt/testdata/unknown_critical.cert new file mode 100644 index 000000000000..216960ab3e3e --- /dev/null +++ b/regress/unittests/authopt/testdata/unknown_critical.cert @@ -0,0 +1 @@ +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIIjs/wRAB/p5QShSfqoU9cWnCLT3lSveUirk61A27KxVAAAAICeF4LbtRqwIRhewXifa5PKpbSU9P/K8CzeVYj8J/iBoAAAAAAAAAAEAAAABAAAABHVzZXIAAAAIAAAABHVzZXIAAAAANouDYAAAAAA4a2VgAAAAEwAAAARibGFoAAAABwAAAANmb28AAACCAAAAFXBlcm1pdC1YMTEtZm9yd2FyZGluZwAAAAAAAAAXcGVybWl0LWFnZW50LWZvcndhcmRpbmcAAAAAAAAAFnBlcm1pdC1wb3J0LWZvcndhcmRpbmcAAAAAAAAACnBlcm1pdC1wdHkAAAAAAAAADnBlcm1pdC11c2VyLXJjAAAAAAAAAAAAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIChVgsws0E4fVJKB6YW4MGmvOkNeinq59FI6jq+0PiZPAAAAUwAAAAtzc2gtZWQyNTUxOQAAAEDix3FV7JIBuHNAwtZOVIqGBq8lqhnEwP51DqPA43qt+Tzynm56EWxuFzgGehBPF3L8gl+fVqxIJmiQ9iHB0LUD user key diff --git a/regress/unittests/authopt/tests.c b/regress/unittests/authopt/tests.c new file mode 100644 index 000000000000..0e8aacb91699 --- /dev/null +++ b/regress/unittests/authopt/tests.c @@ -0,0 +1,573 @@ +/* $OpenBSD: tests.c,v 1.1 2018/03/03 03:16:17 djm Exp $ */ + +/* + * Regress test for keys options functions. + * + * Placed in the public domain + */ + +#include +#include +#include +#include +#include +#include + +#include "test_helper.h" + +#include "sshkey.h" +#include "authfile.h" +#include "auth-options.h" +#include "misc.h" +#include "log.h" + +static struct sshkey * +load_key(const char *name) +{ + struct sshkey *ret; + int r; + + r = sshkey_load_public(test_data_file(name), &ret, NULL); + ASSERT_INT_EQ(r, 0); + ASSERT_PTR_NE(ret, NULL); + return ret; +} + +static struct sshauthopt * +default_authkey_opts(void) +{ + struct sshauthopt *ret = sshauthopt_new(); + + ASSERT_PTR_NE(ret, NULL); + ret->permit_port_forwarding_flag = 1; + ret->permit_agent_forwarding_flag = 1; + ret->permit_x11_forwarding_flag = 1; + ret->permit_pty_flag = 1; + ret->permit_user_rc = 1; + return ret; +} + +static struct sshauthopt * +default_authkey_restrict_opts(void) +{ + struct sshauthopt *ret = sshauthopt_new(); + + ASSERT_PTR_NE(ret, NULL); + ret->permit_port_forwarding_flag = 0; + ret->permit_agent_forwarding_flag = 0; + ret->permit_x11_forwarding_flag = 0; + ret->permit_pty_flag = 0; + ret->permit_user_rc = 0; + ret->restricted = 1; + return ret; +} + +static char ** +commasplit(const char *s, size_t *np) +{ + char *ocp, *cp, *cp2, **ret = NULL; + size_t n; + + ocp = cp = strdup(s); + ASSERT_PTR_NE(cp, NULL); + for (n = 0; (cp2 = strsep(&cp, ",")) != NULL;) { + ret = recallocarray(ret, n, n + 1, sizeof(*ret)); + ASSERT_PTR_NE(ret, NULL); + cp2 = strdup(cp2); + ASSERT_PTR_NE(cp2, NULL); + ret[n++] = cp2; + } + free(ocp); + *np = n; + return ret; +} + +static void +compare_opts(const struct sshauthopt *opts, + const struct sshauthopt *expected) +{ + size_t i; + + ASSERT_PTR_NE(opts, NULL); + ASSERT_PTR_NE(expected, NULL); + ASSERT_PTR_NE(expected, opts); /* bozo :) */ + +#define FLAG_EQ(x) ASSERT_INT_EQ(opts->x, expected->x) + FLAG_EQ(permit_port_forwarding_flag); + FLAG_EQ(permit_agent_forwarding_flag); + FLAG_EQ(permit_x11_forwarding_flag); + FLAG_EQ(permit_pty_flag); + FLAG_EQ(permit_user_rc); + FLAG_EQ(restricted); + FLAG_EQ(cert_authority); +#undef FLAG_EQ + +#define STR_EQ(x) \ + do { \ + if (expected->x == NULL) \ + ASSERT_PTR_EQ(opts->x, expected->x); \ + else \ + ASSERT_STRING_EQ(opts->x, expected->x); \ + } while (0) + STR_EQ(cert_principals); + STR_EQ(force_command); + STR_EQ(required_from_host_cert); + STR_EQ(required_from_host_keys); +#undef STR_EQ + +#define ARRAY_EQ(nx, x) \ + do { \ + ASSERT_SIZE_T_EQ(opts->nx, expected->nx); \ + if (expected->nx == 0) \ + break; \ + for (i = 0; i < expected->nx; i++) \ + ASSERT_STRING_EQ(opts->x[i], expected->x[i]); \ + } while (0) + ARRAY_EQ(nenv, env); + ARRAY_EQ(npermitopen, permitopen); +#undef ARRAY_EQ +} + +static void +test_authkeys_parse(void) +{ + struct sshauthopt *opts, *expected; + const char *errstr; + +#define FAIL_TEST(label, keywords) \ + do { \ + TEST_START("sshauthopt_parse invalid " label); \ + opts = sshauthopt_parse(keywords, &errstr); \ + ASSERT_PTR_EQ(opts, NULL); \ + ASSERT_PTR_NE(errstr, NULL); \ + TEST_DONE(); \ + } while (0) +#define CHECK_SUCCESS_AND_CLEANUP() \ + do { \ + if (errstr != NULL) \ + ASSERT_STRING_EQ(errstr, ""); \ + compare_opts(opts, expected); \ + sshauthopt_free(expected); \ + sshauthopt_free(opts); \ + } while (0) + + /* Basic tests */ + TEST_START("sshauthopt_parse empty"); + expected = default_authkey_opts(); + opts = sshauthopt_parse("", &errstr); + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); + + TEST_START("sshauthopt_parse trailing whitespace"); + expected = default_authkey_opts(); + opts = sshauthopt_parse(" ", &errstr); + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); + + TEST_START("sshauthopt_parse restrict"); + expected = default_authkey_restrict_opts(); + opts = sshauthopt_parse("restrict", &errstr); + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); + + /* Invalid syntax */ + FAIL_TEST("trailing comma", "restrict,"); + FAIL_TEST("bare comma", ","); + FAIL_TEST("unknown option", "BLAH"); + FAIL_TEST("unknown option with trailing comma", "BLAH,"); + FAIL_TEST("unknown option with trailing whitespace", "BLAH "); + + /* force_tun_device */ + TEST_START("sshauthopt_parse tunnel explicit"); + expected = default_authkey_opts(); + expected->force_tun_device = 1; + opts = sshauthopt_parse("tunnel=\"1\"", &errstr); + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); + + TEST_START("sshauthopt_parse tunnel any"); + expected = default_authkey_opts(); + expected->force_tun_device = SSH_TUNID_ANY; + opts = sshauthopt_parse("tunnel=\"any\"", &errstr); + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); + + FAIL_TEST("tunnel", "tunnel=\"blah\""); + + /* Flag options */ +#define FLAG_TEST(keyword, var, val) \ + do { \ + TEST_START("sshauthopt_parse " keyword); \ + expected = default_authkey_opts(); \ + expected->var = val; \ + opts = sshauthopt_parse(keyword, &errstr); \ + CHECK_SUCCESS_AND_CLEANUP(); \ + expected = default_authkey_restrict_opts(); \ + expected->var = val; \ + opts = sshauthopt_parse("restrict,"keyword, &errstr); \ + CHECK_SUCCESS_AND_CLEANUP(); \ + TEST_DONE(); \ + } while (0) + /* Positive flags */ + FLAG_TEST("cert-authority", cert_authority, 1); + FLAG_TEST("port-forwarding", permit_port_forwarding_flag, 1); + FLAG_TEST("agent-forwarding", permit_agent_forwarding_flag, 1); + FLAG_TEST("x11-forwarding", permit_x11_forwarding_flag, 1); + FLAG_TEST("pty", permit_pty_flag, 1); + FLAG_TEST("user-rc", permit_user_rc, 1); + /* Negative flags */ + FLAG_TEST("no-port-forwarding", permit_port_forwarding_flag, 0); + FLAG_TEST("no-agent-forwarding", permit_agent_forwarding_flag, 0); + FLAG_TEST("no-x11-forwarding", permit_x11_forwarding_flag, 0); + FLAG_TEST("no-pty", permit_pty_flag, 0); + FLAG_TEST("no-user-rc", permit_user_rc, 0); +#undef FLAG_TEST + FAIL_TEST("no-cert-authority", "no-cert-authority"); + + /* String options */ +#define STRING_TEST(keyword, var, val) \ + do { \ + TEST_START("sshauthopt_parse " keyword); \ + expected = default_authkey_opts(); \ + expected->var = strdup(val); \ + ASSERT_PTR_NE(expected->var, NULL); \ + opts = sshauthopt_parse(keyword "=" #val, &errstr); \ + CHECK_SUCCESS_AND_CLEANUP(); \ + expected = default_authkey_restrict_opts(); \ + expected->var = strdup(val); \ + ASSERT_PTR_NE(expected->var, NULL); \ + opts = sshauthopt_parse( \ + "restrict," keyword "=" #val ",restrict", &errstr); \ + CHECK_SUCCESS_AND_CLEANUP(); \ + TEST_DONE(); \ + } while (0) + STRING_TEST("command", force_command, "/bin/true"); + STRING_TEST("principals", cert_principals, "gregor,josef,K"); + STRING_TEST("from", required_from_host_keys, "127.0.0.0/8"); +#undef STRING_TEST + FAIL_TEST("unquoted command", "command=oops"); + FAIL_TEST("unquoted principals", "principals=estragon"); + FAIL_TEST("unquoted from", "from=127.0.0.1"); + + /* String array option tests */ +#define ARRAY_TEST(label, keywords, var, nvar, val) \ + do { \ + TEST_START("sshauthopt_parse " label); \ + expected = default_authkey_opts(); \ + expected->var = commasplit(val, &expected->nvar); \ + ASSERT_PTR_NE(expected->var, NULL); \ + opts = sshauthopt_parse(keywords, &errstr); \ + CHECK_SUCCESS_AND_CLEANUP(); \ + expected = default_authkey_restrict_opts(); \ + expected->var = commasplit(val, &expected->nvar); \ + ASSERT_PTR_NE(expected->var, NULL); \ + opts = sshauthopt_parse( \ + "restrict," keywords ",restrict", &errstr); \ + CHECK_SUCCESS_AND_CLEANUP(); \ + TEST_DONE(); \ + } while (0) + ARRAY_TEST("environment", "environment=\"foo=1\",environment=\"bar=2\"", + env, nenv, "foo=1,bar=2"); + ARRAY_TEST("permitopen", "permitopen=\"foo:123\",permitopen=\"bar:*\"", + permitopen, npermitopen, "foo:123,bar:*"); +#undef ARRAY_TEST + FAIL_TEST("environment", "environment=\",=bah\""); + FAIL_TEST("permitopen port", "foo:bar"); + FAIL_TEST("permitopen missing port", "foo:"); + FAIL_TEST("permitopen missing port specification", "foo"); + FAIL_TEST("permitopen invalid host", "[:"); + +#undef CHECK_SUCCESS_AND_CLEANUP +#undef FAIL_TEST +} + +static void +test_cert_parse(void) +{ + struct sshkey *cert; + struct sshauthopt *opts, *expected; + +#define CHECK_SUCCESS_AND_CLEANUP() \ + do { \ + compare_opts(opts, expected); \ + sshauthopt_free(expected); \ + sshauthopt_free(opts); \ + sshkey_free(cert); \ + } while (0) +#define FLAG_TEST(keybase, var) \ + do { \ + TEST_START("sshauthopt_from_cert no_" keybase); \ + cert = load_key("no_" keybase ".cert"); \ + expected = default_authkey_opts(); \ + expected->var = 0; \ + opts = sshauthopt_from_cert(cert); \ + CHECK_SUCCESS_AND_CLEANUP(); \ + TEST_DONE(); \ + TEST_START("sshauthopt_from_cert only_" keybase); \ + cert = load_key("only_" keybase ".cert"); \ + expected = sshauthopt_new(); \ + ASSERT_PTR_NE(expected, NULL); \ + expected->var = 1; \ + opts = sshauthopt_from_cert(cert); \ + CHECK_SUCCESS_AND_CLEANUP(); \ + TEST_DONE(); \ + } while (0) + FLAG_TEST("agentfwd", permit_agent_forwarding_flag); + FLAG_TEST("portfwd", permit_port_forwarding_flag); + FLAG_TEST("pty", permit_pty_flag); + FLAG_TEST("user_rc", permit_user_rc); + FLAG_TEST("x11fwd", permit_x11_forwarding_flag); +#undef FLAG_TEST + + TEST_START("sshauthopt_from_cert all permitted"); + cert = load_key("all_permit.cert"); + expected = default_authkey_opts(); + opts = sshauthopt_from_cert(cert); + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); + + TEST_START("sshauthopt_from_cert nothing permitted"); + cert = load_key("no_permit.cert"); + expected = sshauthopt_new(); + ASSERT_PTR_NE(expected, NULL); + opts = sshauthopt_from_cert(cert); + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); + + TEST_START("sshauthopt_from_cert force-command"); + cert = load_key("force_command.cert"); + expected = default_authkey_opts(); + expected->force_command = strdup("foo"); + ASSERT_PTR_NE(expected->force_command, NULL); + opts = sshauthopt_from_cert(cert); + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); + + TEST_START("sshauthopt_from_cert source-address"); + cert = load_key("sourceaddr.cert"); + expected = default_authkey_opts(); + expected->required_from_host_cert = strdup("127.0.0.1/32,::1/128"); + ASSERT_PTR_NE(expected->required_from_host_cert, NULL); + opts = sshauthopt_from_cert(cert); + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); +#undef CHECK_SUCCESS_AND_CLEANUP + +#define FAIL_TEST(keybase) \ + do { \ + TEST_START("sshauthopt_from_cert " keybase); \ + cert = load_key(keybase ".cert"); \ + opts = sshauthopt_from_cert(cert); \ + ASSERT_PTR_EQ(opts, NULL); \ + sshkey_free(cert); \ + TEST_DONE(); \ + } while (0) + FAIL_TEST("host"); + FAIL_TEST("bad_sourceaddr"); + FAIL_TEST("unknown_critical"); +#undef FAIL_TEST +} + +static void +test_merge(void) +{ + struct sshkey *cert; + struct sshauthopt *key_opts, *cert_opts, *merge_opts, *expected; + const char *errstr; + + /* + * Prepare for a test by making some key and cert options and + * attempting to merge them. + */ +#define PREPARE(label, keyname, keywords) \ + do { \ + expected = NULL; \ + TEST_START("sshauthopt_merge " label); \ + cert = load_key(keyname ".cert"); \ + cert_opts = sshauthopt_from_cert(cert); \ + ASSERT_PTR_NE(cert_opts, NULL); \ + key_opts = sshauthopt_parse(keywords, &errstr); \ + if (errstr != NULL) \ + ASSERT_STRING_EQ(errstr, ""); \ + ASSERT_PTR_NE(key_opts, NULL); \ + merge_opts = sshauthopt_merge(key_opts, \ + cert_opts, &errstr); \ + } while (0) + + /* Cleanup stuff allocated by PREPARE() */ +#define CLEANUP() \ + do { \ + sshauthopt_free(expected); \ + sshauthopt_free(merge_opts); \ + sshauthopt_free(key_opts); \ + sshauthopt_free(cert_opts); \ + sshkey_free(cert); \ + } while (0) + + /* Check the results of PREPARE() against expectation; calls CLEANUP */ +#define CHECK_SUCCESS_AND_CLEANUP() \ + do { \ + if (errstr != NULL) \ + ASSERT_STRING_EQ(errstr, ""); \ + compare_opts(merge_opts, expected); \ + CLEANUP(); \ + } while (0) + + /* Check a single case of merging of flag options */ +#define FLAG_CASE(keybase, label, keyname, keywords, mostly_off, var, val) \ + do { \ + PREPARE(keybase " " label, keyname, keywords); \ + expected = mostly_off ? \ + sshauthopt_new() : default_authkey_opts(); \ + expected->var = val; \ + ASSERT_PTR_NE(expected, NULL); \ + CHECK_SUCCESS_AND_CLEANUP(); \ + TEST_DONE(); \ + } while (0) + + /* + * Fairly exhaustive exercise of a flag option. Tests + * option both set and clear in certificate, set and clear in + * authorized_keys and set and cleared via restrict keyword. + */ +#define FLAG_TEST(keybase, keyword, var) \ + do { \ + FLAG_CASE(keybase, "keys:default,yes cert:default,no", \ + "no_" keybase, keyword, 0, var, 0); \ + FLAG_CASE(keybase,"keys:-*,yes cert:default,no", \ + "no_" keybase, "restrict," keyword, 1, var, 0); \ + FLAG_CASE(keybase, "keys:default,no cert:default,no", \ + "no_" keybase, "no-" keyword, 0, var, 0); \ + FLAG_CASE(keybase, "keys:-*,no cert:default,no", \ + "no_" keybase, "restrict,no-" keyword, 1, var, 0); \ + \ + FLAG_CASE(keybase, "keys:default,yes cert:-*,yes", \ + "only_" keybase, keyword, 1, var, 1); \ + FLAG_CASE(keybase,"keys:-*,yes cert:-*,yes", \ + "only_" keybase, "restrict," keyword, 1, var, 1); \ + FLAG_CASE(keybase, "keys:default,no cert:-*,yes", \ + "only_" keybase, "no-" keyword, 1, var, 0); \ + FLAG_CASE(keybase, "keys:-*,no cert:-*,yes", \ + "only_" keybase, "restrict,no-" keyword, 1, var, 0); \ + \ + FLAG_CASE(keybase, "keys:default,yes cert:-*", \ + "no_permit", keyword, 1, var, 0); \ + FLAG_CASE(keybase,"keys:-*,yes cert:-*", \ + "no_permit", "restrict," keyword, 1, var, 0); \ + FLAG_CASE(keybase, "keys:default,no cert:-*", \ + "no_permit", "no-" keyword, 1, var, 0); \ + FLAG_CASE(keybase, "keys:-*,no cert:-*", \ + "no_permit", "restrict,no-" keyword, 1, var, 0); \ + \ + FLAG_CASE(keybase, "keys:default,yes cert:*", \ + "all_permit", keyword, 0, var, 1); \ + FLAG_CASE(keybase,"keys:-*,yes cert:*", \ + "all_permit", "restrict," keyword, 1, var, 1); \ + FLAG_CASE(keybase, "keys:default,no cert:*", \ + "all_permit", "no-" keyword, 0, var, 0); \ + FLAG_CASE(keybase, "keys:-*,no cert:*", \ + "all_permit", "restrict,no-" keyword, 1, var, 0); \ + \ + } while (0) + FLAG_TEST("portfwd", "port-forwarding", permit_port_forwarding_flag); + FLAG_TEST("agentfwd", "agent-forwarding", permit_agent_forwarding_flag); + FLAG_TEST("pty", "pty", permit_pty_flag); + FLAG_TEST("user_rc", "user-rc", permit_user_rc); + FLAG_TEST("x11fwd", "x11-forwarding", permit_x11_forwarding_flag); +#undef FLAG_TEST + + PREPARE("source-address both", "sourceaddr", "from=\"127.0.0.1\""); + expected = default_authkey_opts(); + expected->required_from_host_cert = strdup("127.0.0.1/32,::1/128"); + ASSERT_PTR_NE(expected->required_from_host_cert, NULL); + expected->required_from_host_keys = strdup("127.0.0.1"); + ASSERT_PTR_NE(expected->required_from_host_keys, NULL); + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); + + PREPARE("source-address none", "all_permit", ""); + expected = default_authkey_opts(); + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); + + PREPARE("source-address keys", "all_permit", "from=\"127.0.0.1\""); + expected = default_authkey_opts(); + expected->required_from_host_keys = strdup("127.0.0.1"); + ASSERT_PTR_NE(expected->required_from_host_keys, NULL); + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); + + PREPARE("source-address cert", "sourceaddr", ""); + expected = default_authkey_opts(); + expected->required_from_host_cert = strdup("127.0.0.1/32,::1/128"); + ASSERT_PTR_NE(expected->required_from_host_cert, NULL); + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); + + PREPARE("force-command both", "force_command", "command=\"foo\""); + expected = default_authkey_opts(); + expected->force_command = strdup("foo"); + ASSERT_PTR_NE(expected->force_command, NULL); + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); + + PREPARE("force-command none", "all_permit", ""); + expected = default_authkey_opts(); + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); + + PREPARE("force-command keys", "all_permit", "command=\"bar\""); + expected = default_authkey_opts(); + expected->force_command = strdup("bar"); + ASSERT_PTR_NE(expected->force_command, NULL); + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); + + PREPARE("force-command cert", "force_command", ""); + expected = default_authkey_opts(); + expected->force_command = strdup("foo"); + ASSERT_PTR_NE(expected->force_command, NULL); + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); + + PREPARE("force-command mismatch", "force_command", "command=\"bar\""); + ASSERT_PTR_EQ(merge_opts, NULL); + CLEANUP(); + TEST_DONE(); + + PREPARE("tunnel", "all_permit", "tunnel=\"6\""); + expected = default_authkey_opts(); + expected->force_tun_device = 6; + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); + + PREPARE("permitopen", "all_permit", + "permitopen=\"127.0.0.1:*\",permitopen=\"127.0.0.1:123\""); + expected = default_authkey_opts(); + expected->permitopen = commasplit("127.0.0.1:*,127.0.0.1:123", + &expected->npermitopen); + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); + + PREPARE("environment", "all_permit", + "environment=\"foo=a\",environment=\"bar=b\""); + expected = default_authkey_opts(); + expected->env = commasplit("foo=a,bar=b", &expected->nenv); + CHECK_SUCCESS_AND_CLEANUP(); + TEST_DONE(); +} + +void +tests(void) +{ + extern char *__progname; + LogLevel ll = test_is_verbose() ? + SYSLOG_LEVEL_DEBUG3 : SYSLOG_LEVEL_QUIET; + + /* test_cert_parse() are a bit spammy to error() by default... */ + log_init(__progname, ll, SYSLOG_FACILITY_USER, 1); + + test_authkeys_parse(); + test_cert_parse(); + test_merge(); +} diff --git a/regress/unittests/bitmap/Makefile b/regress/unittests/bitmap/Makefile index bd21949f8b5f..fe30acc77394 100644 --- a/regress/unittests/bitmap/Makefile +++ b/regress/unittests/bitmap/Makefile @@ -1,7 +1,11 @@ -# $OpenBSD: Makefile,v 1.3 2016/11/01 13:43:27 tb Exp $ +# $OpenBSD: Makefile,v 1.4 2017/12/21 00:41:22 djm Exp $ PROG=test_bitmap SRCS=tests.c + +# From usr.sbin/ssh +SRCS+=bitmap.c atomicio.c + REGRESS_TARGETS=run-regress-${PROG} run-regress-${PROG}: ${PROG} diff --git a/regress/unittests/conversion/Makefile b/regress/unittests/conversion/Makefile index cde97dc28a9a..8b2a09cc39fe 100644 --- a/regress/unittests/conversion/Makefile +++ b/regress/unittests/conversion/Makefile @@ -1,7 +1,12 @@ -# $OpenBSD: Makefile,v 1.1 2017/03/14 01:20:29 dtucker Exp $ +# $OpenBSD: Makefile,v 1.2 2017/12/21 00:41:22 djm Exp $ PROG=test_conversion SRCS=tests.c + +# From usr.bin/ssh +SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c +SRCS+=atomicio.c misc.c xmalloc.c log.c uidswap.c cleanup.c fatal.c ssherr.c + REGRESS_TARGETS=run-regress-${PROG} run-regress-${PROG}: ${PROG} diff --git a/regress/unittests/hostkeys/Makefile b/regress/unittests/hostkeys/Makefile index ae3c342bdbd5..3368851225c5 100644 --- a/regress/unittests/hostkeys/Makefile +++ b/regress/unittests/hostkeys/Makefile @@ -1,7 +1,20 @@ -# $OpenBSD: Makefile,v 1.3 2016/11/01 13:43:27 tb Exp $ +# $OpenBSD: Makefile,v 1.4 2017/12/21 00:41:22 djm Exp $ PROG=test_hostkeys SRCS=tests.c test_iterate.c + +# From usr.bin/ssh +SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c +SRCS+=atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c ssh-dss.c +SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c +SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c +SRCS+=addrmatch.c bitmap.c hostfile.c +SRCS+=ed25519.c hash.c ge25519.c fe25519.c sc25519.c verify.c +SRCS+=cipher-chachapoly.c chacha.c poly1305.c + +SRCS+=digest-openssl.c +#SRCS+=digest-libc.c + REGRESS_TARGETS=run-regress-${PROG} run-regress-${PROG}: ${PROG} diff --git a/regress/unittests/kex/Makefile b/regress/unittests/kex/Makefile index 7ed312675c87..5c61307a325a 100644 --- a/regress/unittests/kex/Makefile +++ b/regress/unittests/kex/Makefile @@ -1,7 +1,24 @@ -# $OpenBSD: Makefile,v 1.4 2016/11/01 13:43:27 tb Exp $ +# $OpenBSD: Makefile,v 1.5 2017/12/21 00:41:22 djm Exp $ PROG=test_kex SRCS=tests.c test_kex.c + +# From usr.bin/ssh +SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c +SRCS+=atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c ssh-dss.c +SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c +SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c +SRCS+=addrmatch.c bitmap.c packet.c dispatch.c canohost.c ssh_api.c +SRCS+=kex.c kexc25519.c kexc25519c.c kexc25519s.c kexdh.c kexdhc.c kexdhs.c +SRCS+=kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c kexgexs.c +SRCS+=dh.c compat.c +SRCS+=ed25519.c hash.c ge25519.c fe25519.c sc25519.c verify.c +SRCS+=cipher-chachapoly.c chacha.c poly1305.c +SRCS+=smult_curve25519_ref.c + +SRCS+=digest-openssl.c +#SRCS+=digest-libc.c + REGRESS_TARGETS=run-regress-${PROG} run-regress-${PROG}: ${PROG} diff --git a/regress/unittests/match/Makefile b/regress/unittests/match/Makefile index bd4aed8446ca..87e75826ac27 100644 --- a/regress/unittests/match/Makefile +++ b/regress/unittests/match/Makefile @@ -1,7 +1,13 @@ -# $OpenBSD: Makefile,v 1.3 2016/11/01 13:43:27 tb Exp $ +# $OpenBSD: Makefile,v 1.4 2017/12/21 03:01:49 djm Exp $ PROG=test_match SRCS=tests.c + +# From usr.bin/ssh +SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c +SRCS+=match.c misc.c log.c uidswap.c fatal.c ssherr.c addrmatch.c xmalloc.c +SRCS+=cleanup.c atomicio.c + REGRESS_TARGETS=run-regress-${PROG} run-regress-${PROG}: ${PROG} diff --git a/regress/unittests/sshbuf/Makefile b/regress/unittests/sshbuf/Makefile index 69b27566bd79..81d4f27a6132 100644 --- a/regress/unittests/sshbuf/Makefile +++ b/regress/unittests/sshbuf/Makefile @@ -1,4 +1,6 @@ -# $OpenBSD: Makefile,v 1.5 2016/11/01 13:43:27 tb Exp $ +# $OpenBSD: Makefile,v 1.6 2017/12/21 00:41:22 djm Exp $ + +.include PROG=test_sshbuf SRCS=tests.c @@ -10,5 +12,11 @@ SRCS+=test_sshbuf_fuzz.c SRCS+=test_sshbuf_getput_fuzz.c SRCS+=test_sshbuf_fixed.c -.include +# From usr.bin/ssh +SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c +SRCS+=atomicio.c + +run-regress-${PROG}: ${PROG} + env ${TEST_ENV} ./${PROG} + diff --git a/regress/unittests/sshkey/Makefile b/regress/unittests/sshkey/Makefile index cfbfcf8f15ac..1c940bec640b 100644 --- a/regress/unittests/sshkey/Makefile +++ b/regress/unittests/sshkey/Makefile @@ -1,7 +1,20 @@ -# $OpenBSD: Makefile,v 1.4 2016/11/01 13:43:27 tb Exp $ +# $OpenBSD: Makefile,v 1.5 2017/12/21 00:41:22 djm Exp $ PROG=test_sshkey SRCS=tests.c test_sshkey.c test_file.c test_fuzz.c common.c + +# From usr.bin/ssh +SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c +SRCS+=atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c ssh-dss.c +SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c +SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c +SRCS+=addrmatch.c bitmap.c +SRCS+=ed25519.c hash.c ge25519.c fe25519.c sc25519.c verify.c +SRCS+=cipher-chachapoly.c chacha.c poly1305.c + +SRCS+=digest-openssl.c +#SRCS+=digest-libc.c + REGRESS_TARGETS=run-regress-${PROG} run-regress-${PROG}: ${PROG} diff --git a/regress/unittests/sshkey/test_fuzz.c b/regress/unittests/sshkey/test_fuzz.c index 6706045d5060..d3b0c92b47a0 100644 --- a/regress/unittests/sshkey/test_fuzz.c +++ b/regress/unittests/sshkey/test_fuzz.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_fuzz.c,v 1.7 2017/04/30 23:33:48 djm Exp $ */ +/* $OpenBSD: test_fuzz.c,v 1.8 2017/12/21 00:41:22 djm Exp $ */ /* * Fuzz tests for key parsing * @@ -83,7 +83,7 @@ sig_fuzz(struct sshkey *k, const char *sig_alg) fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | /* too slow FUZZ_2_BIT_FLIP | */ FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP | FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END, sig, l); - ASSERT_INT_EQ(sshkey_verify(k, sig, l, c, sizeof(c), 0), 0); + ASSERT_INT_EQ(sshkey_verify(k, sig, l, c, sizeof(c), NULL, 0), 0); free(sig); TEST_ONERROR(onerror, fuzz); for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { @@ -91,7 +91,7 @@ sig_fuzz(struct sshkey *k, const char *sig_alg) if (fuzz_matches_original(fuzz)) continue; ASSERT_INT_NE(sshkey_verify(k, fuzz_ptr(fuzz), fuzz_len(fuzz), - c, sizeof(c), 0), 0); + c, sizeof(c), NULL, 0), 0); } fuzz_cleanup(fuzz); } diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c index 0a73322a34e5..1aa608f92b03 100644 --- a/regress/unittests/sshkey/test_sshkey.c +++ b/regress/unittests/sshkey/test_sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshkey.c,v 1.12 2017/05/08 06:08:42 djm Exp $ */ +/* $OpenBSD: test_sshkey.c,v 1.13 2017/12/21 00:41:22 djm Exp $ */ /* * Regress test for sshkey.h key management API * @@ -121,11 +121,11 @@ signature_test(struct sshkey *k, struct sshkey *bad, const char *sig_alg, ASSERT_INT_EQ(sshkey_sign(k, &sig, &len, d, l, sig_alg, 0), 0); ASSERT_SIZE_T_GT(len, 8); ASSERT_PTR_NE(sig, NULL); - ASSERT_INT_EQ(sshkey_verify(k, sig, len, d, l, 0), 0); - ASSERT_INT_NE(sshkey_verify(bad, sig, len, d, l, 0), 0); + ASSERT_INT_EQ(sshkey_verify(k, sig, len, d, l, NULL, 0), 0); + ASSERT_INT_NE(sshkey_verify(bad, sig, len, d, l, NULL, 0), 0); /* Fuzz test is more comprehensive, this is just a smoke test */ sig[len - 5] ^= 0x10; - ASSERT_INT_NE(sshkey_verify(k, sig, len, d, l, 0), 0); + ASSERT_INT_NE(sshkey_verify(k, sig, len, d, l, NULL, 0), 0); free(sig); } diff --git a/regress/unittests/test_helper/test_helper.c b/regress/unittests/test_helper/test_helper.c index f855137fb29f..866f3495d06e 100644 --- a/regress/unittests/test_helper/test_helper.c +++ b/regress/unittests/test_helper/test_helper.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_helper.c,v 1.7 2017/03/14 01:10:07 dtucker Exp $ */ +/* $OpenBSD: test_helper.c,v 1.8 2018/02/08 08:46:20 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -166,6 +166,18 @@ main(int argc, char **argv) return 0; } +int +test_is_verbose() +{ + return verbose_mode; +} + +int +test_is_quiet() +{ + return quiet_mode; +} + const char * test_data_file(const char *name) { diff --git a/regress/unittests/test_helper/test_helper.h b/regress/unittests/test_helper/test_helper.h index 615b7832b4dc..6da0066e907a 100644 --- a/regress/unittests/test_helper/test_helper.h +++ b/regress/unittests/test_helper/test_helper.h @@ -1,4 +1,4 @@ -/* $OpenBSD: test_helper.h,v 1.7 2017/03/14 01:10:07 dtucker Exp $ */ +/* $OpenBSD: test_helper.h,v 1.8 2018/02/08 08:46:20 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -43,6 +43,8 @@ void test_start(const char *n); void test_info(char *s, size_t len); void set_onerror_func(test_onerror_func_t *f, void *ctx); void test_done(void); +int test_is_verbose(void); +int test_is_quiet(void); void test_subtest_info(const char *fmt, ...) __attribute__((format(printf, 1, 2))); void ssl_err_check(const char *file, int line); diff --git a/regress/unittests/utf8/Makefile b/regress/unittests/utf8/Makefile index a975264fc146..f8eec0484f8f 100644 --- a/regress/unittests/utf8/Makefile +++ b/regress/unittests/utf8/Makefile @@ -1,7 +1,11 @@ -# $OpenBSD: Makefile,v 1.4 2016/11/01 13:43:27 tb Exp $ +# $OpenBSD: Makefile,v 1.5 2017/12/21 00:41:22 djm Exp $ PROG=test_utf8 SRCS=tests.c + +# From usr.bin/ssh +SRCS+=utf8.c atomicio.c + REGRESS_TARGETS=run-regress-${PROG} run-regress-${PROG}: ${PROG} diff --git a/regress/yes-head.sh b/regress/yes-head.sh index fce2f6580344..2759eb8ce59d 100644 --- a/regress/yes-head.sh +++ b/regress/yes-head.sh @@ -1,4 +1,4 @@ -# $OpenBSD: yes-head.sh,v 1.5 2015/03/03 22:35:19 markus Exp $ +# $OpenBSD: yes-head.sh,v 1.6 2017/04/30 23:34:55 djm Exp $ # Placed in the Public Domain. tid="yes pipe head" diff --git a/scp.0 b/scp.0 index 0cb7726c7552..0089ed80f99e 100644 --- a/scp.0 +++ b/scp.0 @@ -5,8 +5,7 @@ NAME SYNOPSIS scp [-346BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file] - [-l limit] [-o ssh_option] [-P port] [-S program] - [[user@]host1:]file1 ... [[user@]host2:]file2 + [-l limit] [-o ssh_option] [-P port] [-S program] source ... target DESCRIPTION scp copies files between hosts on a network. It uses ssh(1) for data @@ -14,11 +13,14 @@ DESCRIPTION as ssh(1). scp will ask for passwords or passphrases if they are needed for authentication. - File names may contain a user and host specification to indicate that the - file is to be copied to/from that host. Local file names can be made - explicit using absolute or relative pathnames to avoid scp treating file - names containing M-bM-^@M-^X:M-bM-^@M-^Y as host specifiers. Copies between two remote hosts - are also permitted. + The source and target may be specified as a local pathname, a remote host + with optional path in the form [user@]host:[path], or a URI in the form + scp://[user@]host[:port][/path]. Local file names can be made explicit + using absolute or relative pathnames to avoid scp treating file names + containing M-bM-^@M-^X:M-bM-^@M-^Y as host specifiers. + + When copying between two remote hosts, if the URI format is used, a port + may only be specified on the target if the -3 option is used. The options are as follows: @@ -63,6 +65,7 @@ DESCRIPTION AddressFamily BatchMode BindAddress + BindInterface CanonicalDomains CanonicalizeFallbackLocal CanonicalizeHostname @@ -156,4 +159,4 @@ AUTHORS Timo Rinne Tatu Ylonen -OpenBSD 6.2 May 3, 2017 OpenBSD 6.2 +OpenBSD 6.2 February 23, 2018 OpenBSD 6.2 diff --git a/scp.1 b/scp.1 index 76ce33361273..8d251e34a830 100644 --- a/scp.1 +++ b/scp.1 @@ -8,9 +8,9 @@ .\" .\" Created: Sun May 7 00:14:37 1995 ylo .\" -.\" $OpenBSD: scp.1,v 1.74 2017/05/03 21:49:18 naddy Exp $ +.\" $OpenBSD: scp.1,v 1.77 2018/02/23 07:38:09 jmc Exp $ .\" -.Dd $Mdocdate: May 3 2017 $ +.Dd $Mdocdate: February 23 2018 $ .Dt SCP 1 .Os .Sh NAME @@ -18,7 +18,6 @@ .Nd secure copy (remote file copy program) .Sh SYNOPSIS .Nm scp -.Bk -words .Op Fl 346BCpqrv .Op Fl c Ar cipher .Op Fl F Ar ssh_config @@ -27,20 +26,7 @@ .Op Fl o Ar ssh_option .Op Fl P Ar port .Op Fl S Ar program -.Sm off -.Oo -.Op Ar user No @ -.Ar host1 : -.Oc Ar file1 -.Sm on -.Ar ... -.Sm off -.Oo -.Op Ar user No @ -.Ar host2 : -.Oc Ar file2 -.Sm on -.Ek +.Ar source ... target .Sh DESCRIPTION .Nm copies files between hosts on a network. @@ -53,15 +39,33 @@ same security as will ask for passwords or passphrases if they are needed for authentication. .Pp -File names may contain a user and host specification to indicate -that the file is to be copied to/from that host. +The +.Ar source +and +.Ar target +may be specified as a local pathname, a remote host with optional path +in the form +.Sm off +.Oo user @ Oc host : Op path , +.Sm on +or a URI in the form +.Sm off +.No scp:// Oo user @ Oc host Oo : port Oc Op / path . +.Sm on Local file names can be made explicit using absolute or relative pathnames to avoid .Nm treating file names containing .Sq :\& as host specifiers. -Copies between two remote hosts are also permitted. +.Pp +When copying between two remote hosts, if the URI format is used, a +.Ar port +may only be specified on the +.Ar target +if the +.Fl 3 +option is used. .Pp The options are as follows: .Bl -tag -width Ds @@ -120,6 +124,7 @@ For full details of the options listed below, and their possible values, see .It AddressFamily .It BatchMode .It BindAddress +.It BindInterface .It CanonicalDomains .It CanonicalizeFallbackLocal .It CanonicalizeHostname diff --git a/scp.c b/scp.c index a533eb097412..31e6709fbcaa 100644 --- a/scp.c +++ b/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.192 2017/05/31 09:15:42 deraadt Exp $ */ +/* $OpenBSD: scp.c,v 1.195 2018/02/10 06:15:12 djm Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -112,6 +112,7 @@ #endif #include "xmalloc.h" +#include "ssh.h" #include "atomicio.h" #include "pathnames.h" #include "log.h" @@ -123,8 +124,8 @@ extern char *__progname; #define COPY_BUFLEN 16384 -int do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout); -int do_cmd2(char *host, char *remuser, char *cmd, int fdin, int fdout); +int do_cmd(char *host, char *remuser, int port, char *cmd, int *fdin, int *fdout); +int do_cmd2(char *host, char *remuser, int port, char *cmd, int fdin, int fdout); /* Struct for addargs */ arglist args; @@ -149,6 +150,9 @@ int showprogress = 1; */ int throughlocal = 0; +/* Non-standard port to use for the ssh connection or -1. */ +int sshport = -1; + /* This is the program to execute for the secured connection. ("ssh" or -S) */ char *ssh_program = _PATH_SSH_PROGRAM; @@ -231,7 +235,7 @@ do_local_cmd(arglist *a) */ int -do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout) +do_cmd(char *host, char *remuser, int port, char *cmd, int *fdin, int *fdout) { int pin[2], pout[2], reserved[2]; @@ -241,6 +245,9 @@ do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout) ssh_program, host, remuser ? remuser : "(unspecified)", cmd); + if (port == -1) + port = sshport; + /* * Reserve two descriptors so that the real pipes won't get * descriptors 0 and 1 because that will screw up dup2 below. @@ -274,6 +281,10 @@ do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout) close(pout[1]); replacearg(&args, 0, "%s", ssh_program); + if (port != -1) { + addargs(&args, "-p"); + addargs(&args, "%d", port); + } if (remuser != NULL) { addargs(&args, "-l"); addargs(&args, "%s", remuser); @@ -305,7 +316,7 @@ do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout) * This way the input and output of two commands can be connected. */ int -do_cmd2(char *host, char *remuser, char *cmd, int fdin, int fdout) +do_cmd2(char *host, char *remuser, int port, char *cmd, int fdin, int fdout) { pid_t pid; int status; @@ -316,6 +327,9 @@ do_cmd2(char *host, char *remuser, char *cmd, int fdin, int fdout) ssh_program, host, remuser ? remuser : "(unspecified)", cmd); + if (port == -1) + port = sshport; + /* Fork a child to execute the command on the remote host using ssh. */ pid = fork(); if (pid == 0) { @@ -323,6 +337,10 @@ do_cmd2(char *host, char *remuser, char *cmd, int fdin, int fdout) dup2(fdout, 1); replacearg(&args, 0, "%s", ssh_program); + if (port != -1) { + addargs(&args, "-p"); + addargs(&args, "%d", port); + } if (remuser != NULL) { addargs(&args, "-l"); addargs(&args, "%s", remuser); @@ -367,14 +385,14 @@ void rsource(char *, struct stat *); void sink(int, char *[]); void source(int, char *[]); void tolocal(int, char *[]); -void toremote(char *, int, char *[]); +void toremote(int, char *[]); void usage(void); int main(int argc, char **argv) { int ch, fflag, tflag, status, n; - char *targ, **newargv; + char **newargv; const char *errstr; extern char *optarg; extern int optind; @@ -400,6 +418,8 @@ main(int argc, char **argv) addargs(&args, "-oForwardAgent=no"); addargs(&args, "-oPermitLocalCommand=no"); addargs(&args, "-oClearAllForwardings=yes"); + addargs(&args, "-oRemoteCommand=none"); + addargs(&args, "-oRequestTTY=no"); fflag = tflag = 0; while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:P:q12346S:o:F:")) != -1) @@ -430,10 +450,9 @@ main(int argc, char **argv) addargs(&args, "%s", optarg); break; case 'P': - addargs(&remote_remote_args, "-p"); - addargs(&remote_remote_args, "%s", optarg); - addargs(&args, "-p"); - addargs(&args, "%s", optarg); + sshport = a2port(optarg); + if (sshport <= 0) + fatal("bad port \"%s\"\n", optarg); break; case 'B': addargs(&remote_remote_args, "-oBatchmode=yes"); @@ -533,8 +552,8 @@ main(int argc, char **argv) (void) signal(SIGPIPE, lostconn); - if ((targ = colon(argv[argc - 1]))) /* Dest is remote host. */ - toremote(targ, argc, argv); + if (colon(argv[argc - 1])) /* Dest is remote host. */ + toremote(argc, argv); else { if (targetshouldbedirectory) verifydir(argv[argc - 1]); @@ -589,72 +608,90 @@ do_times(int fd, int verb, const struct stat *sb) return (response()); } -void -toremote(char *targ, int argc, char **argv) +static int +parse_scp_uri(const char *uri, char **userp, char **hostp, int *portp, + char **pathp) { - char *bp, *host, *src, *suser, *thost, *tuser, *arg; + int r; + + r = parse_uri("scp", uri, userp, hostp, portp, pathp); + if (r == 0 && *pathp == NULL) + *pathp = xstrdup("."); + return r; +} + +void +toremote(int argc, char **argv) +{ + char *suser = NULL, *host = NULL, *src = NULL; + char *bp, *tuser, *thost, *targ; + int sport = -1, tport = -1; arglist alist; - int i; + int i, r; u_int j; memset(&alist, '\0', sizeof(alist)); alist.list = NULL; - *targ++ = 0; - if (*targ == 0) - targ = "."; - - arg = xstrdup(argv[argc - 1]); - if ((thost = strrchr(arg, '@'))) { - /* user@host */ - *thost++ = 0; - tuser = arg; - if (*tuser == '\0') - tuser = NULL; - } else { - thost = arg; - tuser = NULL; + /* Parse target */ + r = parse_scp_uri(argv[argc - 1], &tuser, &thost, &tport, &targ); + if (r == -1) { + fmprintf(stderr, "%s: invalid uri\n", argv[argc - 1]); + ++errs; + goto out; + } + if (r != 0) { + if (parse_user_host_path(argv[argc - 1], &tuser, &thost, + &targ) == -1) { + fmprintf(stderr, "%s: invalid target\n", argv[argc - 1]); + ++errs; + goto out; + } } - if (tuser != NULL && !okname(tuser)) { - free(arg); - return; + ++errs; + goto out; } + /* Parse source files */ for (i = 0; i < argc - 1; i++) { - src = colon(argv[i]); - if (src && throughlocal) { /* extended remote to remote */ - *src++ = 0; - if (*src == 0) - src = "."; - host = strrchr(argv[i], '@'); - if (host) { - *host++ = 0; - host = cleanhostname(host); - suser = argv[i]; - if (*suser == '\0') - suser = pwd->pw_name; - else if (!okname(suser)) - continue; - } else { - host = cleanhostname(argv[i]); - suser = NULL; - } + free(suser); + free(host); + free(src); + r = parse_scp_uri(argv[i], &suser, &host, &sport, &src); + if (r == -1) { + fmprintf(stderr, "%s: invalid uri\n", argv[i]); + ++errs; + continue; + } + if (r != 0) { + parse_user_host_path(argv[i], &suser, &host, &src); + } + if (suser != NULL && !okname(suser)) { + ++errs; + continue; + } + if (host && throughlocal) { /* extended remote to remote */ xasprintf(&bp, "%s -f %s%s", cmd, *src == '-' ? "-- " : "", src); - if (do_cmd(host, suser, bp, &remin, &remout) < 0) + if (do_cmd(host, suser, sport, bp, &remin, &remout) < 0) exit(1); free(bp); - host = cleanhostname(thost); xasprintf(&bp, "%s -t %s%s", cmd, *targ == '-' ? "-- " : "", targ); - if (do_cmd2(host, tuser, bp, remin, remout) < 0) + if (do_cmd2(thost, tuser, tport, bp, remin, remout) < 0) exit(1); free(bp); (void) close(remin); (void) close(remout); remin = remout = -1; - } else if (src) { /* standard remote to remote */ + } else if (host) { /* standard remote to remote */ + if (tport != -1 && tport != SSH_DEFAULT_PORT) { + /* This would require the remote support URIs */ + fatal("target port not supported with two " + "remote hosts without the -3 option"); + } + freeargs(&alist); addargs(&alist, "%s", ssh_program); addargs(&alist, "-x"); @@ -664,23 +701,14 @@ toremote(char *targ, int argc, char **argv) addargs(&alist, "%s", remote_remote_args.list[j]); } - *src++ = 0; - if (*src == 0) - src = "."; - host = strrchr(argv[i], '@'); - if (host) { - *host++ = 0; - host = cleanhostname(host); - suser = argv[i]; - if (*suser == '\0') - suser = pwd->pw_name; - else if (!okname(suser)) - continue; + if (sport != -1) { + addargs(&alist, "-p"); + addargs(&alist, "%d", sport); + } + if (suser) { addargs(&alist, "-l"); addargs(&alist, "%s", suser); - } else { - host = cleanhostname(argv[i]); } addargs(&alist, "--"); addargs(&alist, "%s", host); @@ -695,8 +723,7 @@ toremote(char *targ, int argc, char **argv) if (remin == -1) { xasprintf(&bp, "%s -t %s%s", cmd, *targ == '-' ? "-- " : "", targ); - host = cleanhostname(thost); - if (do_cmd(host, tuser, bp, &remin, + if (do_cmd(thost, tuser, tport, bp, &remin, &remout) < 0) exit(1); if (response() < 0) @@ -706,21 +733,42 @@ toremote(char *targ, int argc, char **argv) source(1, argv + i); } } - free(arg); +out: + free(tuser); + free(thost); + free(targ); + free(suser); + free(host); + free(src); } void tolocal(int argc, char **argv) { - char *bp, *host, *src, *suser; + char *bp, *host = NULL, *src = NULL, *suser = NULL; arglist alist; - int i; + int i, r, sport = -1; memset(&alist, '\0', sizeof(alist)); alist.list = NULL; for (i = 0; i < argc - 1; i++) { - if (!(src = colon(argv[i]))) { /* Local to local. */ + free(suser); + free(host); + free(src); + r = parse_scp_uri(argv[i], &suser, &host, &sport, &src); + if (r == -1) { + fmprintf(stderr, "%s: invalid uri\n", argv[i]); + ++errs; + continue; + } + if (r != 0) + parse_user_host_path(argv[i], &suser, &host, &src); + if (suser != NULL && !okname(suser)) { + ++errs; + continue; + } + if (!host) { /* Local to local. */ freeargs(&alist); addargs(&alist, "%s", _PATH_CP); if (iamrecursive) @@ -734,22 +782,10 @@ tolocal(int argc, char **argv) ++errs; continue; } - *src++ = 0; - if (*src == 0) - src = "."; - if ((host = strrchr(argv[i], '@')) == NULL) { - host = argv[i]; - suser = NULL; - } else { - *host++ = 0; - suser = argv[i]; - if (*suser == '\0') - suser = pwd->pw_name; - } - host = cleanhostname(host); + /* Remote to local. */ xasprintf(&bp, "%s -f %s%s", cmd, *src == '-' ? "-- " : "", src); - if (do_cmd(host, suser, bp, &remin, &remout) < 0) { + if (do_cmd(host, suser, sport, bp, &remin, &remout) < 0) { free(bp); ++errs; continue; @@ -759,6 +795,9 @@ tolocal(int argc, char **argv) (void) close(remin); remin = remout = -1; } + free(suser); + free(host); + free(src); } void @@ -1275,8 +1314,7 @@ usage(void) { (void) fprintf(stderr, "usage: scp [-346BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]\n" - " [-l limit] [-o ssh_option] [-P port] [-S program]\n" - " [[user@]host1:]file1 ... [[user@]host2:]file2\n"); + " [-l limit] [-o ssh_option] [-P port] [-S program] source ... target\n"); exit(1); } diff --git a/servconf.c b/servconf.c index 2c321a4ad4f3..0f0d090686b1 100644 --- a/servconf.c +++ b/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.312 2017/10/02 19:33:20 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.326 2018/03/01 20:32:16 markus Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -15,10 +15,16 @@ #include #include +#ifdef HAVE_SYS_SYSCTL_H +#include +#endif #include #include #include +#ifdef HAVE_NET_ROUTE_H +#include +#endif #include #include @@ -58,8 +64,10 @@ #include "myproposal.h" #include "digest.h" -static void add_listen_addr(ServerOptions *, char *, int); -static void add_one_listen_addr(ServerOptions *, char *, int); +static void add_listen_addr(ServerOptions *, const char *, + const char *, int); +static void add_one_listen_addr(ServerOptions *, const char *, + const char *, int); /* Use of privilege separation or not */ extern int use_privsep; @@ -81,7 +89,9 @@ initialize_server_options(ServerOptions *options) options->queued_listen_addrs = NULL; options->num_queued_listens = 0; options->listen_addrs = NULL; + options->num_listen_addrs = 0; options->address_family = -1; + options->routing_domain = NULL; options->num_host_key_files = 0; options->num_host_cert_files = 0; options->host_key_agent = NULL; @@ -188,10 +198,45 @@ assemble_algorithms(ServerOptions *o) fatal("kex_assemble_names failed"); } +static void +array_append(const char *file, const int line, const char *directive, + char ***array, u_int *lp, const char *s) +{ + + if (*lp >= INT_MAX) + fatal("%s line %d: Too many %s entries", file, line, directive); + + *array = xrecallocarray(*array, *lp, *lp + 1, sizeof(**array)); + (*array)[*lp] = xstrdup(s); + (*lp)++; +} + +void +servconf_add_hostkey(const char *file, const int line, + ServerOptions *options, const char *path) +{ + char *apath = derelativise_path(path); + + array_append(file, line, "HostKey", + &options->host_key_files, &options->num_host_key_files, apath); + free(apath); +} + +void +servconf_add_hostcert(const char *file, const int line, + ServerOptions *options, const char *path) +{ + char *apath = derelativise_path(path); + + array_append(file, line, "HostCertificate", + &options->host_cert_files, &options->num_host_cert_files, apath); + free(apath); +} + void fill_default_server_options(ServerOptions *options) { - int i; + u_int i; /* Portable-specific options */ if (options->use_pam == -1) @@ -200,16 +245,18 @@ fill_default_server_options(ServerOptions *options) /* Standard Options */ if (options->num_host_key_files == 0) { /* fill default hostkeys for protocols */ - options->host_key_files[options->num_host_key_files++] = - _PATH_HOST_RSA_KEY_FILE; - options->host_key_files[options->num_host_key_files++] = - _PATH_HOST_DSA_KEY_FILE; + servconf_add_hostkey("[default]", 0, options, + _PATH_HOST_RSA_KEY_FILE); #ifdef OPENSSL_HAS_ECC - options->host_key_files[options->num_host_key_files++] = - _PATH_HOST_ECDSA_KEY_FILE; + servconf_add_hostkey("[default]", 0, options, + _PATH_HOST_ECDSA_KEY_FILE); #endif - options->host_key_files[options->num_host_key_files++] = - _PATH_HOST_ED25519_KEY_FILE; + servconf_add_hostkey("[default]", 0, options, + _PATH_HOST_ED25519_KEY_FILE); +#ifdef WITH_XMSS + servconf_add_hostkey("[default]", 0, options, + _PATH_HOST_XMSS_KEY_FILE); +#endif /* WITH_XMSS */ } /* No certificates by default */ if (options->num_ports == 0) @@ -217,7 +264,7 @@ fill_default_server_options(ServerOptions *options) if (options->address_family == -1) options->address_family = AF_UNSPEC; if (options->listen_addrs == NULL) - add_listen_addr(options, NULL, 0); + add_listen_addr(options, NULL, NULL, 0); if (options->pid_file == NULL) options->pid_file = xstrdup(_PATH_SSH_DAEMON_PID_FILE); if (options->login_grace_time == -1) @@ -313,10 +360,14 @@ fill_default_server_options(ServerOptions *options) if (options->client_alive_count_max == -1) options->client_alive_count_max = 3; if (options->num_authkeys_files == 0) { - options->authorized_keys_files[options->num_authkeys_files++] = - xstrdup(_PATH_SSH_USER_PERMITTED_KEYS); - options->authorized_keys_files[options->num_authkeys_files++] = - xstrdup(_PATH_SSH_USER_PERMITTED_KEYS2); + array_append("[default]", 0, "AuthorizedKeysFiles", + &options->authorized_keys_files, + &options->num_authkeys_files, + _PATH_SSH_USER_PERMITTED_KEYS); + array_append("[default]", 0, "AuthorizedKeysFiles", + &options->authorized_keys_files, + &options->num_authkeys_files, + _PATH_SSH_USER_PERMITTED_KEYS2); } if (options->permit_tun == -1) options->permit_tun = SSH_TUNMODE_NO; @@ -358,6 +409,7 @@ fill_default_server_options(ServerOptions *options) CLEAR_ON_NONE(options->authorized_principals_file); CLEAR_ON_NONE(options->adm_forced_command); CLEAR_ON_NONE(options->chroot_directory); + CLEAR_ON_NONE(options->routing_domain); for (i = 0; i < options->num_host_key_files; i++) CLEAR_ON_NONE(options->host_key_files[i]); for (i = 0; i < options->num_host_cert_files; i++) @@ -393,8 +445,7 @@ typedef enum { sPermitRootLogin, sLogFacility, sLogLevel, sRhostsRSAAuthentication, sRSAAuthentication, sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, - sKerberosGetAFSToken, - sKerberosTgtPassing, sChallengeResponseAuthentication, + sKerberosGetAFSToken, sChallengeResponseAuthentication, sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, sPrintMotd, sPrintLastLog, sIgnoreRhosts, @@ -421,7 +472,7 @@ typedef enum { sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, sStreamLocalBindMask, sStreamLocalBindUnlink, sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, - sExposeAuthInfo, + sExposeAuthInfo, sRDomain, sDeprecated, sIgnore, sUnsupported } ServerOpCodes; @@ -566,6 +617,7 @@ static struct { { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL }, { "disableforwarding", sDisableForwarding, SSHCFG_ALL }, { "exposeauthinfo", sExposeAuthInfo, SSHCFG_ALL }, + { "rdomain", sRDomain, SSHCFG_ALL }, { NULL, sBadOption, 0 } }; @@ -619,23 +671,51 @@ derelativise_path(const char *path) } static void -add_listen_addr(ServerOptions *options, char *addr, int port) +add_listen_addr(ServerOptions *options, const char *addr, + const char *rdomain, int port) { u_int i; - if (port == 0) - for (i = 0; i < options->num_ports; i++) - add_one_listen_addr(options, addr, options->ports[i]); - else - add_one_listen_addr(options, addr, port); + if (port > 0) + add_one_listen_addr(options, addr, rdomain, port); + else { + for (i = 0; i < options->num_ports; i++) { + add_one_listen_addr(options, addr, rdomain, + options->ports[i]); + } + } } static void -add_one_listen_addr(ServerOptions *options, char *addr, int port) +add_one_listen_addr(ServerOptions *options, const char *addr, + const char *rdomain, int port) { struct addrinfo hints, *ai, *aitop; char strport[NI_MAXSERV]; int gaierr; + u_int i; + + /* Find listen_addrs entry for this rdomain */ + for (i = 0; i < options->num_listen_addrs; i++) { + if (rdomain == NULL && options->listen_addrs[i].rdomain == NULL) + break; + if (rdomain == NULL || options->listen_addrs[i].rdomain == NULL) + continue; + if (strcmp(rdomain, options->listen_addrs[i].rdomain) == 0) + break; + } + if (i >= options->num_listen_addrs) { + /* No entry for this rdomain; allocate one */ + if (i >= INT_MAX) + fatal("%s: too many listen addresses", __func__); + options->listen_addrs = xrecallocarray(options->listen_addrs, + options->num_listen_addrs, options->num_listen_addrs + 1, + sizeof(*options->listen_addrs)); + i = options->num_listen_addrs++; + if (rdomain != NULL) + options->listen_addrs[i].rdomain = xstrdup(rdomain); + } + /* options->listen_addrs[i] points to the addresses for this rdomain */ memset(&hints, 0, sizeof(hints)); hints.ai_family = options->address_family; @@ -648,8 +728,44 @@ add_one_listen_addr(ServerOptions *options, char *addr, int port) ssh_gai_strerror(gaierr)); for (ai = aitop; ai->ai_next; ai = ai->ai_next) ; - ai->ai_next = options->listen_addrs; - options->listen_addrs = aitop; + ai->ai_next = options->listen_addrs[i].addrs; + options->listen_addrs[i].addrs = aitop; +} + +/* Returns nonzero if the routing domain name is valid */ +static int +valid_rdomain(const char *name) +{ +#if defined(HAVE_SYS_VALID_RDOMAIN) + return sys_valid_rdomain(name); +#elif defined(__OpenBSD__) + const char *errstr; + long long num; + struct rt_tableinfo info; + int mib[6]; + size_t miblen = sizeof(mib); + + if (name == NULL) + return 1; + + num = strtonum(name, 0, 255, &errstr); + if (errstr != NULL) + return 0; + + /* Check whether the table actually exists */ + memset(mib, 0, sizeof(mib)); + mib[0] = CTL_NET; + mib[1] = PF_ROUTE; + mib[4] = NET_RT_TABLE; + mib[5] = (int)num; + if (sysctl(mib, 6, &info, &miblen, NULL, 0) == -1) + return 0; + + return 1; +#else /* defined(__OpenBSD__) */ + error("Routing domains are not supported on this platform"); + return 0; +#endif } /* @@ -657,18 +773,19 @@ add_one_listen_addr(ServerOptions *options, char *addr, int port) * and AddressFamily options. */ static void -queue_listen_addr(ServerOptions *options, char *addr, int port) +queue_listen_addr(ServerOptions *options, const char *addr, + const char *rdomain, int port) { - options->queued_listen_addrs = xreallocarray( - options->queued_listen_addrs, options->num_queued_listens + 1, - sizeof(addr)); - options->queued_listen_ports = xreallocarray( - options->queued_listen_ports, options->num_queued_listens + 1, - sizeof(port)); - options->queued_listen_addrs[options->num_queued_listens] = - xstrdup(addr); - options->queued_listen_ports[options->num_queued_listens] = port; - options->num_queued_listens++; + struct queued_listenaddr *qla; + + options->queued_listen_addrs = xrecallocarray( + options->queued_listen_addrs, + options->num_queued_listens, options->num_queued_listens + 1, + sizeof(*options->queued_listen_addrs)); + qla = &options->queued_listen_addrs[options->num_queued_listens++]; + qla->addr = xstrdup(addr); + qla->port = port; + qla->rdomain = rdomain == NULL ? NULL : xstrdup(rdomain); } /* @@ -678,6 +795,7 @@ static void process_queued_listen_addrs(ServerOptions *options) { u_int i; + struct queued_listenaddr *qla; if (options->num_ports == 0) options->ports[options->num_ports++] = SSH_DEFAULT_PORT; @@ -685,15 +803,13 @@ process_queued_listen_addrs(ServerOptions *options) options->address_family = AF_UNSPEC; for (i = 0; i < options->num_queued_listens; i++) { - add_listen_addr(options, options->queued_listen_addrs[i], - options->queued_listen_ports[i]); - free(options->queued_listen_addrs[i]); - options->queued_listen_addrs[i] = NULL; + qla = &options->queued_listen_addrs[i]; + add_listen_addr(options, qla->addr, qla->rdomain, qla->port); + free(qla->addr); + free(qla->rdomain); } free(options->queued_listen_addrs); options->queued_listen_addrs = NULL; - free(options->queued_listen_ports); - options->queued_listen_ports = NULL; options->num_queued_listens = 0; } @@ -747,6 +863,7 @@ get_connection_info(int populate, int use_dns) ci.address = ssh_remote_ipaddr(ssh); ci.laddress = ssh_local_ipaddr(ssh); ci.lport = ssh_local_port(ssh); + ci.rdomain = ssh_packet_rdomain_in(ssh); return &ci; } @@ -811,6 +928,13 @@ match_cfg_line_group(const char *grps, int line, const char *user) return result; } +static void +match_test_missing_fatal(const char *criteria, const char *attrib) +{ + fatal("'Match %s' in configuration but '%s' not in connection " + "test specification.", criteria, attrib); +} + /* * All of the attributes on a single Match line are ANDed together, so we need * to check every attribute and set the result to zero if any attribute does @@ -848,20 +972,24 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) return -1; } if (strcasecmp(attrib, "user") == 0) { - if (ci == NULL || ci->user == NULL) { + if (ci == NULL) { result = 0; continue; } + if (ci->user == NULL) + match_test_missing_fatal("User", "user"); if (match_pattern_list(ci->user, arg, 0) != 1) result = 0; else debug("user %.100s matched 'User %.100s' at " "line %d", ci->user, arg, line); } else if (strcasecmp(attrib, "group") == 0) { - if (ci == NULL || ci->user == NULL) { + if (ci == NULL) { result = 0; continue; } + if (ci->user == NULL) + match_test_missing_fatal("Group", "user"); switch (match_cfg_line_group(arg, line, ci->user)) { case -1: return -1; @@ -869,20 +997,24 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) result = 0; } } else if (strcasecmp(attrib, "host") == 0) { - if (ci == NULL || ci->host == NULL) { + if (ci == NULL) { result = 0; continue; } + if (ci->host == NULL) + match_test_missing_fatal("Host", "host"); if (match_hostname(ci->host, arg) != 1) result = 0; else debug("connection from %.100s matched 'Host " "%.100s' at line %d", ci->host, arg, line); } else if (strcasecmp(attrib, "address") == 0) { - if (ci == NULL || ci->address == NULL) { + if (ci == NULL) { result = 0; continue; } + if (ci->address == NULL) + match_test_missing_fatal("Address", "addr"); switch (addr_match_list(ci->address, arg)) { case 1: debug("connection from %.100s matched 'Address " @@ -896,10 +1028,13 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) return -1; } } else if (strcasecmp(attrib, "localaddress") == 0){ - if (ci == NULL || ci->laddress == NULL) { + if (ci == NULL) { result = 0; continue; } + if (ci->laddress == NULL) + match_test_missing_fatal("LocalAddress", + "laddr"); switch (addr_match_list(ci->laddress, arg)) { case 1: debug("connection from %.100s matched " @@ -919,10 +1054,12 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) arg); return -1; } - if (ci == NULL || ci->lport == 0) { + if (ci == NULL) { result = 0; continue; } + if (ci->lport == 0) + match_test_missing_fatal("LocalPort", "lport"); /* TODO support port lists */ if (port == ci->lport) debug("connection from %.100s matched " @@ -930,6 +1067,16 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) ci->laddress, port, line); else result = 0; + } else if (strcasecmp(attrib, "rdomain") == 0) { + if (ci == NULL || ci->rdomain == NULL) { + result = 0; + continue; + } + if (match_pattern_list(ci->rdomain, arg, 0) != 1) + result = 0; + else + debug("user %.100s matched 'RDomain %.100s' at " + "line %d", ci->rdomain, arg, line); } else { error("Unsupported Match attribute %s", attrib); return -1; @@ -952,6 +1099,11 @@ struct multistate { char *key; int value; }; +static const struct multistate multistate_flag[] = { + { "yes", 1 }, + { "no", 0 }, + { NULL, -1 } +}; static const struct multistate multistate_addressfamily[] = { { "inet", AF_INET }, { "inet6", AF_INET6 }, @@ -1001,6 +1153,7 @@ process_server_config_line(ServerOptions *options, char *line, size_t len; long long val64; const struct multistate *multistate_ptr; + const char *errstr; /* Strip trailing whitespace. Allow \f (form feed) at EOL only */ if ((len = strlen(line)) == 0) @@ -1088,20 +1241,33 @@ process_server_config_line(ServerOptions *options, char *line, /* check for bare IPv6 address: no "[]" and 2 or more ":" */ if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL && strchr(p+1, ':') != NULL) { - queue_listen_addr(options, arg, 0); - break; - } - p = hpdelim(&arg); - if (p == NULL) - fatal("%s line %d: bad address:port usage", - filename, linenum); - p = cleanhostname(p); - if (arg == NULL) port = 0; - else if ((port = a2port(arg)) <= 0) - fatal("%s line %d: bad port number", filename, linenum); + p = arg; + } else { + p = hpdelim(&arg); + if (p == NULL) + fatal("%s line %d: bad address:port usage", + filename, linenum); + p = cleanhostname(p); + if (arg == NULL) + port = 0; + else if ((port = a2port(arg)) <= 0) + fatal("%s line %d: bad port number", + filename, linenum); + } + /* Optional routing table */ + arg2 = NULL; + if ((arg = strdelim(&cp)) != NULL) { + if (strcmp(arg, "rdomain") != 0 || + (arg2 = strdelim(&cp)) == NULL) + fatal("%s line %d: bad ListenAddress syntax", + filename, linenum); + if (!valid_rdomain(arg2)) + fatal("%s line %d: bad routing domain", + filename, linenum); + } - queue_listen_addr(options, p, port); + queue_listen_addr(options, p, arg2, port); break; @@ -1128,22 +1294,12 @@ process_server_config_line(ServerOptions *options, char *line, break; case sHostKeyFile: - intptr = &options->num_host_key_files; - if (*intptr >= MAX_HOSTKEYS) - fatal("%s line %d: too many host keys specified (max %d).", - filename, linenum, MAX_HOSTKEYS); - charptr = &options->host_key_files[*intptr]; - parse_filename: arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: missing file name.", filename, linenum); - if (*activep && *charptr == NULL) { - *charptr = derelativise_path(arg); - /* increase optional counter */ - if (intptr != NULL) - *intptr = *intptr + 1; - } + if (*activep) + servconf_add_hostkey(filename, linenum, options, arg); break; case sHostKeyAgent: @@ -1158,17 +1314,28 @@ process_server_config_line(ServerOptions *options, char *line, break; case sHostCertificate: - intptr = &options->num_host_cert_files; - if (*intptr >= MAX_HOSTKEYS) - fatal("%s line %d: too many host certificates " - "specified (max %d).", filename, linenum, - MAX_HOSTCERTS); - charptr = &options->host_cert_files[*intptr]; - goto parse_filename; + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: missing file name.", + filename, linenum); + if (*activep) + servconf_add_hostcert(filename, linenum, options, arg); + break; case sPidFile: charptr = &options->pid_file; - goto parse_filename; + parse_filename: + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: missing file name.", + filename, linenum); + if (*activep && *charptr == NULL) { + *charptr = derelativise_path(arg); + /* increase optional counter */ + if (intptr != NULL) + *intptr = *intptr + 1; + } + break; case sPermitRootLogin: intptr = &options->permit_root_login; @@ -1178,21 +1345,8 @@ process_server_config_line(ServerOptions *options, char *line, case sIgnoreRhosts: intptr = &options->ignore_rhosts; parse_flag: - arg = strdelim(&cp); - if (!arg || *arg == '\0') - fatal("%s line %d: missing yes/no argument.", - filename, linenum); - value = 0; /* silence compiler */ - if (strcmp(arg, "yes") == 0) - value = 1; - else if (strcmp(arg, "no") == 0) - value = 0; - else - fatal("%s line %d: Bad yes/no argument: %s", - filename, linenum, arg); - if (*activep && *intptr == -1) - *intptr = value; - break; + multistate_ptr = multistate_flag; + goto parse_multistate; case sIgnoreUserKnownHosts: intptr = &options->ignore_user_known_hosts; @@ -1289,10 +1443,9 @@ process_server_config_line(ServerOptions *options, char *line, intptr = &options->x11_display_offset; parse_int: arg = strdelim(&cp); - if (!arg || *arg == '\0') - fatal("%s line %d: missing integer value.", - filename, linenum); - value = atoi(arg); + if ((errstr = atoi_err(arg, &value)) != NULL) + fatal("%s line %d: integer value %s.", + filename, linenum, errstr); if (*activep && *intptr == -1) *intptr = value; break; @@ -1412,55 +1565,47 @@ process_server_config_line(ServerOptions *options, char *line, case sAllowUsers: while ((arg = strdelim(&cp)) && *arg != '\0') { - if (options->num_allow_users >= MAX_ALLOW_USERS) - fatal("%s line %d: too many allow users.", - filename, linenum); if (match_user(NULL, NULL, NULL, arg) == -1) fatal("%s line %d: invalid AllowUsers pattern: " "\"%.100s\"", filename, linenum, arg); if (!*activep) continue; - options->allow_users[options->num_allow_users++] = - xstrdup(arg); + array_append(filename, linenum, "AllowUsers", + &options->allow_users, &options->num_allow_users, + arg); } break; case sDenyUsers: while ((arg = strdelim(&cp)) && *arg != '\0') { - if (options->num_deny_users >= MAX_DENY_USERS) - fatal("%s line %d: too many deny users.", - filename, linenum); if (match_user(NULL, NULL, NULL, arg) == -1) fatal("%s line %d: invalid DenyUsers pattern: " "\"%.100s\"", filename, linenum, arg); if (!*activep) continue; - options->deny_users[options->num_deny_users++] = - xstrdup(arg); + array_append(filename, linenum, "DenyUsers", + &options->deny_users, &options->num_deny_users, + arg); } break; case sAllowGroups: while ((arg = strdelim(&cp)) && *arg != '\0') { - if (options->num_allow_groups >= MAX_ALLOW_GROUPS) - fatal("%s line %d: too many allow groups.", - filename, linenum); if (!*activep) continue; - options->allow_groups[options->num_allow_groups++] = - xstrdup(arg); + array_append(filename, linenum, "AllowGroups", + &options->allow_groups, &options->num_allow_groups, + arg); } break; case sDenyGroups: while ((arg = strdelim(&cp)) && *arg != '\0') { - if (options->num_deny_groups >= MAX_DENY_GROUPS) - fatal("%s line %d: too many deny groups.", - filename, linenum); if (!*activep) continue; - options->deny_groups[options->num_deny_groups++] = - xstrdup(arg); + array_append(filename, linenum, "DenyGroups", + &options->deny_groups, &options->num_deny_groups, + arg); } break; @@ -1579,14 +1724,12 @@ process_server_config_line(ServerOptions *options, char *line, case sAuthorizedKeysFile: if (*activep && options->num_authkeys_files == 0) { while ((arg = strdelim(&cp)) && *arg != '\0') { - if (options->num_authkeys_files >= - MAX_AUTHKEYS_FILES) - fatal("%s line %d: " - "too many authorized keys files.", - filename, linenum); - options->authorized_keys_files[ - options->num_authkeys_files++] = - tilde_expand_filename(arg, getuid()); + arg = tilde_expand_filename(arg, getuid()); + array_append(filename, linenum, + "AuthorizedKeysFile", + &options->authorized_keys_files, + &options->num_authkeys_files, arg); + free(arg); } } return 0; @@ -1618,13 +1761,11 @@ process_server_config_line(ServerOptions *options, char *line, if (strchr(arg, '=') != NULL) fatal("%s line %d: Invalid environment name.", filename, linenum); - if (options->num_accept_env >= MAX_ACCEPT_ENV) - fatal("%s line %d: too many allow env.", - filename, linenum); if (!*activep) continue; - options->accept_env[options->num_accept_env++] = - xstrdup(arg); + array_append(filename, linenum, "AcceptEnv", + &options->accept_env, &options->num_accept_env, + arg); } break; @@ -1663,9 +1804,9 @@ process_server_config_line(ServerOptions *options, char *line, if (!arg || *arg == '\0') fatal("%s line %d: missing PermitOpen specification", filename, linenum); - i = options->num_permitted_opens; /* modified later */ + value = options->num_permitted_opens; /* modified later */ if (strcmp(arg, "any") == 0 || strcmp(arg, "none") == 0) { - if (*activep && i == 0) { + if (*activep && value == 0) { options->num_permitted_opens = 1; options->permitted_opens = xcalloc(1, sizeof(*options->permitted_opens)); @@ -1683,16 +1824,13 @@ process_server_config_line(ServerOptions *options, char *line, if (arg == NULL || ((port = permitopen_port(arg)) < 0)) fatal("%s line %d: bad port number in " "PermitOpen", filename, linenum); - if (*activep && i == 0) { - options->permitted_opens = xrecallocarray( - options->permitted_opens, - options->num_permitted_opens, - options->num_permitted_opens + 1, - sizeof(*options->permitted_opens)); - i = options->num_permitted_opens++; - options->permitted_opens[i] = arg2; - } else - free(arg2); + if (*activep && value == 0) { + array_append(filename, linenum, + "PermitOpen", + &options->permitted_opens, + &options->num_permitted_opens, arg2); + } + free(arg2); } break; @@ -1815,11 +1953,6 @@ process_server_config_line(ServerOptions *options, char *line, value = 0; /* seen "any" pseudo-method */ value2 = 0; /* sucessfully parsed any method */ while ((arg = strdelim(&cp)) && *arg != '\0') { - if (options->num_auth_methods >= - MAX_AUTH_METHODS) - fatal("%s line %d: " - "too many authentication methods.", - filename, linenum); if (strcmp(arg, "any") == 0) { if (options->num_auth_methods > 0) { fatal("%s line %d: \"any\" " @@ -1840,8 +1973,10 @@ process_server_config_line(ServerOptions *options, char *line, value2 = 1; if (!*activep) continue; - options->auth_methods[ - options->num_auth_methods++] = xstrdup(arg); + array_append(filename, linenum, + "AuthenticationMethods", + &options->auth_methods, + &options->num_auth_methods, arg); } if (value2 == 0) { fatal("%s line %d: no AuthenticationMethods " @@ -1883,6 +2018,20 @@ process_server_config_line(ServerOptions *options, char *line, intptr = &options->expose_userauth_info; goto parse_flag; + case sRDomain: + charptr = &options->routing_domain; + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%.200s line %d: Missing argument.", + filename, linenum); + if (strcasecmp(arg, "none") != 0 && strcmp(arg, "%D") != 0 && + !valid_rdomain(arg)) + fatal("%s line %d: bad routing domain", + filename, linenum); + if (*activep && *charptr == NULL) + *charptr = xstrdup(arg); + break; + case sDeprecated: case sIgnore: case sUnsupported: @@ -1963,6 +2112,8 @@ int parse_server_match_testspec(struct connection_info *ci, char *spec) ci->user = xstrdup(p + 5); } else if (strncmp(p, "laddr=", 6) == 0) { ci->laddress = xstrdup(p + 6); + } else if (strncmp(p, "rdomain=", 8) == 0) { + ci->rdomain = xstrdup(p + 8); } else if (strncmp(p, "lport=", 6) == 0) { ci->lport = a2port(p + 6); if (ci->lport == -1) { @@ -1979,19 +2130,6 @@ int parse_server_match_testspec(struct connection_info *ci, char *spec) return 0; } -/* - * returns 1 for a complete spec, 0 for partial spec and -1 for an - * empty spec. - */ -int server_match_spec_complete(struct connection_info *ci) -{ - if (ci->user && ci->host && ci->address) - return 1; /* complete */ - if (!ci->user && !ci->host && !ci->address) - return -1; /* empty */ - return 0; /* partial */ -} - /* * Copy any supported values that are set. * @@ -2057,17 +2195,16 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) dst->n = src->n; \ } \ } while(0) -#define M_CP_STRARRAYOPT(n, num_n) do {\ - if (src->num_n != 0) { \ - for (dst->num_n = 0; dst->num_n < src->num_n; dst->num_n++) \ - dst->n[dst->num_n] = xstrdup(src->n[dst->num_n]); \ - } \ -} while(0) -#define M_CP_STRARRAYOPT_ALLOC(n, num_n) do { \ - if (src->num_n != 0) { \ - dst->n = xcalloc(src->num_n, sizeof(*dst->n)); \ - M_CP_STRARRAYOPT(n, num_n); \ - dst->num_n = src->num_n; \ +#define M_CP_STRARRAYOPT(s, num_s) do {\ + u_int i; \ + if (src->num_s != 0) { \ + for (i = 0; i < dst->num_s; i++) \ + free(dst->s[i]); \ + free(dst->s); \ + dst->s = xcalloc(src->num_s, sizeof(*dst->s)); \ + for (i = 0; i < src->num_s; i++) \ + dst->s[i] = xstrdup(src->s[i]); \ + dst->num_s = src->num_s; \ } \ } while(0) @@ -2100,7 +2237,6 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) #undef M_CP_INTOPT #undef M_CP_STROPT #undef M_CP_STRARRAYOPT -#undef M_CP_STRARRAYOPT_ALLOC void parse_server_config(ServerOptions *options, const char *filename, Buffer *conf, @@ -2231,45 +2367,61 @@ dump_cfg_strarray_oneline(ServerOpCodes code, u_int count, char **vals) printf("\n"); } -void -dump_config(ServerOptions *o) +static char * +format_listen_addrs(struct listenaddr *la) { - u_int i; - int ret; + int r; struct addrinfo *ai; - char addr[NI_MAXHOST], port[NI_MAXSERV], *s = NULL; + char addr[NI_MAXHOST], port[NI_MAXSERV]; char *laddr1 = xstrdup(""), *laddr2 = NULL; - /* these are usually at the top of the config */ - for (i = 0; i < o->num_ports; i++) - printf("port %d\n", o->ports[i]); - dump_cfg_fmtint(sAddressFamily, o->address_family); - /* * ListenAddress must be after Port. add_one_listen_addr pushes * addresses onto a stack, so to maintain ordering we need to * print these in reverse order. */ - for (ai = o->listen_addrs; ai; ai = ai->ai_next) { - if ((ret = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr, + for (ai = la->addrs; ai; ai = ai->ai_next) { + if ((r = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr, sizeof(addr), port, sizeof(port), NI_NUMERICHOST|NI_NUMERICSERV)) != 0) { - error("getnameinfo failed: %.100s", - (ret != EAI_SYSTEM) ? gai_strerror(ret) : - strerror(errno)); - } else { - laddr2 = laddr1; - if (ai->ai_family == AF_INET6) - xasprintf(&laddr1, "listenaddress [%s]:%s\n%s", - addr, port, laddr2); - else - xasprintf(&laddr1, "listenaddress %s:%s\n%s", - addr, port, laddr2); - free(laddr2); + error("getnameinfo: %.100s", ssh_gai_strerror(r)); + continue; } + laddr2 = laddr1; + if (ai->ai_family == AF_INET6) { + xasprintf(&laddr1, "listenaddress [%s]:%s%s%s\n%s", + addr, port, + la->rdomain == NULL ? "" : " rdomain ", + la->rdomain == NULL ? "" : la->rdomain, + laddr2); + } else { + xasprintf(&laddr1, "listenaddress %s:%s%s%s\n%s", + addr, port, + la->rdomain == NULL ? "" : " rdomain ", + la->rdomain == NULL ? "" : la->rdomain, + laddr2); + } + free(laddr2); + } + return laddr1; +} + +void +dump_config(ServerOptions *o) +{ + char *s; + u_int i; + + /* these are usually at the top of the config */ + for (i = 0; i < o->num_ports; i++) + printf("port %d\n", o->ports[i]); + dump_cfg_fmtint(sAddressFamily, o->address_family); + + for (i = 0; i < o->num_listen_addrs; i++) { + s = format_listen_addrs(&o->listen_addrs[i]); + printf("%s", s); + free(s); } - printf("%s", laddr1); - free(laddr1); /* integer arguments */ #ifdef USE_PAM @@ -2358,6 +2510,7 @@ dump_config(ServerOptions *o) o->hostkeyalgorithms : KEX_DEFAULT_PK_ALG); dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types ? o->pubkey_key_types : KEX_DEFAULT_PK_ALG); + dump_cfg_string(sRDomain, o->routing_domain); /* string arguments requiring a lookup */ dump_cfg_string(sLogLevel, log_level_name(o->log_level)); @@ -2386,11 +2539,13 @@ dump_config(ServerOptions *o) printf("maxstartups %d:%d:%d\n", o->max_startups_begin, o->max_startups_rate, o->max_startups); - for (i = 0; tunmode_desc[i].val != -1; i++) + s = NULL; + for (i = 0; tunmode_desc[i].val != -1; i++) { if (tunmode_desc[i].val == o->permit_tun) { s = tunmode_desc[i].text; break; } + } dump_cfg_string(sPermitTunnel, s); printf("ipqos %s ", iptos2str(o->ip_qos_interactive)); diff --git a/servconf.h b/servconf.h index 1dca702e6acb..37a0fb1a39ff 100644 --- a/servconf.h +++ b/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.126 2017/10/02 19:33:20 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.130 2017/10/25 00:19:47 djm Exp $ */ /* * Author: Tatu Ylonen @@ -18,17 +18,7 @@ #define MAX_PORTS 256 /* Max # ports. */ -#define MAX_ALLOW_USERS 256 /* Max # users on allow list. */ -#define MAX_DENY_USERS 256 /* Max # users on deny list. */ -#define MAX_ALLOW_GROUPS 256 /* Max # groups on allow list. */ -#define MAX_DENY_GROUPS 256 /* Max # groups on deny list. */ #define MAX_SUBSYSTEMS 256 /* Max # subsystems. */ -#define MAX_HOSTKEYS 256 /* Max # hostkeys. */ -#define MAX_HOSTCERTS 256 /* Max # host certificates. */ -#define MAX_ACCEPT_ENV 256 /* Max # of env vars. */ -#define MAX_MATCH_GROUPS 256 /* Max # of groups for Match. */ -#define MAX_AUTHKEYS_FILES 256 /* Max # of authorized_keys files. */ -#define MAX_AUTH_METHODS 256 /* Max # of AuthenticationMethods. */ /* permit_root_login */ #define PERMIT_NOT_SET -1 @@ -61,21 +51,42 @@ struct ssh; struct fwd_perm_list; +/* + * Used to store addresses from ListenAddr directives. These may be + * incomplete, as they may specify addresses that need to be merged + * with any ports requested by ListenPort. + */ +struct queued_listenaddr { + char *addr; + int port; /* <=0 if unspecified */ + char *rdomain; +}; + +/* Resolved listen addresses, grouped by optional routing domain */ +struct listenaddr { + char *rdomain; + struct addrinfo *addrs; +}; + typedef struct { u_int num_ports; u_int ports_from_cmdline; int ports[MAX_PORTS]; /* Port number to listen on. */ + struct queued_listenaddr *queued_listen_addrs; u_int num_queued_listens; - char **queued_listen_addrs; - int *queued_listen_ports; - struct addrinfo *listen_addrs; /* Addresses on which the server listens. */ - int address_family; /* Address family used by the server. */ - char *host_key_files[MAX_HOSTKEYS]; /* Files containing host keys. */ - int num_host_key_files; /* Number of files for host keys. */ - char *host_cert_files[MAX_HOSTCERTS]; /* Files containing host certs. */ - int num_host_cert_files; /* Number of files for host certs. */ - char *host_key_agent; /* ssh-agent socket for host keys. */ - char *pid_file; /* Where to put our pid */ + struct listenaddr *listen_addrs; + u_int num_listen_addrs; + int address_family; /* Address family used by the server. */ + + char *routing_domain; /* Bind session to routing domain */ + + char **host_key_files; /* Files containing host keys. */ + u_int num_host_key_files; /* Number of files for host keys. */ + char **host_cert_files; /* Files containing host certs. */ + u_int num_host_cert_files; /* Number of files for host certs. */ + + char *host_key_agent; /* ssh-agent socket for host keys. */ + char *pid_file; /* Where to put our pid */ int login_grace_time; /* Disconnect if no auth in this time * (sec). */ int permit_root_login; /* PERMIT_*, see above */ @@ -134,13 +145,13 @@ typedef struct { int allow_agent_forwarding; int disable_forwarding; u_int num_allow_users; - char *allow_users[MAX_ALLOW_USERS]; + char **allow_users; u_int num_deny_users; - char *deny_users[MAX_DENY_USERS]; + char **deny_users; u_int num_allow_groups; - char *allow_groups[MAX_ALLOW_GROUPS]; + char **allow_groups; u_int num_deny_groups; - char *deny_groups[MAX_DENY_GROUPS]; + char **deny_groups; u_int num_subsystems; char *subsystem_name[MAX_SUBSYSTEMS]; @@ -148,7 +159,7 @@ typedef struct { char *subsystem_args[MAX_SUBSYSTEMS]; u_int num_accept_env; - char *accept_env[MAX_ACCEPT_ENV]; + char **accept_env; int max_startups_begin; int max_startups_rate; @@ -167,8 +178,8 @@ typedef struct { * disconnect the session */ - u_int num_authkeys_files; /* Files containing public keys */ - char *authorized_keys_files[MAX_AUTHKEYS_FILES]; + u_int num_authkeys_files; /* Files containing public keys */ + char **authorized_keys_files; char *adm_forced_command; @@ -194,7 +205,7 @@ typedef struct { char *version_addendum; /* Appended to SSH banner */ u_int num_auth_methods; - char *auth_methods[MAX_AUTH_METHODS]; + char **auth_methods; int fingerprint_hash; int expose_userauth_info; @@ -207,6 +218,7 @@ struct connection_info { const char *address; /* remote address */ const char *laddress; /* local address */ int lport; /* local port */ + const char *rdomain; /* routing domain if available */ }; @@ -230,6 +242,7 @@ struct connection_info { M_CP_STROPT(authorized_principals_command_user); \ M_CP_STROPT(hostbased_key_types); \ M_CP_STROPT(pubkey_key_types); \ + M_CP_STROPT(routing_domain); \ M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \ M_CP_STRARRAYOPT(allow_users, num_allow_users); \ M_CP_STRARRAYOPT(deny_users, num_deny_users); \ @@ -237,7 +250,7 @@ struct connection_info { M_CP_STRARRAYOPT(deny_groups, num_deny_groups); \ M_CP_STRARRAYOPT(accept_env, num_accept_env); \ M_CP_STRARRAYOPT(auth_methods, num_auth_methods); \ - M_CP_STRARRAYOPT_ALLOC(permitted_opens, num_permitted_opens); \ + M_CP_STRARRAYOPT(permitted_opens, num_permitted_opens); \ } while (0) struct connection_info *get_connection_info(int, int); @@ -255,5 +268,9 @@ int server_match_spec_complete(struct connection_info *); void copy_set_server_options(ServerOptions *, ServerOptions *, int); void dump_config(ServerOptions *); char *derelativise_path(const char *); +void servconf_add_hostkey(const char *, const int, + ServerOptions *, const char *path); +void servconf_add_hostcert(const char *, const int, + ServerOptions *, const char *path); #endif /* SERVCONF_H */ diff --git a/serverloop.c b/serverloop.c index 24bbae322c34..d6fe24cc1dbb 100644 --- a/serverloop.c +++ b/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.198 2017/09/12 06:35:32 djm Exp $ */ +/* $OpenBSD: serverloop.c,v 1.205 2018/03/03 03:15:51 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -82,6 +82,7 @@ extern ServerOptions options; /* XXX */ extern Authctxt *the_authctxt; +extern struct sshauthopt *auth_opts; extern int use_privsep; static int no_more_sessions = 0; /* Disallow further sessions. */ @@ -99,6 +100,9 @@ static volatile sig_atomic_t received_sigterm = 0; /* prototypes */ static void server_init_dispatch(void); +/* requested tunnel forwarding interface(s), shared with session.c */ +char *tun_fwd_ifnames = NULL; + /* * we write to this pipe if a SIGCHLD is caught in order to avoid * the race between select() and child_terminated @@ -150,9 +154,6 @@ sigchld_handler(int sig) { int save_errno = errno; child_terminated = 1; -#ifndef _UNICOS - mysignal(SIGCHLD, sigchld_handler); -#endif notify_parent(); errno = save_errno; } @@ -168,10 +169,12 @@ static void client_alive_check(struct ssh *ssh) { int channel_id; + char remote_id[512]; /* timeout, check to see how many we have had */ if (packet_inc_alive_timeouts() > options.client_alive_count_max) { - logit("Timeout, client not responding."); + sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id)); + logit("Timeout, client not responding from %s", remote_id); cleanup_exit(255); } @@ -371,7 +374,7 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt) debug("Entering interactive session for SSH2."); - mysignal(SIGCHLD, sigchld_handler); + signal(SIGCHLD, sigchld_handler); child_terminated = 0; connection_in = packet_get_connection_in(); connection_out = packet_get_connection_out(); @@ -454,12 +457,13 @@ server_request_direct_tcpip(struct ssh *ssh, int *reason, const char **errmsg) originator_port = packet_get_int(); packet_check_eom(); - debug("server_request_direct_tcpip: originator %s port %d, target %s " - "port %d", originator, originator_port, target, target_port); + debug("%s: originator %s port %d, target %s port %d", __func__, + originator, originator_port, target, target_port); /* XXX fine grained permissions */ if ((options.allow_tcp_forwarding & FORWARD_LOCAL) != 0 && - !no_port_forwarding_flag && !options.disable_forwarding) { + auth_opts->permit_port_forwarding_flag && + !options.disable_forwarding) { c = channel_connect_to_port(ssh, target, target_port, "direct-tcpip", "direct-tcpip", reason, errmsg); } else { @@ -485,20 +489,20 @@ server_request_direct_streamlocal(struct ssh *ssh) struct passwd *pw = the_authctxt->pw; if (pw == NULL || !the_authctxt->valid) - fatal("server_input_global_request: no/invalid user"); + fatal("%s: no/invalid user", __func__); target = packet_get_string(NULL); originator = packet_get_string(NULL); originator_port = packet_get_int(); packet_check_eom(); - debug("server_request_direct_streamlocal: originator %s port %d, target %s", + debug("%s: originator %s port %d, target %s", __func__, originator, originator_port, target); /* XXX fine grained permissions */ if ((options.allow_streamlocal_forwarding & FORWARD_LOCAL) != 0 && - !no_port_forwarding_flag && !options.disable_forwarding && - (pw->pw_uid == 0 || use_privsep)) { + auth_opts->permit_port_forwarding_flag && + !options.disable_forwarding && (pw->pw_uid == 0 || use_privsep)) { c = channel_connect_to_path(ssh, target, "direct-streamlocal@openssh.com", "direct-streamlocal"); } else { @@ -517,8 +521,8 @@ static Channel * server_request_tun(struct ssh *ssh) { Channel *c = NULL; - int mode, tun; - int sock; + int mode, tun, sock; + char *tmp, *ifname = NULL; mode = packet_get_int(); switch (mode) { @@ -536,14 +540,16 @@ server_request_tun(struct ssh *ssh) } tun = packet_get_int(); - if (forced_tun_device != -1) { - if (tun != SSH_TUNID_ANY && forced_tun_device != tun) + if (auth_opts->force_tun_device != -1) { + if (tun != SSH_TUNID_ANY && auth_opts->force_tun_device != tun) goto done; - tun = forced_tun_device; + tun = auth_opts->force_tun_device; } - sock = tun_open(tun, mode); + sock = tun_open(tun, mode, &ifname); if (sock < 0) goto done; + debug("Tunnel forwarding using interface %s", ifname); + c = channel_new(ssh, "tun", SSH_CHANNEL_OPEN, sock, sock, -1, CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, "tun", 1); c->datagram = 1; @@ -553,6 +559,19 @@ server_request_tun(struct ssh *ssh) sys_tun_outfilter, NULL, NULL); #endif + /* + * Update the list of names exposed to the session + * XXX remove these if the tunnels are closed (won't matter + * much if they are already in the environment though) + */ + tmp = tun_fwd_ifnames; + xasprintf(&tun_fwd_ifnames, "%s%s%s", + tun_fwd_ifnames == NULL ? "" : tun_fwd_ifnames, + tun_fwd_ifnames == NULL ? "" : ",", + ifname); + free(tmp); + free(ifname); + done: if (c == NULL) packet_send_debug("Failed to open the tunnel device."); @@ -635,10 +654,8 @@ server_input_channel_open(int type, u_int32_t seq, struct ssh *ssh) packet_start(SSH2_MSG_CHANNEL_OPEN_FAILURE); packet_put_int(rchan); packet_put_int(reason); - if (!(datafellows & SSH_BUG_OPENFAILURE)) { - packet_put_cstring(errmsg ? errmsg : "open failed"); - packet_put_cstring(""); - } + packet_put_cstring(errmsg ? errmsg : "open failed"); + packet_put_cstring(""); packet_send(); } free(ctype); @@ -651,7 +668,7 @@ server_input_hostkeys_prove(struct ssh *ssh, struct sshbuf **respp) struct sshbuf *resp = NULL; struct sshbuf *sigbuf = NULL; struct sshkey *key = NULL, *key_pub = NULL, *key_prv = NULL; - int r, ndx, success = 0; + int r, ndx, kexsigtype, use_kexsigtype, success = 0; const u_char *blob; u_char *sig = 0; size_t blen, slen; @@ -659,6 +676,8 @@ server_input_hostkeys_prove(struct ssh *ssh, struct sshbuf **respp) if ((resp = sshbuf_new()) == NULL || (sigbuf = sshbuf_new()) == NULL) fatal("%s: sshbuf_new", __func__); + kexsigtype = sshkey_type_plain( + sshkey_type_from_name(ssh->kex->hostkey_alg)); while (ssh_packet_remaining(ssh) > 0) { sshkey_free(key); key = NULL; @@ -689,13 +708,20 @@ server_input_hostkeys_prove(struct ssh *ssh, struct sshbuf **respp) sshbuf_reset(sigbuf); free(sig); sig = NULL; + /* + * For RSA keys, prefer to use the signature type negotiated + * during KEX to the default (SHA1). + */ + use_kexsigtype = kexsigtype == KEY_RSA && + sshkey_type_plain(key->type) == KEY_RSA; if ((r = sshbuf_put_cstring(sigbuf, "hostkeys-prove-00@openssh.com")) != 0 || (r = sshbuf_put_string(sigbuf, ssh->kex->session_id, ssh->kex->session_id_len)) != 0 || (r = sshkey_puts(key, sigbuf)) != 0 || (r = ssh->kex->sign(key_prv, key_pub, &sig, &slen, - sshbuf_ptr(sigbuf), sshbuf_len(sigbuf), NULL, 0)) != 0 || + sshbuf_ptr(sigbuf), sshbuf_len(sigbuf), + use_kexsigtype ? ssh->kex->hostkey_alg : NULL, 0)) != 0 || (r = sshbuf_put_string(resp, sig, slen)) != 0) { error("%s: couldn't prepare signature: %s", __func__, ssh_err(r)); @@ -742,7 +768,8 @@ server_input_global_request(int type, u_int32_t seq, struct ssh *ssh) /* check permissions */ if ((options.allow_tcp_forwarding & FORWARD_REMOTE) == 0 || - no_port_forwarding_flag || options.disable_forwarding || + !auth_opts->permit_port_forwarding_flag || + options.disable_forwarding || (!want_reply && fwd.listen_port == 0) || (fwd.listen_port != 0 && !bind_permitted(fwd.listen_port, pw->pw_uid))) { @@ -780,7 +807,8 @@ server_input_global_request(int type, u_int32_t seq, struct ssh *ssh) /* check permissions */ if ((options.allow_streamlocal_forwarding & FORWARD_REMOTE) == 0 - || no_port_forwarding_flag || options.disable_forwarding || + || !auth_opts->permit_port_forwarding_flag || + options.disable_forwarding || (pw->pw_uid != 0 && !use_privsep)) { success = 0; packet_send_debug("Server has disabled " diff --git a/session.c b/session.c index 4bccb62d1e4d..58826db1698a 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.292 2017/09/12 06:32:07 djm Exp $ */ +/* $OpenBSD: session.c,v 1.294 2018/03/03 03:15:51 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -140,6 +140,8 @@ extern u_int utmp_len; extern int startup_pipe; extern void destroy_sensitive_data(void); extern Buffer loginmsg; +extern struct sshauthopt *auth_opts; +char *tun_fwd_ifnames; /* serverloop.c */ /* original command from peer. */ const char *original_command = NULL; @@ -287,14 +289,42 @@ prepare_auth_info_file(struct passwd *pw, struct sshbuf *info) restore_uid(); } +static void +set_permitopen_from_authopts(struct ssh *ssh, const struct sshauthopt *opts) +{ + char *tmp, *cp, *host; + int port; + size_t i; + + if ((options.allow_tcp_forwarding & FORWARD_LOCAL) == 0) + return; + channel_clear_permitted_opens(ssh); + for (i = 0; i < auth_opts->npermitopen; i++) { + tmp = cp = xstrdup(auth_opts->permitopen[i]); + /* This shouldn't fail as it has already been checked */ + if ((host = hpdelim(&cp)) == NULL) + fatal("%s: internal error: hpdelim", __func__); + host = cleanhostname(host); + if (cp == NULL || (port = permitopen_port(cp)) < 0) + fatal("%s: internal error: permitopen port", + __func__); + channel_add_permitted_opens(ssh, host, port); + free(tmp); + } +} + void do_authenticated(struct ssh *ssh, Authctxt *authctxt) { setproctitle("%s", authctxt->pw->pw_name); + auth_log_authopts("active", auth_opts, 0); + /* setup the channel layer */ /* XXX - streamlocal? */ - if (no_port_forwarding_flag || options.disable_forwarding || + set_permitopen_from_authopts(ssh, auth_opts); + if (!auth_opts->permit_port_forwarding_flag || + options.disable_forwarding || (options.allow_tcp_forwarding & FORWARD_LOCAL) == 0) channel_disable_adm_local_opens(ssh); else @@ -334,7 +364,6 @@ int do_exec_no_pty(struct ssh *ssh, Session *s, const char *command) { pid_t pid; - #ifdef USE_PIPES int pin[2], pout[2], perr[2]; @@ -450,11 +479,6 @@ do_exec_no_pty(struct ssh *ssh, Session *s, const char *command) close(err[0]); #endif - -#ifdef _UNICOS - cray_init_job(s->pw); /* set up cray jid and tmpdir */ -#endif - /* Do processing for the child (exec command etc). */ do_child(ssh, s, command); /* NOTREACHED */ @@ -462,9 +486,6 @@ do_exec_no_pty(struct ssh *ssh, Session *s, const char *command) break; } -#ifdef _UNICOS - signal(WJSIGNAL, cray_job_termination_handler); -#endif /* _UNICOS */ #ifdef HAVE_CYGWIN cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); #endif @@ -576,9 +597,6 @@ do_exec_pty(struct ssh *ssh, Session *s, const char *command) close(ttyfd); /* record login, etc. similar to login(1) */ -#ifdef _UNICOS - cray_init_job(s->pw); /* set up cray jid and tmpdir */ -#endif /* _UNICOS */ #ifndef HAVE_OSF_SIA do_login(ssh, s, command); #endif @@ -592,9 +610,6 @@ do_exec_pty(struct ssh *ssh, Session *s, const char *command) break; } -#ifdef _UNICOS - signal(WJSIGNAL, cray_job_termination_handler); -#endif /* _UNICOS */ #ifdef HAVE_CYGWIN cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); #endif @@ -656,9 +671,9 @@ do_exec(struct ssh *ssh, Session *s, const char *command) original_command = command; command = options.adm_forced_command; forced = "(config)"; - } else if (forced_command) { + } else if (auth_opts->force_command != NULL) { original_command = command; - command = forced_command; + command = auth_opts->force_command; forced = "(key-option)"; } if (forced != NULL) { @@ -961,8 +976,9 @@ static char ** do_setup_env(struct ssh *ssh, Session *s, const char *shell) { char buf[256]; + size_t n; u_int i, envsize; - char **env, *laddr; + char *ocp, *cp, **env, *laddr; struct passwd *pw = s->pw; #if !defined (HAVE_LOGIN_CAP) && !defined (HAVE_CYGWIN) char *path = NULL; @@ -1037,20 +1053,17 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell) if (getenv("TZ")) child_set_env(&env, &envsize, "TZ", getenv("TZ")); - /* Set custom environment options from RSA authentication. */ - while (custom_environment) { - struct envstring *ce = custom_environment; - char *str = ce->s; - - for (i = 0; str[i] != '=' && str[i]; i++) - ; - if (str[i] == '=') { - str[i] = 0; - child_set_env(&env, &envsize, str, str + i + 1); + /* Set custom environment options from pubkey authentication. */ + if (options.permit_user_env) { + for (n = 0 ; n < auth_opts->nenv; n++) { + ocp = xstrdup(auth_opts->env[n]); + cp = strchr(ocp, '='); + if (*cp == '=') { + *cp = '\0'; + child_set_env(&env, &envsize, ocp, cp + 1); + } + free(ocp); } - custom_environment = ce->next; - free(ce->s); - free(ce); } /* SSH_CLIENT deprecated */ @@ -1066,6 +1079,8 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell) free(laddr); child_set_env(&env, &envsize, "SSH_CONNECTION", buf); + if (tun_fwd_ifnames != NULL) + child_set_env(&env, &envsize, "SSH_TUNNEL", tun_fwd_ifnames); if (auth_info_file != NULL) child_set_env(&env, &envsize, "SSH_USER_AUTH", auth_info_file); if (s->ttyfd != -1) @@ -1078,11 +1093,6 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell) child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND", original_command); -#ifdef _UNICOS - if (cray_tmpdir[0] != '\0') - child_set_env(&env, &envsize, "TMPDIR", cray_tmpdir); -#endif /* _UNICOS */ - /* * Since we clear KRB5CCNAME at startup, if it's set now then it * must have been set by a native authentication method (eg AIX or @@ -1155,7 +1165,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell) * first in this order). */ static void -do_rc_files(Session *s, const char *shell) +do_rc_files(struct ssh *ssh, Session *s, const char *shell) { FILE *f = NULL; char cmd[1024]; @@ -1167,7 +1177,7 @@ do_rc_files(Session *s, const char *shell) /* ignore _PATH_SSH_USER_RC for subsystems and admin forced commands */ if (!s->is_subsystem && options.adm_forced_command == NULL && - !no_user_rc && options.permit_user_rc && + auth_opts->permit_user_rc && options.permit_user_rc && stat(_PATH_SSH_USER_RC, &st) >= 0) { snprintf(cmd, sizeof cmd, "%s -c '%s %s'", shell, _PATH_BSHELL, _PATH_SSH_USER_RC); @@ -1248,10 +1258,10 @@ do_nologin(struct passwd *pw) /* /etc/nologin exists. Print its contents if we can and exit. */ logit("User %.100s not allowed because %s exists", pw->pw_name, nl); if ((f = fopen(nl, "r")) != NULL) { - while (fgets(buf, sizeof(buf), f)) - fputs(buf, stderr); - fclose(f); - } + while (fgets(buf, sizeof(buf), f)) + fputs(buf, stderr); + fclose(f); + } exit(254); } @@ -1483,10 +1493,6 @@ do_child(struct ssh *ssh, Session *s, const char *command) exit(1); } -#ifdef _UNICOS - cray_setup(pw->pw_uid, pw->pw_name, command); -#endif /* _UNICOS */ - /* * Login(1) does this as well, and it needs uid 0 for the "-h" * switch, so we let login(1) to this for us. @@ -1591,7 +1597,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) closefrom(STDERR_FILENO + 1); - do_rc_files(s, shell); + do_rc_files(ssh, s, shell); /* restore SIGPIPE for child */ signal(SIGPIPE, SIG_DFL); @@ -1854,8 +1860,8 @@ session_pty_req(struct ssh *ssh, Session *s) u_int len; int n_bytes; - if (no_pty_flag || !options.permit_tty) { - debug("Allocating a pty not permitted for this authentication."); + if (!auth_opts->permit_pty_flag || !options.permit_tty) { + debug("Allocating a pty not permitted for this connection."); return 0; } if (s->ttyfd != -1) { @@ -2043,9 +2049,11 @@ static int session_auth_agent_req(struct ssh *ssh, Session *s) { static int called = 0; + packet_check_eom(); - if (no_agent_forwarding_flag || !options.allow_agent_forwarding) { - debug("session_auth_agent_req: no_agent_forwarding_flag"); + if (!auth_opts->permit_agent_forwarding_flag || + !options.allow_agent_forwarding) { + debug("%s: agent forwarding disabled", __func__); return 0; } if (called) { @@ -2423,8 +2431,8 @@ session_setup_x11fwd(struct ssh *ssh, Session *s) char hostname[NI_MAXHOST]; u_int i; - if (no_x11_forwarding_flag) { - packet_send_debug("X11 forwarding disabled in user configuration file."); + if (!auth_opts->permit_x11_forwarding_flag) { + packet_send_debug("X11 forwarding disabled by key options."); return 0; } if (!options.x11_forwarding) { @@ -2433,7 +2441,7 @@ session_setup_x11fwd(struct ssh *ssh, Session *s) } if (options.xauth_location == NULL || (stat(options.xauth_location, &st) == -1)) { - packet_send_debug("No xauth program; cannot forward with spoofing."); + packet_send_debug("No xauth program; cannot forward X11."); return 0; } if (s->display != NULL) { diff --git a/sftp-client.c b/sftp-client.c index 626330262264..0b53a2e681a8 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.c,v 1.127 2017/08/11 04:41:08 djm Exp $ */ +/* $OpenBSD: sftp-client.c,v 1.128 2017/11/28 21:10:22 dtucker Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -130,7 +130,7 @@ send_msg(struct sftp_conn *conn, struct sshbuf *m) } static void -get_msg(struct sftp_conn *conn, struct sshbuf *m) +get_msg_extended(struct sftp_conn *conn, struct sshbuf *m, int initial) { u_int msg_len; u_char *p; @@ -148,8 +148,12 @@ get_msg(struct sftp_conn *conn, struct sshbuf *m) if ((r = sshbuf_get_u32(m, &msg_len)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); - if (msg_len > SFTP_MAX_MSG_LENGTH) - fatal("Received message too long %u", msg_len); + if (msg_len > SFTP_MAX_MSG_LENGTH) { + do_log2(initial ? SYSLOG_LEVEL_ERROR : SYSLOG_LEVEL_FATAL, + "Received message too long %u", msg_len); + fatal("Ensure the remote shell produces no output " + "for non-interactive sessions."); + } if ((r = sshbuf_reserve(m, msg_len, &p)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); @@ -163,6 +167,12 @@ get_msg(struct sftp_conn *conn, struct sshbuf *m) } } +static void +get_msg(struct sftp_conn *conn, struct sshbuf *m) +{ + get_msg_extended(conn, m, 0); +} + static void send_string_request(struct sftp_conn *conn, u_int id, u_int code, const char *s, u_int len) @@ -406,7 +416,7 @@ do_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests, sshbuf_reset(msg); - get_msg(ret, msg); + get_msg_extended(ret, msg, 1); /* Expecting a VERSION reply */ if ((r = sshbuf_get_u8(msg, &type)) != 0) diff --git a/sftp.0 b/sftp.0 index 45b8faf5543d..7ad3e8d3f460 100644 --- a/sftp.0 +++ b/sftp.0 @@ -7,32 +7,29 @@ SYNOPSIS sftp [-46aCfpqrv] [-B buffer_size] [-b batchfile] [-c cipher] [-D sftp_server_path] [-F ssh_config] [-i identity_file] [-l limit] [-o ssh_option] [-P port] [-R num_requests] [-S program] - [-s subsystem | sftp_server] host - sftp [user@]host[:file ...] - sftp [user@]host[:dir[/]] - sftp -b batchfile [user@]host + [-s subsystem | sftp_server] destination DESCRIPTION - sftp is an interactive file transfer program, similar to ftp(1), which - performs all operations over an encrypted ssh(1) transport. It may also - use many features of ssh, such as public key authentication and - compression. sftp connects and logs into the specified host, then enters - an interactive command mode. + sftp is a file transfer program, similar to ftp(1), which performs all + operations over an encrypted ssh(1) transport. It may also use many + features of ssh, such as public key authentication and compression. - The second usage format will retrieve files automatically if a non- - interactive authentication method is used; otherwise it will do so after - successful interactive authentication. + The destination may be specified either as [user@]host[:path] or as a URI + in the form sftp://[user@]host[:port][/path]. - The third usage format allows sftp to start in a remote directory. + If the destination includes a path and it is not a directory, sftp will + retrieve files automatically if a non-interactive authentication method + is used; otherwise it will do so after successful interactive + authentication. - The final usage format allows for automated sessions using the -b option. - In such cases, it is necessary to configure non-interactive - authentication to obviate the need to enter a password at connection time - (see sshd(8) and ssh-keygen(1) for details). + If no path is specified, or if the path is a directory, sftp will log in + to the specified host and enter interactive command mode, changing to the + remote directory if one was specified. An optional trailing slash can be + used to force the path to be interpreted as a directory. - Since some usage formats use colon characters to delimit host names from - path names, IPv6 addresses must be enclosed in square brackets to avoid - ambiguity. + Since the destination formats use colon characters to delimit host names + from path names or port numbers, IPv6 addresses must be enclosed in + square brackets to avoid ambiguity. The options are as follows: @@ -53,14 +50,15 @@ DESCRIPTION -b batchfile Batch mode reads a series of commands from an input batchfile instead of stdin. Since it lacks user interaction it should be - used in conjunction with non-interactive authentication. A - batchfile of M-bM-^@M-^X-M-bM-^@M-^Y may be used to indicate standard input. sftp - will abort if any of the following commands fail: get, put, - reget, reput, rename, ln, rm, mkdir, chdir, ls, lchdir, chmod, - chown, chgrp, lpwd, df, symlink, and lmkdir. Termination on - error can be suppressed on a command by command basis by - prefixing the command with a M-bM-^@M-^X-M-bM-^@M-^Y character (for example, -rm - /tmp/blah*). + used in conjunction with non-interactive authentication to + obviate the need to enter a password at connection time (see + sshd(8) and ssh-keygen(1) for details). A batchfile of M-bM-^@M-^X-M-bM-^@M-^Y may + be used to indicate standard input. sftp will abort if any of + the following commands fail: get, put, reget, reput, rename, ln, + rm, mkdir, chdir, ls, lchdir, chmod, chown, chgrp, lpwd, df, + symlink, and lmkdir. Termination on error can be suppressed on a + command by command basis by prefixing the command with a M-bM-^@M-^X-M-bM-^@M-^Y + character (for example, -rm /tmp/blah*). -C Enables compression (via ssh's -C flag). @@ -99,6 +97,7 @@ DESCRIPTION AddressFamily BatchMode BindAddress + BindInterface CanonicalDomains CanonicalizeFallbackLocal CanonicalizeHostname @@ -193,8 +192,9 @@ INTERACTIVE COMMANDS bye Quit sftp. - cd path - Change remote directory to path. + cd [path] + Change remote directory to path. If path is not specified, then + change directory to the one the session started in. chgrp grp path Change group of file path to grp. path may contain glob(3) @@ -246,8 +246,9 @@ INTERACTIVE COMMANDS help Display help text. - lcd path - Change local directory to path. + lcd [path] + Change local directory to path. If path is not specified, then + change directory to the local user's home directory. lls [ls-options [path]] Display local directory listing of either path or current @@ -374,4 +375,4 @@ SEE ALSO T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- filexfer-00.txt, January 2001, work in progress material. -OpenBSD 6.2 May 3, 2017 OpenBSD 6.2 +OpenBSD 6.2 February 23, 2018 OpenBSD 6.2 diff --git a/sftp.1 b/sftp.1 index c218376fbf0c..43e0442f7bb7 100644 --- a/sftp.1 +++ b/sftp.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sftp.1,v 1.110 2017/05/03 21:49:18 naddy Exp $ +.\" $OpenBSD: sftp.1,v 1.114 2018/02/23 07:38:09 jmc Exp $ .\" .\" Copyright (c) 2001 Damien Miller. All rights reserved. .\" @@ -22,7 +22,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: May 3 2017 $ +.Dd $Mdocdate: February 23 2018 $ .Dt SFTP 1 .Os .Sh NAME @@ -30,7 +30,6 @@ .Nd secure file transfer program .Sh SYNOPSIS .Nm sftp -.Bk -words .Op Fl 46aCfpqrv .Op Fl B Ar buffer_size .Op Fl b Ar batchfile @@ -44,54 +43,55 @@ .Op Fl R Ar num_requests .Op Fl S Ar program .Op Fl s Ar subsystem | sftp_server -.Ar host -.Ek -.Nm sftp -.Oo Ar user Ns @ Oc Ns -.Ar host Ns Op : Ns Ar -.Nm sftp -.Oo -.Ar user Ns @ Oc Ns -.Ar host Ns Oo : Ns Ar dir Ns -.Op Ar / -.Oc -.Nm sftp -.Fl b Ar batchfile -.Oo Ar user Ns @ Oc Ns Ar host +.Ar destination .Sh DESCRIPTION .Nm -is an interactive file transfer program, similar to +is a file transfer program, similar to .Xr ftp 1 , which performs all operations over an encrypted .Xr ssh 1 transport. It may also use many features of ssh, such as public key authentication and compression. -.Nm -connects and logs into the specified -.Ar host , -then enters an interactive command mode. .Pp -The second usage format will retrieve files automatically if a non-interactive +The +.Ar destination +may be specified either as +.Sm off +.Oo user @ Oc host Op : path +.Sm on +or as a URI in the form +.Sm off +.No sftp:// Oo user @ Oc host Oo : port Oc Op / path . +.Sm on +.Pp +If the +.Ar destination +includes a +.Ar path +and it is not a directory, +.Nm +will retrieve files automatically if a non-interactive authentication method is used; otherwise it will do so after successful interactive authentication. .Pp -The third usage format allows +If no +.Ar path +is specified, or if the +.Ar path +is a directory, .Nm -to start in a remote directory. +will log in to the specified +.Ar host +and enter interactive command mode, changing to the remote directory +if one was specified. +An optional trailing slash can be used to force the +.Ar path +to be interpreted as a directory. .Pp -The final usage format allows for automated sessions using the -.Fl b -option. -In such cases, it is necessary to configure non-interactive authentication -to obviate the need to enter a password at connection time (see -.Xr sshd 8 -and -.Xr ssh-keygen 1 -for details). -.Pp -Since some usage formats use colon characters to delimit host names from path -names, IPv6 addresses must be enclosed in square brackets to avoid ambiguity. +Since the destination formats use colon characters to delimit host +names from path names or port numbers, IPv6 addresses must be +enclosed in square brackets to avoid ambiguity. .Pp The options are as follows: .Bl -tag -width Ds @@ -121,7 +121,12 @@ Batch mode reads a series of commands from an input instead of .Em stdin . Since it lacks user interaction it should be used in conjunction with -non-interactive authentication. +non-interactive authentication to obviate the need to enter a password +at connection time (see +.Xr sshd 8 +and +.Xr ssh-keygen 1 +for details). A .Ar batchfile of @@ -189,6 +194,7 @@ For full details of the options listed below, and their possible values, see .It AddressFamily .It BatchMode .It BindAddress +.It BindInterface .It CanonicalDomains .It CanonicalizeFallbackLocal .It CanonicalizeHostname @@ -296,9 +302,12 @@ must be escaped with backslashes .It Ic bye Quit .Nm sftp . -.It Ic cd Ar path +.It Ic cd Op Ar path Change remote directory to .Ar path . +If +.Ar path +is not specified, then change directory to the one the session started in. .It Ic chgrp Ar grp Ar path Change group of file .Ar path @@ -402,9 +411,12 @@ Note that does not follow symbolic links when performing recursive transfers. .It Ic help Display help text. -.It Ic lcd Ar path +.It Ic lcd Op Ar path Change local directory to .Ar path . +If +.Ar path +is not specified, then change directory to the local user's home directory. .It Ic lls Op Ar ls-options Op Ar path Display local directory listing of either .Ar path diff --git a/sftp.c b/sftp.c index 67110f738f79..5ce864eeb0fe 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.180 2017/06/10 06:33:34 djm Exp $ */ +/* $OpenBSD: sftp.c,v 1.182 2017/11/03 03:46:52 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -217,8 +217,6 @@ static const struct CMD cmds[] = { { NULL, -1, -1 } }; -int interactive_loop(struct sftp_conn *, char *file1, char *file2); - /* ARGSUSED */ static void killchild(int signo) @@ -1288,7 +1286,7 @@ parse_args(const char **cpp, int *ignore_errors, int *aflag, char *cp2, **argv; int base = 0; long l; - int i, cmdnum, optidx, argc; + int path1_mandatory = 0, i, cmdnum, optidx, argc; /* Skip leading whitespace */ cp = cp + strspn(cp, WHITESPACE); @@ -1378,13 +1376,17 @@ parse_args(const char **cpp, int *ignore_errors, int *aflag, case I_RM: case I_MKDIR: case I_RMDIR: + case I_LMKDIR: + path1_mandatory = 1; + /* FALLTHROUGH */ case I_CHDIR: case I_LCHDIR: - case I_LMKDIR: if ((optidx = parse_no_flags(cmd, argv, argc)) == -1) return -1; /* Get pathname (mandatory) */ if (argc - optidx < 1) { + if (!path1_mandatory) + break; /* return a NULL path1 */ error("You must specify a path after a %s command.", cmd); return -1; @@ -1469,7 +1471,7 @@ parse_args(const char **cpp, int *ignore_errors, int *aflag, static int parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, - int err_abort) + const char *startdir, int err_abort) { char *path1, *path2, *tmp; int ignore_errors = 0, aflag = 0, fflag = 0, hflag = 0, @@ -1549,6 +1551,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, err = do_rmdir(conn, path1); break; case I_CHDIR: + if (path1 == NULL || *path1 == '\0') + path1 = xstrdup(startdir); path1 = make_absolute(path1, *pwd); if ((tmp = do_realpath(conn, path1)) == NULL) { err = 1; @@ -1597,6 +1601,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, err = do_df(conn, path1, hflag, iflag); break; case I_LCHDIR: + if (path1 == NULL || *path1 == '\0') + path1 = xstrdup("~"); tmp = tilde_expand_filename(path1, getuid()); free(path1); path1 = tmp; @@ -2083,11 +2089,11 @@ complete(EditLine *el, int ch) } #endif /* USE_LIBEDIT */ -int +static int interactive_loop(struct sftp_conn *conn, char *file1, char *file2) { char *remote_path; - char *dir = NULL; + char *dir = NULL, *startdir = NULL; char cmd[2048]; int err, interactive; EditLine *el = NULL; @@ -2131,6 +2137,7 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) remote_path = do_realpath(conn, "."); if (remote_path == NULL) fatal("Need cwd"); + startdir = xstrdup(remote_path); if (file1 != NULL) { dir = xstrdup(file1); @@ -2141,8 +2148,9 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) mprintf("Changing to: %s\n", dir); snprintf(cmd, sizeof cmd, "cd \"%s\"", dir); if (parse_dispatch_command(conn, cmd, - &remote_path, 1) != 0) { + &remote_path, startdir, 1) != 0) { free(dir); + free(startdir); free(remote_path); free(conn); return (-1); @@ -2154,8 +2162,9 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) file2 == NULL ? "" : " ", file2 == NULL ? "" : file2); err = parse_dispatch_command(conn, cmd, - &remote_path, 1); + &remote_path, startdir, 1); free(dir); + free(startdir); free(remote_path); free(conn); return (err); @@ -2214,11 +2223,12 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) signal(SIGINT, cmd_interrupt); err = parse_dispatch_command(conn, cmd, &remote_path, - batchmode); + startdir, batchmode); if (err != 0) break; } free(remote_path); + free(startdir); free(conn); #ifdef USE_LIBEDIT @@ -2301,19 +2311,16 @@ usage(void) "[-i identity_file] [-l limit]\n" " [-o ssh_option] [-P port] [-R num_requests] " "[-S program]\n" - " [-s subsystem | sftp_server] host\n" - " %s [user@]host[:file ...]\n" - " %s [user@]host[:dir[/]]\n" - " %s -b batchfile [user@]host\n", - __progname, __progname, __progname, __progname); + " [-s subsystem | sftp_server] destination\n", + __progname); exit(1); } int main(int argc, char **argv) { - int in, out, ch, err; - char *host = NULL, *userhost, *cp, *file2 = NULL; + int in, out, ch, err, tmp, port = -1; + char *host = NULL, *user, *cp, *file2 = NULL; int debug_level = 0, sshver = 2; char *file1 = NULL, *sftp_server = NULL; char *ssh_program = _PATH_SSH_PROGRAM, *sftp_direct = NULL; @@ -2368,7 +2375,9 @@ main(int argc, char **argv) addargs(&args, "-%c", ch); break; case 'P': - addargs(&args, "-oPort %s", optarg); + port = a2port(optarg); + if (port <= 0) + fatal("Bad port \"%s\"\n", optarg); break; case 'v': if (debug_level < 3) { @@ -2451,33 +2460,38 @@ main(int argc, char **argv) if (sftp_direct == NULL) { if (optind == argc || argc > (optind + 2)) usage(); + argv += optind; - userhost = xstrdup(argv[optind]); - file2 = argv[optind+1]; - - if ((host = strrchr(userhost, '@')) == NULL) - host = userhost; - else { - *host++ = '\0'; - if (!userhost[0]) { - fprintf(stderr, "Missing username\n"); - usage(); + switch (parse_uri("sftp", *argv, &user, &host, &tmp, &file1)) { + case -1: + usage(); + break; + case 0: + if (tmp != -1) + port = tmp; + break; + default: + if (parse_user_host_path(*argv, &user, &host, + &file1) == -1) { + /* Treat as a plain hostname. */ + host = xstrdup(*argv); + host = cleanhostname(host); } - addargs(&args, "-l"); - addargs(&args, "%s", userhost); + break; } + file2 = *(argv + 1); - if ((cp = colon(host)) != NULL) { - *cp++ = '\0'; - file1 = cp; - } - - host = cleanhostname(host); if (!*host) { fprintf(stderr, "Missing hostname\n"); usage(); } + if (port != -1) + addargs(&args, "-oPort %d", port); + if (user != NULL) { + addargs(&args, "-l"); + addargs(&args, "%s", user); + } addargs(&args, "-oProtocol %d", sshver); /* no subsystem if the server-spec contains a '/' */ diff --git a/ssh-add.c b/ssh-add.c index 2afd483305cc..adcc459987eb 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.134 2017/08/29 09:42:29 dlg Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.135 2018/02/23 15:58:37 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -78,6 +78,7 @@ static char *default_files[] = { #endif #endif /* WITH_OPENSSL */ _PATH_SSH_CLIENT_ID_ED25519, + _PATH_SSH_CLIENT_ID_XMSS, NULL }; @@ -89,6 +90,10 @@ static int lifetime = 0; /* User has to confirm key use */ static int confirm = 0; +/* Maximum number of signatures (XMSS) */ +static u_int maxsign = 0; +static u_int minleft = 0; + /* we keep a cache of one passphrase */ static char *pass = NULL; static void @@ -190,7 +195,10 @@ add_file(int agent_fd, const char *filename, int key_only, int qflag) char *comment = NULL; char msg[1024], *certpath = NULL; int r, fd, ret = -1; + size_t i; + u_int32_t left; struct sshbuf *keyblob; + struct ssh_identitylist *idlist; if (strcmp(filename, "-") == 0) { fd = STDIN_FILENO; @@ -268,8 +276,40 @@ add_file(int agent_fd, const char *filename, int key_only, int qflag) comment = xstrdup(filename); sshbuf_free(keyblob); + /* For XMSS */ + if ((r = sshkey_set_filename(private, filename)) != 0) { + fprintf(stderr, "Could not add filename to private key: %s (%s)\n", + filename, comment); + goto out; + } + if (maxsign && minleft && + (r = ssh_fetch_identitylist(agent_fd, &idlist)) == 0) { + for (i = 0; i < idlist->nkeys; i++) { + if (!sshkey_equal_public(idlist->keys[i], private)) + continue; + left = sshkey_signatures_left(idlist->keys[i]); + if (left < minleft) { + fprintf(stderr, + "Only %d signatures left.\n", left); + break; + } + fprintf(stderr, "Skipping update: "); + if (left == minleft) { + fprintf(stderr, + "required signatures left (%d).\n", left); + } else { + fprintf(stderr, + "more signatures left (%d) than" + " required (%d).\n", left, minleft); + } + ssh_free_identitylist(idlist); + goto out; + } + ssh_free_identitylist(idlist); + } + if ((r = ssh_add_identity_constrained(agent_fd, private, comment, - lifetime, confirm)) == 0) { + lifetime, confirm, maxsign)) == 0) { fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); ret = 0; if (lifetime != 0) @@ -317,7 +357,7 @@ add_file(int agent_fd, const char *filename, int key_only, int qflag) sshkey_free(cert); if ((r = ssh_add_identity_constrained(agent_fd, private, comment, - lifetime, confirm)) != 0) { + lifetime, confirm, maxsign)) != 0) { error("Certificate %s (%s) add failed: %s", certpath, private->cert->key_id, ssh_err(r)); goto out; @@ -368,6 +408,7 @@ list_identities(int agent_fd, int do_fp) char *fp; int r; struct ssh_identitylist *idlist; + u_int32_t left; size_t i; if ((r = ssh_fetch_identitylist(agent_fd, &idlist)) != 0) { @@ -392,7 +433,12 @@ list_identities(int agent_fd, int do_fp) ssh_err(r)); continue; } - fprintf(stdout, " %s\n", idlist->comments[i]); + fprintf(stdout, " %s", idlist->comments[i]); + left = sshkey_signatures_left(idlist->keys[i]); + if (left > 0) + fprintf(stdout, + " [signatures left %d]", left); + fprintf(stdout, "\n"); } } ssh_free_identitylist(idlist); @@ -454,6 +500,8 @@ usage(void) fprintf(stderr, " -L List public key parameters of all identities.\n"); fprintf(stderr, " -k Load only keys and not certificates.\n"); fprintf(stderr, " -c Require confirmation to sign using identities\n"); + fprintf(stderr, " -m minleft Maxsign is only changed if less than minleft are left (for XMSS)\n"); + fprintf(stderr, " -M maxsign Maximum number of signatures allowed (for XMSS)\n"); fprintf(stderr, " -t life Set lifetime (in seconds) when adding identities.\n"); fprintf(stderr, " -d Delete identity.\n"); fprintf(stderr, " -D Delete all identities.\n"); @@ -500,7 +548,7 @@ main(int argc, char **argv) exit(2); } - while ((ch = getopt(argc, argv, "klLcdDxXE:e:qs:t:")) != -1) { + while ((ch = getopt(argc, argv, "klLcdDxXE:e:M:m:qs:t:")) != -1) { switch (ch) { case 'E': fingerprint_hash = ssh_digest_alg_by_name(optarg); @@ -525,6 +573,22 @@ main(int argc, char **argv) case 'c': confirm = 1; break; + case 'm': + minleft = (int)strtonum(optarg, 1, UINT_MAX, NULL); + if (minleft == 0) { + usage(); + ret = 1; + goto done; + } + break; + case 'M': + maxsign = (int)strtonum(optarg, 1, UINT_MAX, NULL); + if (maxsign == 0) { + usage(); + ret = 1; + goto done; + } + break; case 'd': deleting = 1; break; diff --git a/ssh-agent.c b/ssh-agent.c index 0c6c3659217f..2a4578b03ef1 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.224 2017/07/24 04:34:28 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.228 2018/02/23 15:58:37 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -245,7 +245,8 @@ process_request_identities(SocketEntry *e) (r = sshbuf_put_u32(msg, idtab->nentries)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); TAILQ_FOREACH(id, &idtab->idlist, next) { - if ((r = sshkey_puts(id->key, msg)) != 0 || + if ((r = sshkey_puts_opts(id->key, msg, SSHKEY_SERIALIZE_INFO)) + != 0 || (r = sshbuf_put_cstring(msg, id->comment)) != 0) { error("%s: put key/comment: %s", __func__, ssh_err(r)); @@ -287,10 +288,11 @@ process_sign_request2(SocketEntry *e) fatal("%s: sshbuf_new failed", __func__); if ((r = sshkey_froms(e->request, &key)) != 0 || (r = sshbuf_get_string_direct(e->request, &data, &dlen)) != 0 || - (r = sshbuf_get_u32(e->request, &flags)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - if (flags & SSH_AGENT_OLD_SIGNATURE) - compat = SSH_BUG_SIGBLOB; + (r = sshbuf_get_u32(e->request, &flags)) != 0) { + error("%s: couldn't parse request: %s", __func__, ssh_err(r)); + goto send; + } + if ((id = lookup_identity(key)) == NULL) { verbose("%s: %s key not found", __func__, sshkey_type(key)); goto send; @@ -401,7 +403,7 @@ process_add_identity(SocketEntry *e) { Identity *id; int success = 0, confirm = 0; - u_int seconds; + u_int seconds, maxsign; char *comment = NULL; time_t death = 0; struct sshkey *k = NULL; @@ -432,6 +434,18 @@ process_add_identity(SocketEntry *e) case SSH_AGENT_CONSTRAIN_CONFIRM: confirm = 1; break; + case SSH_AGENT_CONSTRAIN_MAXSIGN: + if ((r = sshbuf_get_u32(e->request, &maxsign)) != 0) { + error("%s: bad maxsign constraint: %s", + __func__, ssh_err(r)); + goto err; + } + if ((r = sshkey_enable_maxsign(k, maxsign)) != 0) { + error("%s: cannot enable maxsign: %s", + __func__, ssh_err(r)); + goto err; + } + break; default: error("%s: Unknown constraint %d", __func__, ctype); err: @@ -447,14 +461,15 @@ process_add_identity(SocketEntry *e) death = monotime() + lifetime; if ((id = lookup_identity(k)) == NULL) { id = xcalloc(1, sizeof(Identity)); - id->key = k; TAILQ_INSERT_TAIL(&idtab->idlist, id, next); /* Increment the number of identities. */ idtab->nentries++; } else { - sshkey_free(k); + /* key state might have been updated */ + sshkey_free(id->key); free(id->comment); } + id->key = k; id->comment = comment; id->death = death; id->confirm = confirm; @@ -472,6 +487,11 @@ process_lock_agent(SocketEntry *e, int lock) static u_int fail_count = 0; size_t pwlen; + /* + * This is deliberately fatal: the user has requested that we lock, + * but we can't parse their request properly. The only safe thing to + * do is abort. + */ if ((r = sshbuf_get_cstring(e->request, &passwd, &pwlen)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); if (pwlen == 0) { @@ -529,7 +549,7 @@ no_identities(SocketEntry *e) static void process_add_smartcard_key(SocketEntry *e) { - char *provider = NULL, *pin, canonical_provider[PATH_MAX]; + char *provider = NULL, *pin = NULL, canonical_provider[PATH_MAX]; int r, i, count = 0, success = 0, confirm = 0; u_int seconds; time_t death = 0; @@ -538,17 +558,23 @@ process_add_smartcard_key(SocketEntry *e) Identity *id; if ((r = sshbuf_get_cstring(e->request, &provider, NULL)) != 0 || - (r = sshbuf_get_cstring(e->request, &pin, NULL)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + (r = sshbuf_get_cstring(e->request, &pin, NULL)) != 0) { + error("%s: buffer error: %s", __func__, ssh_err(r)); + goto send; + } while (sshbuf_len(e->request)) { - if ((r = sshbuf_get_u8(e->request, &type)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + if ((r = sshbuf_get_u8(e->request, &type)) != 0) { + error("%s: buffer error: %s", __func__, ssh_err(r)); + goto send; + } switch (type) { case SSH_AGENT_CONSTRAIN_LIFETIME: - if ((r = sshbuf_get_u32(e->request, &seconds)) != 0) - fatal("%s: buffer error: %s", + if ((r = sshbuf_get_u32(e->request, &seconds)) != 0) { + error("%s: buffer error: %s", __func__, ssh_err(r)); + goto send; + } death = monotime() + seconds; break; case SSH_AGENT_CONSTRAIN_CONFIRM: @@ -606,8 +632,10 @@ process_remove_smartcard_key(SocketEntry *e) Identity *id, *nxt; if ((r = sshbuf_get_cstring(e->request, &provider, NULL)) != 0 || - (r = sshbuf_get_cstring(e->request, &pin, NULL)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + (r = sshbuf_get_cstring(e->request, &pin, NULL)) != 0) { + error("%s: buffer error: %s", __func__, ssh_err(r)); + goto send; + } free(pin); if (realpath(provider, canonical_provider) == NULL) { diff --git a/ssh-dss.c b/ssh-dss.c index 7af59fa6e19c..9f832ee2b286 100644 --- a/ssh-dss.c +++ b/ssh-dss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-dss.c,v 1.35 2016/04/21 06:08:02 djm Exp $ */ +/* $OpenBSD: ssh-dss.c,v 1.37 2018/02/07 02:06:51 jsing Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -86,42 +86,28 @@ ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, BN_bn2bin(sig->r, sigblob + SIGBLOB_LEN - INTBLOB_LEN - rlen); BN_bn2bin(sig->s, sigblob + SIGBLOB_LEN - slen); - if (compat & SSH_BUG_SIGBLOB) { - if (sigp != NULL) { - if ((*sigp = malloc(SIGBLOB_LEN)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - memcpy(*sigp, sigblob, SIGBLOB_LEN); - } - if (lenp != NULL) - *lenp = SIGBLOB_LEN; - ret = 0; - } else { - /* ietf-drafts */ - if ((b = sshbuf_new()) == NULL) { + if ((b = sshbuf_new()) == NULL) { + ret = SSH_ERR_ALLOC_FAIL; + goto out; + } + if ((ret = sshbuf_put_cstring(b, "ssh-dss")) != 0 || + (ret = sshbuf_put_string(b, sigblob, SIGBLOB_LEN)) != 0) + goto out; + + len = sshbuf_len(b); + if (sigp != NULL) { + if ((*sigp = malloc(len)) == NULL) { ret = SSH_ERR_ALLOC_FAIL; goto out; } - if ((ret = sshbuf_put_cstring(b, "ssh-dss")) != 0 || - (ret = sshbuf_put_string(b, sigblob, SIGBLOB_LEN)) != 0) - goto out; - len = sshbuf_len(b); - if (sigp != NULL) { - if ((*sigp = malloc(len)) == NULL) { - ret = SSH_ERR_ALLOC_FAIL; - goto out; - } - memcpy(*sigp, sshbuf_ptr(b), len); - } - if (lenp != NULL) - *lenp = len; - ret = 0; + memcpy(*sigp, sshbuf_ptr(b), len); } + if (lenp != NULL) + *lenp = len; + ret = 0; out: explicit_bzero(digest, sizeof(digest)); - if (sig != NULL) - DSA_SIG_free(sig); + DSA_SIG_free(sig); sshbuf_free(b); return ret; } @@ -146,28 +132,20 @@ ssh_dss_verify(const struct sshkey *key, return SSH_ERR_INTERNAL_ERROR; /* fetch signature */ - if (compat & SSH_BUG_SIGBLOB) { - if ((sigblob = malloc(signaturelen)) == NULL) - return SSH_ERR_ALLOC_FAIL; - memcpy(sigblob, signature, signaturelen); - len = signaturelen; - } else { - /* ietf-drafts */ - if ((b = sshbuf_from(signature, signaturelen)) == NULL) - return SSH_ERR_ALLOC_FAIL; - if (sshbuf_get_cstring(b, &ktype, NULL) != 0 || - sshbuf_get_string(b, &sigblob, &len) != 0) { - ret = SSH_ERR_INVALID_FORMAT; - goto out; - } - if (strcmp("ssh-dss", ktype) != 0) { - ret = SSH_ERR_KEY_TYPE_MISMATCH; - goto out; - } - if (sshbuf_len(b) != 0) { - ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; - goto out; - } + if ((b = sshbuf_from(signature, signaturelen)) == NULL) + return SSH_ERR_ALLOC_FAIL; + if (sshbuf_get_cstring(b, &ktype, NULL) != 0 || + sshbuf_get_string(b, &sigblob, &len) != 0) { + ret = SSH_ERR_INVALID_FORMAT; + goto out; + } + if (strcmp("ssh-dss", ktype) != 0) { + ret = SSH_ERR_KEY_TYPE_MISMATCH; + goto out; + } + if (sshbuf_len(b) != 0) { + ret = SSH_ERR_UNEXPECTED_TRAILING_DATA; + goto out; } if (len != SIGBLOB_LEN) { @@ -207,8 +185,7 @@ ssh_dss_verify(const struct sshkey *key, out: explicit_bzero(digest, sizeof(digest)); - if (sig != NULL) - DSA_SIG_free(sig); + DSA_SIG_free(sig); sshbuf_free(b); free(ktype); if (sigblob != NULL) { diff --git a/ssh-ecdsa.c b/ssh-ecdsa.c index d7bf3c69b006..3d3b78d7b42e 100644 --- a/ssh-ecdsa.c +++ b/ssh-ecdsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-ecdsa.c,v 1.13 2016/04/21 06:08:02 djm Exp $ */ +/* $OpenBSD: ssh-ecdsa.c,v 1.14 2018/02/07 02:06:51 jsing Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -101,8 +101,7 @@ ssh_ecdsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, explicit_bzero(digest, sizeof(digest)); sshbuf_free(b); sshbuf_free(bb); - if (sig != NULL) - ECDSA_SIG_free(sig); + ECDSA_SIG_free(sig); return ret; } @@ -180,8 +179,7 @@ ssh_ecdsa_verify(const struct sshkey *key, explicit_bzero(digest, sizeof(digest)); sshbuf_free(sigbuf); sshbuf_free(b); - if (sig != NULL) - ECDSA_SIG_free(sig); + ECDSA_SIG_free(sig); free(ktype); return ret; } diff --git a/ssh-keygen.0 b/ssh-keygen.0 index fb2c02fe7f90..417e8382b680 100644 --- a/ssh-keygen.0 +++ b/ssh-keygen.0 @@ -226,8 +226,10 @@ DESCRIPTION -O option Specify a certificate option when signing a key. This option may be specified multiple times. See also the CERTIFICATES section - for further details. The options that are valid for user - certificates are: + for further details. + + At present, no standard options are valid for host keys. The + options that are valid for user certificates are: clear Clear all enabled permissions. This is useful for clearing the default set of permissions so permissions @@ -246,8 +248,6 @@ DESCRIPTION unknown critical options will cause the certificate to be refused. - At present, no standard options are valid for host keys. - force-command=command Forces the execution of command instead of any shell or command specified by the user when the certificate is @@ -280,7 +280,7 @@ DESCRIPTION permit-user-rc Allows execution of ~/.ssh/rc by sshd(8). - permit-x11-forwarding + permit-X11-forwarding Allows X11 forwarding. source-address=address_list @@ -349,19 +349,26 @@ DESCRIPTION validity interval may consist of a single time, indicating that the certificate is valid beginning now and expiring at that time, or may consist of two times separated by a colon to indicate an - explicit time interval. The start time may be specified as a - date in YYYYMMDD format, a time in YYYYMMDDHHMMSS format or a - relative time (to the current time) consisting of a minus sign - followed by a relative time in the format described in the TIME - FORMATS section of sshd_config(5). The end time may be specified - as a YYYYMMDD date, a YYYYMMDDHHMMSS time or a relative time - starting with a plus character. + explicit time interval. + + The start time may be specified as the string M-bM-^@M-^\alwaysM-bM-^@M-^] to + indicate the certificate has no specified start time, a date in + YYYYMMDD format, a time in YYYYMMDDHHMM[SS] format, a relative + time (to the current time) consisting of a minus sign followed by + an interval in the format described in the TIME FORMATS section + of sshd_config(5). + + The end time may be specified as a YYYYMMDD date, a + YYYYMMDDHHMM[SS] time, a relative time starting with a plus + character or the string M-bM-^@M-^\foreverM-bM-^@M-^] to indicate that the + certificate has no expirty date. For example: M-bM-^@M-^\+52w1dM-bM-^@M-^] (valid from now to 52 weeks and one day from now), M-bM-^@M-^\-4w:+4wM-bM-^@M-^] (valid from four weeks ago to four weeks from now), M-bM-^@M-^\20100101123000:20110101123000M-bM-^@M-^] (valid from 12:30 PM, January 1st, 2010 to 12:30 PM, January 1st, 2011), M-bM-^@M-^\-1d:20110101M-bM-^@M-^] (valid from yesterday to midnight, January 1st, 2011). + M-bM-^@M-^\-1m:foreverM-bM-^@M-^] (valid from one minute ago and never expiring). -v Verbose mode. Causes ssh-keygen to print debugging messages about its progress. This is helpful for debugging moduli @@ -570,4 +577,4 @@ AUTHORS created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -OpenBSD 6.2 July 8, 2017 OpenBSD 6.2 +OpenBSD 6.2 March 12, 2018 OpenBSD 6.2 diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 5f1ec09b07a2..3525d7d17567 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.144 2017/07/08 18:32:54 jmc Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.147 2018/03/12 00:52:01 djm Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: July 8 2017 $ +.Dd $Mdocdate: March 12 2018 $ .Dt SSH-KEYGEN 1 .Os .Sh NAME @@ -425,6 +425,8 @@ This option may be specified multiple times. See also the .Sx CERTIFICATES section for further details. +.Pp +At present, no standard options are valid for host keys. The options that are valid for user certificates are: .Pp .Bl -tag -width Ds -compact @@ -448,8 +450,6 @@ contents (usually indicating a flag). Extensions may be ignored by a client or server that does not recognise them, whereas unknown critical options will cause the certificate to be refused. .Pp -At present, no standard options are valid for host keys. -.Pp .It Ic force-command Ns = Ns Ar command Forces the execution of .Ar command @@ -494,7 +494,7 @@ Allows execution of by .Xr sshd 8 . .Pp -.It Ic permit-x11-forwarding +.It Ic permit-X11-forwarding Allows X11 forwarding. .Pp .It Ic source-address Ns = Ns Ar address_list @@ -584,13 +584,20 @@ Specify a validity interval when signing a certificate. A validity interval may consist of a single time, indicating that the certificate is valid beginning now and expiring at that time, or may consist of two times separated by a colon to indicate an explicit time interval. -The start time may be specified as a date in YYYYMMDD format, a time -in YYYYMMDDHHMMSS format or a relative time (to the current time) consisting -of a minus sign followed by a relative time in the format described in the +.Pp +The start time may be specified as the string +.Dq always +to indicate the certificate has no specified start time, +a date in YYYYMMDD format, a time in YYYYMMDDHHMM[SS] format, +a relative time (to the current time) consisting of a minus sign followed by +an interval in the format described in the TIME FORMATS section of .Xr sshd_config 5 . -The end time may be specified as a YYYYMMDD date, a YYYYMMDDHHMMSS time or -a relative time starting with a plus character. +.Pp +The end time may be specified as a YYYYMMDD date, a YYYYMMDDHHMM[SS] time, +a relative time starting with a plus character or the string +.Dq forever +to indicate that the certificate has no expirty date. .Pp For example: .Dq +52w1d @@ -601,6 +608,8 @@ For example: (valid from 12:30 PM, January 1st, 2010 to 12:30 PM, January 1st, 2011), .Dq -1d:20110101 (valid from yesterday to midnight, January 1st, 2011). +.Dq -1m:forever +(valid from one minute ago and never expiring). .It Fl v Verbose mode. Causes diff --git a/ssh-keygen.c b/ssh-keygen.c index 835f7d0169ba..9aac64fc3b14 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.307 2017/07/07 03:53:12 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.314 2018/03/12 00:52:01 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -275,6 +275,10 @@ ask_filename(struct passwd *pw, const char *prompt) case KEY_ED25519_CERT: name = _PATH_SSH_CLIENT_ID_ED25519; break; + case KEY_XMSS: + case KEY_XMSS_CERT: + name = _PATH_SSH_CLIENT_ID_XMSS; + break; default: fatal("bad key type"); } @@ -377,13 +381,6 @@ do_convert_to_pem(struct sshkey *k) if (!PEM_write_RSAPublicKey(stdout, k->rsa)) fatal("PEM_write_RSAPublicKey failed"); break; -#if notyet /* OpenSSH 0.9.8 lacks this function */ - case KEY_DSA: - if (!PEM_write_DSAPublicKey(stdout, k->dsa)) - fatal("PEM_write_DSAPublicKey failed"); - break; -#endif - /* XXX ECDSA? */ default: fatal("%s: unsupported key type %s", __func__, sshkey_type(k)); } @@ -539,7 +536,7 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen) /* try the key */ if (sshkey_sign(key, &sig, &slen, data, sizeof(data), NULL, 0) != 0 || - sshkey_verify(key, sig, slen, data, sizeof(data), 0) != 0) { + sshkey_verify(key, sig, slen, data, sizeof(data), NULL, 0) != 0) { sshkey_free(key); free(sig); return NULL; @@ -671,9 +668,6 @@ do_convert_from_pem(struct sshkey **k, int *private) { FILE *fp; RSA *rsa; -#ifdef notyet - DSA *dsa; -#endif if ((fp = fopen(identity_file, "r")) == NULL) fatal("%s: %s: %s", __progname, identity_file, strerror(errno)); @@ -685,18 +679,6 @@ do_convert_from_pem(struct sshkey **k, int *private) fclose(fp); return; } -#if notyet /* OpenSSH 0.9.8 lacks this function */ - rewind(fp); - if ((dsa = PEM_read_DSAPublicKey(fp, NULL, NULL, NULL)) != NULL) { - if ((*k = sshkey_new(KEY_UNSPEC)) == NULL) - fatal("sshkey_new failed"); - (*k)->type = KEY_DSA; - (*k)->dsa = dsa; - fclose(fp); - return; - } - /* XXX ECDSA */ -#endif fatal("%s: unrecognised raw private key format", __func__); } @@ -991,6 +973,9 @@ do_gen_all_hostkeys(struct passwd *pw) #endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ { "ed25519", "ED25519",_PATH_HOST_ED25519_KEY_FILE }, +#ifdef WITH_XMSS + { "xmss", "XMSS",_PATH_HOST_XMSS_KEY_FILE }, +#endif /* WITH_XMSS */ { NULL, NULL, NULL } }; @@ -1477,7 +1462,8 @@ do_change_comment(struct passwd *pw) } } - if (private->type != KEY_ED25519 && !use_new_format) { + if (private->type != KEY_ED25519 && private->type != KEY_XMSS && + !use_new_format) { error("Comments are only supported for keys stored in " "the new format (-o)."); explicit_bzero(passphrase, strlen(passphrase)); @@ -1719,13 +1705,16 @@ do_ca_sign(struct passwd *pw, int argc, char **argv) } free(otmp); } + if (n > SSHKEY_CERT_MAX_PRINCIPALS) + fatal("Too many certificate principals specified"); tmp = tilde_expand_filename(argv[i], pw->pw_uid); if ((r = sshkey_load_public(tmp, &public, &comment)) != 0) fatal("%s: unable to open \"%s\": %s", __func__, tmp, ssh_err(r)); if (public->type != KEY_RSA && public->type != KEY_DSA && - public->type != KEY_ECDSA && public->type != KEY_ED25519) + public->type != KEY_ECDSA && public->type != KEY_ED25519 && + public->type != KEY_XMSS) fatal("%s: key \"%s\" type %s cannot be certified", __func__, tmp, sshkey_type(public)); @@ -1809,40 +1798,6 @@ parse_relative_time(const char *s, time_t now) return now + (u_int64_t)(secs * mul); } -static u_int64_t -parse_absolute_time(const char *s) -{ - struct tm tm; - time_t tt; - char buf[32], *fmt; - - /* - * POSIX strptime says "The application shall ensure that there - * is white-space or other non-alphanumeric characters between - * any two conversion specifications" so arrange things this way. - */ - switch (strlen(s)) { - case 8: - fmt = "%Y-%m-%d"; - snprintf(buf, sizeof(buf), "%.4s-%.2s-%.2s", s, s + 4, s + 6); - break; - case 14: - fmt = "%Y-%m-%dT%H:%M:%S"; - snprintf(buf, sizeof(buf), "%.4s-%.2s-%.2sT%.2s:%.2s:%.2s", - s, s + 4, s + 6, s + 8, s + 10, s + 12); - break; - default: - fatal("Invalid certificate time format %s", s); - } - - memset(&tm, 0, sizeof(tm)); - if (strptime(buf, fmt, &tm) == NULL) - fatal("Invalid certificate time %s", s); - if ((tt = mktime(&tm)) < 0) - fatal("Certificate time %s cannot be represented", s); - return (u_int64_t)tt; -} - static void parse_cert_times(char *timespec) { @@ -1865,8 +1820,8 @@ parse_cert_times(char *timespec) /* * from:to, where - * from := [+-]timespec | YYYYMMDD | YYYYMMDDHHMMSS - * to := [+-]timespec | YYYYMMDD | YYYYMMDDHHMMSS + * from := [+-]timespec | YYYYMMDD | YYYYMMDDHHMMSS | "always" + * to := [+-]timespec | YYYYMMDD | YYYYMMDDHHMMSS | "forever" */ from = xstrdup(timespec); to = strchr(from, ':'); @@ -1876,13 +1831,17 @@ parse_cert_times(char *timespec) if (*from == '-' || *from == '+') cert_valid_from = parse_relative_time(from, now); - else - cert_valid_from = parse_absolute_time(from); + else if (strcmp(from, "always") == 0) + cert_valid_from = 0; + else if (parse_absolute_time(from, &cert_valid_from) != 0) + fatal("Invalid from time \"%s\"", from); if (*to == '-' || *to == '+') cert_valid_to = parse_relative_time(to, now); - else - cert_valid_to = parse_absolute_time(to); + else if (strcmp(to, "forever") == 0) + cert_valid_to = ~(u_int64_t)0; + else if (parse_absolute_time(to, &cert_valid_to) != 0) + fatal("Invalid to time \"%s\"", to); if (cert_valid_to <= cert_valid_from) fatal("Empty certificate validity interval"); @@ -2421,7 +2380,7 @@ main(int argc, char **argv) gen_all_hostkeys = 1; break; case 'b': - bits = (u_int32_t)strtonum(optarg, 256, 32768, &errstr); + bits = (u_int32_t)strtonum(optarg, 10, 32768, &errstr); if (errstr) fatal("Bits has bad value %s (%s)", optarg, errstr); @@ -2699,6 +2658,8 @@ main(int argc, char **argv) _PATH_HOST_ECDSA_KEY_FILE, rr_hostname); n += do_print_resource_record(pw, _PATH_HOST_ED25519_KEY_FILE, rr_hostname); + n += do_print_resource_record(pw, + _PATH_HOST_XMSS_KEY_FILE, rr_hostname); if (n == 0) fatal("no keys found."); exit(0); @@ -2859,7 +2820,8 @@ main(int argc, char **argv) if ((r = sshkey_write(public, f)) != 0) error("write key failed: %s", ssh_err(r)); fprintf(f, " %s\n", comment); - fclose(f); + if (ferror(f) || fclose(f) != 0) + fatal("write public failed: %s", strerror(errno)); if (!quiet) { fp = sshkey_fingerprint(public, fingerprint_hash, diff --git a/ssh-keyscan.0 b/ssh-keyscan.0 index 1a9751ef14a4..c0278ee0aacd 100644 --- a/ssh-keyscan.0 +++ b/ssh-keyscan.0 @@ -1,62 +1,66 @@ SSH-KEYSCAN(1) General Commands Manual SSH-KEYSCAN(1) NAME - ssh-keyscan M-bM-^@M-^S gather ssh public keys + ssh-keyscan M-bM-^@M-^S gather SSH public keys SYNOPSIS - ssh-keyscan [-46cHv] [-f file] [-p port] [-T timeout] [-t type] - [host | addrlist namelist] ... + ssh-keyscan [-46cDHv] [-f file] [-p port] [-T timeout] [-t type] + [host | addrlist namelist] DESCRIPTION - ssh-keyscan is a utility for gathering the public ssh host keys of a + ssh-keyscan is a utility for gathering the public SSH host keys of a number of hosts. It was designed to aid in building and verifying - ssh_known_hosts files. ssh-keyscan provides a minimal interface suitable - for use by shell and perl scripts. + ssh_known_hosts files, the format of which is documented in sshd(8). + ssh-keyscan provides a minimal interface suitable for use by shell and + perl scripts. ssh-keyscan uses non-blocking socket I/O to contact as many hosts as possible in parallel, so it is very efficient. The keys from a domain of 1,000 hosts can be collected in tens of seconds, even when some of those - hosts are down or do not run ssh. For scanning, one does not need login - access to the machines that are being scanned, nor does the scanning - process involve any encryption. + hosts are down or do not run sshd(8). For scanning, one does not need + login access to the machines that are being scanned, nor does the + scanning process involve any encryption. The options are as follows: - -4 Forces ssh-keyscan to use IPv4 addresses only. + -4 Force ssh-keyscan to use IPv4 addresses only. - -6 Forces ssh-keyscan to use IPv6 addresses only. + -6 Force ssh-keyscan to use IPv6 addresses only. -c Request certificates from target hosts instead of plain keys. + -D Print keys found as SSHFP DNS records. The default is to print + keys in a format usable as a ssh(1) known_hosts file. + -f file Read hosts or M-bM-^@M-^\addrlist namelistM-bM-^@M-^] pairs from file, one per line. - If - is supplied instead of a filename, ssh-keyscan will read - hosts or M-bM-^@M-^\addrlist namelistM-bM-^@M-^] pairs from the standard input. + If M-bM-^@M-^X-M-bM-^@M-^Y is supplied instead of a filename, ssh-keyscan will read + from the standard input. Input is expected in the format: + + 1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4 -H Hash all hostnames and addresses in the output. Hashed names may - be used normally by ssh and sshd, but they do not reveal + be used normally by ssh(1) and sshd(8), but they do not reveal identifying information should the file's contents be disclosed. -p port - Port to connect to on the remote host. + Connect to port on the remote host. -T timeout Set the timeout for connection attempts. If timeout seconds have elapsed since a connection was initiated to a host or since the - last time anything was read from that host, then the connection - is closed and the host in question considered unavailable. - Default is 5 seconds. + last time anything was read from that host, the connection is + closed and the host in question considered unavailable. The + default is 5 seconds. -t type - Specifies the type of the key to fetch from the scanned hosts. - The possible values are M-bM-^@M-^\dsaM-bM-^@M-^], M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ed25519M-bM-^@M-^], or M-bM-^@M-^\rsaM-bM-^@M-^]. + Specify the type of the key to fetch from the scanned hosts. The + possible values are M-bM-^@M-^\dsaM-bM-^@M-^], M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ed25519M-bM-^@M-^], or M-bM-^@M-^\rsaM-bM-^@M-^]. Multiple values may be specified by separating them with commas. The default is to fetch M-bM-^@M-^\rsaM-bM-^@M-^], M-bM-^@M-^\ecdsaM-bM-^@M-^], and M-bM-^@M-^\ed25519M-bM-^@M-^] keys. - -v Verbose mode. Causes ssh-keyscan to print debugging messages - about its progress. + -v Verbose mode: print debugging messages about progress. -SECURITY If an ssh_known_hosts file is constructed using ssh-keyscan without verifying the keys, users will be vulnerable to man in the middle attacks. On the other hand, if the security model allows such a risk, @@ -65,42 +69,28 @@ SECURITY created. FILES - Input format: - - 1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4 - - Output format for RSA, DSA, ECDSA, and Ed25519 keys: - - host-or-namelist keytype base64-encoded-key - - Where keytype is either M-bM-^@M-^\ecdsa-sha2-nistp256M-bM-^@M-^], M-bM-^@M-^\ecdsa-sha2-nistp384M-bM-^@M-^], - M-bM-^@M-^\ecdsa-sha2-nistp521M-bM-^@M-^], M-bM-^@M-^\ssh-ed25519M-bM-^@M-^], M-bM-^@M-^\ssh-dssM-bM-^@M-^] or M-bM-^@M-^\ssh-rsaM-bM-^@M-^]. - /etc/ssh/ssh_known_hosts EXAMPLES - Print the rsa host key for machine hostname: + Print the RSA host key for machine hostname: - $ ssh-keyscan hostname + $ ssh-keyscan -t rsa hostname Find all hosts from the file ssh_hosts which have new or different keys from those in the sorted file ssh_known_hosts: - $ ssh-keyscan -t rsa,dsa,ecdsa,ed25519 -f ssh_hosts | \ - sort -u - ssh_known_hosts | diff ssh_known_hosts - + $ ssh-keyscan -t rsa,dsa,ecdsa,ed25519 -f ssh_hosts | \ + sort -u - ssh_known_hosts | diff ssh_known_hosts - SEE ALSO ssh(1), sshd(8) + Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints, RFC + 4255, 2006. + AUTHORS David Mazieres wrote the initial version, and Wayne Davison added support for protocol version 2. -BUGS - It generates "Connection closed by remote host" messages on the consoles - of all the machines it scans if the server is older than version 2.9. - This is because it opens a connection to the ssh port, reads the public - key, and drops the connection as soon as it gets the key. - -OpenBSD 6.2 May 2, 2017 OpenBSD 6.2 +OpenBSD 6.2 March 5, 2018 OpenBSD 6.2 diff --git a/ssh-keyscan.1 b/ssh-keyscan.1 index aa4a2ae838a0..f3d7a4078f53 100644 --- a/ssh-keyscan.1 +++ b/ssh-keyscan.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keyscan.1,v 1.40 2017/05/02 17:04:09 jmc Exp $ +.\" $OpenBSD: ssh-keyscan.1,v 1.44 2018/03/05 07:03:18 jmc Exp $ .\" .\" Copyright 1995, 1996 by David Mazieres . .\" @@ -6,30 +6,29 @@ .\" permitted provided that due credit is given to the author and the .\" OpenBSD project by leaving this copyright notice intact. .\" -.Dd $Mdocdate: May 2 2017 $ +.Dd $Mdocdate: March 5 2018 $ .Dt SSH-KEYSCAN 1 .Os .Sh NAME .Nm ssh-keyscan -.Nd gather ssh public keys +.Nd gather SSH public keys .Sh SYNOPSIS .Nm ssh-keyscan -.Bk -words -.Op Fl 46cHv +.Op Fl 46cDHv .Op Fl f Ar file .Op Fl p Ar port .Op Fl T Ar timeout .Op Fl t Ar type .Op Ar host | addrlist namelist -.Ar ... -.Ek .Sh DESCRIPTION .Nm -is a utility for gathering the public ssh host keys of a number of +is a utility for gathering the public SSH host keys of a number of hosts. It was designed to aid in building and verifying .Pa ssh_known_hosts -files. +files, +the format of which is documented in +.Xr sshd 8 . .Nm provides a minimal interface suitable for use by shell and perl scripts. @@ -39,7 +38,8 @@ uses non-blocking socket I/O to contact as many hosts as possible in parallel, so it is very efficient. The keys from a domain of 1,000 hosts can be collected in tens of seconds, even when some of those -hosts are down or do not run ssh. +hosts are down or do not run +.Xr sshd 8 . For scanning, one does not need login access to the machines that are being scanned, nor does the scanning process involve any encryption. @@ -47,15 +47,21 @@ scanning process involve any encryption. The options are as follows: .Bl -tag -width Ds .It Fl 4 -Forces +Force .Nm to use IPv4 addresses only. .It Fl 6 -Forces +Force .Nm to use IPv6 addresses only. .It Fl c Request certificates from target hosts instead of plain keys. +.It Fl D +Print keys found as SSHFP DNS records. +The default is to print keys in a format usable as a +.Xr ssh 1 +.Pa known_hosts +file. .It Fl f Ar file Read hosts or .Dq addrlist namelist @@ -63,32 +69,36 @@ pairs from .Ar file , one per line. If -.Pa - +.Sq - is supplied instead of a filename, .Nm -will read hosts or -.Dq addrlist namelist -pairs from the standard input. +will read from the standard input. +Input is expected in the format: +.Bd -literal +1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4 +.Ed .It Fl H Hash all hostnames and addresses in the output. Hashed names may be used normally by -.Nm ssh +.Xr ssh 1 and -.Nm sshd , +.Xr sshd 8 , but they do not reveal identifying information should the file's contents be disclosed. .It Fl p Ar port -Port to connect to on the remote host. +Connect to +.Ar port +on the remote host. .It Fl T Ar timeout Set the timeout for connection attempts. If .Ar timeout seconds have elapsed since a connection was initiated to a host or since the -last time anything was read from that host, then the connection is +last time anything was read from that host, the connection is closed and the host in question considered unavailable. -Default is 5 seconds. +The default is 5 seconds. .It Fl t Ar type -Specifies the type of the key to fetch from the scanned hosts. +Specify the type of the key to fetch from the scanned hosts. The possible values are .Dq dsa , .Dq ecdsa , @@ -103,12 +113,10 @@ and .Dq ed25519 keys. .It Fl v -Verbose mode. -Causes -.Nm -to print debugging messages about its progress. +Verbose mode: +print debugging messages about progress. .El -.Sh SECURITY +.Pp If an ssh_known_hosts file is constructed using .Nm without verifying the keys, users will be vulnerable to @@ -119,54 +127,32 @@ On the other hand, if the security model allows such a risk, can help in the detection of tampered keyfiles or man in the middle attacks which have begun after the ssh_known_hosts file was created. .Sh FILES -Input format: -.Bd -literal -1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4 -.Ed -.Pp -Output format for RSA, DSA, ECDSA, and Ed25519 keys: -.Bd -literal -host-or-namelist keytype base64-encoded-key -.Ed -.Pp -Where -.Ar keytype -is either -.Dq ecdsa-sha2-nistp256 , -.Dq ecdsa-sha2-nistp384 , -.Dq ecdsa-sha2-nistp521 , -.Dq ssh-ed25519 , -.Dq ssh-dss -or -.Dq ssh-rsa . -.Pp .Pa /etc/ssh/ssh_known_hosts .Sh EXAMPLES -Print the rsa host key for machine +Print the RSA host key for machine .Ar hostname : -.Bd -literal -$ ssh-keyscan hostname -.Ed +.Pp +.Dl $ ssh-keyscan -t rsa hostname .Pp Find all hosts from the file .Pa ssh_hosts which have new or different keys from those in the sorted file .Pa ssh_known_hosts : -.Bd -literal +.Bd -literal -offset indent $ ssh-keyscan -t rsa,dsa,ecdsa,ed25519 -f ssh_hosts | \e sort -u - ssh_known_hosts | diff ssh_known_hosts - .Ed .Sh SEE ALSO .Xr ssh 1 , .Xr sshd 8 +.Rs +.%D 2006 +.%R RFC 4255 +.%T Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints +.Re .Sh AUTHORS .An -nosplit .An David Mazieres Aq Mt dm@lcs.mit.edu wrote the initial version, and .An Wayne Davison Aq Mt wayned@users.sourceforge.net added support for protocol version 2. -.Sh BUGS -It generates "Connection closed by remote host" messages on the consoles -of all the machines it scans if the server is older than version 2.9. -This is because it opens a connection to the ssh port, reads the public -key, and drops the connection as soon as it gets the key. diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 258123ae80a8..381fb0844da7 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keyscan.c,v 1.115 2017/06/30 04:17:23 dtucker Exp $ */ +/* $OpenBSD: ssh-keyscan.c,v 1.119 2018/03/02 21:40:15 jmc Exp $ */ /* * Copyright 1995, 1996 by David Mazieres . * @@ -46,6 +46,7 @@ #include "hostfile.h" #include "ssherr.h" #include "ssh_api.h" +#include "dns.h" /* Flag indicating whether IPv4 or IPv6. This can be set on the command line. Default value is AF_UNSPEC means both IPv4 and IPv6. */ @@ -57,15 +58,18 @@ int ssh_port = SSH_DEFAULT_PORT; #define KT_RSA (1<<1) #define KT_ECDSA (1<<2) #define KT_ED25519 (1<<3) +#define KT_XMSS (1<<4) #define KT_MIN KT_DSA -#define KT_MAX KT_ED25519 +#define KT_MAX KT_XMSS int get_cert = 0; int get_keytypes = KT_RSA|KT_ECDSA|KT_ED25519; int hash_hosts = 0; /* Hash hostname on output */ +int print_sshfp = 0; /* Print SSHFP records instead of known_hosts */ + #define MAXMAXFD 256 /* The number of seconds after which to give up on a TCP connection */ @@ -235,6 +239,10 @@ keygrab_ssh2(con *c) myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ? "ssh-ed25519-cert-v01@openssh.com" : "ssh-ed25519"; break; + case KT_XMSS: + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ? + "ssh-xmss-cert-v01@openssh.com" : "ssh-xmss@openssh.com"; + break; case KT_ECDSA: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ? "ecdsa-sha2-nistp256-cert-v01@openssh.com," @@ -280,6 +288,11 @@ keyprint_one(const char *host, struct sshkey *key) char *hostport; const char *known_host, *hashed; + if (print_sshfp) { + export_dns_rr(host, key, stdout, 0); + return; + } + hostport = put_host_port(host, ssh_port); lowercase(hostport); if (hash_hosts && (hashed = host_hash(host, NULL, 0)) == NULL) @@ -377,7 +390,7 @@ conalloc(char *iname, char *oname, int keytype) fdcon[s].c_len = 4; fdcon[s].c_off = 0; fdcon[s].c_keytype = keytype; - gettimeofday(&fdcon[s].c_tv, NULL); + monotime_tv(&fdcon[s].c_tv); fdcon[s].c_tv.tv_sec += timeout; TAILQ_INSERT_TAIL(&tq, &fdcon[s], c_link); FD_SET(s, read_wait); @@ -411,7 +424,7 @@ static void contouch(int s) { TAILQ_REMOVE(&tq, &fdcon[s], c_link); - gettimeofday(&fdcon[s].c_tv, NULL); + monotime_tv(&fdcon[s].c_tv); fdcon[s].c_tv.tv_sec += timeout; TAILQ_INSERT_TAIL(&tq, &fdcon[s], c_link); } @@ -497,7 +510,8 @@ congreet(int s) confree(s); return; } - fprintf(stderr, "# %s:%d %s\n", c->c_name, ssh_port, chop(buf)); + fprintf(stderr, "%c %s:%d %s\n", print_sshfp ? ';' : '#', + c->c_name, ssh_port, chop(buf)); keygrab_ssh2(c); confree(s); } @@ -545,7 +559,7 @@ conloop(void) con *c; int i; - gettimeofday(&now, NULL); + monotime_tv(&now); c = TAILQ_FIRST(&tq); if (c && (c->c_tv.tv_sec > now.tv_sec || @@ -621,8 +635,8 @@ static void usage(void) { fprintf(stderr, - "usage: %s [-46cHv] [-f file] [-p port] [-T timeout] [-t type]\n" - "\t\t [host | addrlist namelist] ...\n", + "usage: %s [-46cDHv] [-f file] [-p port] [-T timeout] [-t type]\n" + "\t\t [host | addrlist namelist]\n", __progname); exit(1); } @@ -650,7 +664,7 @@ main(int argc, char **argv) if (argc <= 1) usage(); - while ((opt = getopt(argc, argv, "cHv46p:T:t:f:")) != -1) { + while ((opt = getopt(argc, argv, "cDHv46p:T:t:f:")) != -1) { switch (opt) { case 'H': hash_hosts = 1; @@ -658,6 +672,9 @@ main(int argc, char **argv) case 'c': get_cert = 1; break; + case 'D': + print_sshfp = 1; + break; case 'p': ssh_port = a2port(optarg); if (ssh_port <= 0) { @@ -706,6 +723,9 @@ main(int argc, char **argv) case KEY_ED25519: get_keytypes |= KT_ED25519; break; + case KEY_XMSS: + get_keytypes |= KT_XMSS; + break; case KEY_UNSPEC: default: fatal("Unknown key type \"%s\"", tname); diff --git a/ssh-keysign.c b/ssh-keysign.c index ac5034de860f..78bb66b08f7b 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keysign.c,v 1.52 2016/02/15 09:47:49 dtucker Exp $ */ +/* $OpenBSD: ssh-keysign.c,v 1.54 2018/02/23 15:58:38 markus Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -158,7 +158,7 @@ valid_request(struct passwd *pw, char *host, struct sshkey **ret, debug3("%s: fail %d", __func__, fail); - if (fail && key != NULL) + if (fail) sshkey_free(key); else if (ret != NULL) *ret = key; @@ -171,7 +171,7 @@ main(int argc, char **argv) { struct sshbuf *b; Options options; -#define NUM_KEYTYPES 4 +#define NUM_KEYTYPES 5 struct sshkey *keys[NUM_KEYTYPES], *key = NULL; struct passwd *pw; int r, key_fd[NUM_KEYTYPES], i, found, version = 2, fd; @@ -198,6 +198,7 @@ main(int argc, char **argv) key_fd[i++] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_ECDSA_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_ED25519_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_XMSS_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY); original_real_uid = getuid(); /* XXX readconf.c needs this */ diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c index a79c872101fb..fc75828278fb 100644 --- a/ssh-pkcs11-client.c +++ b/ssh-pkcs11-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11-client.c,v 1.7 2017/05/30 08:52:19 markus Exp $ */ +/* $OpenBSD: ssh-pkcs11-client.c,v 1.8 2018/02/05 05:37:46 tb Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * @@ -99,7 +99,8 @@ pkcs11_init(int interactive) void pkcs11_terminate(void) { - close(fd); + if (fd >= 0) + close(fd); } static int diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c index fd3039c14272..6301033c513a 100644 --- a/ssh-pkcs11-helper.c +++ b/ssh-pkcs11-helper.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11-helper.c,v 1.13 2017/05/30 08:52:19 markus Exp $ */ +/* $OpenBSD: ssh-pkcs11-helper.c,v 1.14 2018/01/08 15:18:46 markus Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * @@ -30,12 +30,13 @@ #include #include "xmalloc.h" -#include "buffer.h" +#include "sshbuf.h" #include "log.h" #include "misc.h" -#include "key.h" +#include "sshkey.h" #include "authfd.h" #include "ssh-pkcs11.h" +#include "ssherr.h" #ifdef ENABLE_PKCS11 @@ -51,13 +52,9 @@ TAILQ_HEAD(, pkcs11_keyinfo) pkcs11_keylist; #define MAX_MSG_LENGTH 10240 /*XXX*/ -/* helper */ -#define get_int() buffer_get_int(&iqueue); -#define get_string(lenp) buffer_get_string(&iqueue, lenp); - /* input and output queue */ -Buffer iqueue; -Buffer oqueue; +struct sshbuf *iqueue; +struct sshbuf *oqueue; static void add_key(struct sshkey *k, char *name) @@ -80,7 +77,7 @@ del_keys_by_name(char *name) if (!strcmp(ki->providername, name)) { TAILQ_REMOVE(&pkcs11_keylist, ki, next); free(ki->providername); - key_free(ki->key); + sshkey_free(ki->key); free(ki); } } @@ -94,20 +91,19 @@ lookup_key(struct sshkey *k) TAILQ_FOREACH(ki, &pkcs11_keylist, next) { debug("check %p %s", ki, ki->providername); - if (key_equal(k, ki->key)) + if (sshkey_equal(k, ki->key)) return (ki->key); } return (NULL); } static void -send_msg(Buffer *m) +send_msg(struct sshbuf *m) { - int mlen = buffer_len(m); + int r; - buffer_put_int(&oqueue, mlen); - buffer_append(&oqueue, buffer_ptr(m), mlen); - buffer_consume(m, mlen); + if ((r = sshbuf_put_stringb(oqueue, m)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); } static void @@ -115,69 +111,85 @@ process_add(void) { char *name, *pin; struct sshkey **keys; - int i, nkeys; + int r, i, nkeys; u_char *blob; - u_int blen; - Buffer msg; + size_t blen; + struct sshbuf *msg; - buffer_init(&msg); - name = get_string(NULL); - pin = get_string(NULL); + if ((msg = sshbuf_new()) == NULL) + fatal("%s: sshbuf_new failed", __func__); + if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 || + (r = sshbuf_get_cstring(iqueue, &pin, NULL)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); if ((nkeys = pkcs11_add_provider(name, pin, &keys)) > 0) { - buffer_put_char(&msg, SSH2_AGENT_IDENTITIES_ANSWER); - buffer_put_int(&msg, nkeys); + if ((r = sshbuf_put_u8(msg, + SSH2_AGENT_IDENTITIES_ANSWER)) != 0 || + (r = sshbuf_put_u32(msg, nkeys)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); for (i = 0; i < nkeys; i++) { - if (key_to_blob(keys[i], &blob, &blen) == 0) + if ((r = sshkey_to_blob(keys[i], &blob, &blen)) != 0) { + debug("%s: sshkey_to_blob: %s", + __func__, ssh_err(r)); continue; - buffer_put_string(&msg, blob, blen); - buffer_put_cstring(&msg, name); + } + if ((r = sshbuf_put_string(msg, blob, blen)) != 0 || + (r = sshbuf_put_cstring(msg, name)) != 0) + fatal("%s: buffer error: %s", + __func__, ssh_err(r)); free(blob); add_key(keys[i], name); } free(keys); } else { - buffer_put_char(&msg, SSH_AGENT_FAILURE); + if ((r = sshbuf_put_u8(msg, SSH_AGENT_FAILURE)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); } free(pin); free(name); - send_msg(&msg); - buffer_free(&msg); + send_msg(msg); + sshbuf_free(msg); } static void process_del(void) { char *name, *pin; - Buffer msg; + struct sshbuf *msg; + int r; - buffer_init(&msg); - name = get_string(NULL); - pin = get_string(NULL); + if ((msg = sshbuf_new()) == NULL) + fatal("%s: sshbuf_new failed", __func__); + if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 || + (r = sshbuf_get_cstring(iqueue, &pin, NULL)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); del_keys_by_name(name); - if (pkcs11_del_provider(name) == 0) - buffer_put_char(&msg, SSH_AGENT_SUCCESS); - else - buffer_put_char(&msg, SSH_AGENT_FAILURE); + if ((r = sshbuf_put_u8(msg, pkcs11_del_provider(name) == 0 ? + SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); free(pin); free(name); - send_msg(&msg); - buffer_free(&msg); + send_msg(msg); + sshbuf_free(msg); } static void process_sign(void) { u_char *blob, *data, *signature = NULL; - u_int blen, dlen, slen = 0; - int ok = -1; + size_t blen, dlen, slen = 0; + int r, ok = -1; struct sshkey *key, *found; - Buffer msg; + struct sshbuf *msg; - blob = get_string(&blen); - data = get_string(&dlen); - (void)get_int(); /* XXX ignore flags */ + /* XXX support SHA2 signature flags */ + if ((r = sshbuf_get_string(iqueue, &blob, &blen)) != 0 || + (r = sshbuf_get_string(iqueue, &data, &dlen)) != 0 || + (r = sshbuf_get_u32(iqueue, NULL)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); - if ((key = key_from_blob(blob, blen)) != NULL) { + if ((r = sshkey_from_blob(blob, blen, &key)) != 0) + error("%s: sshkey_from_blob: %s", __func__, ssh_err(r)); + else { if ((found = lookup_key(key)) != NULL) { #ifdef WITH_OPENSSL int ret; @@ -191,20 +203,23 @@ process_sign(void) } #endif /* WITH_OPENSSL */ } - key_free(key); + sshkey_free(key); } - buffer_init(&msg); + if ((msg = sshbuf_new()) == NULL) + fatal("%s: sshbuf_new failed", __func__); if (ok == 0) { - buffer_put_char(&msg, SSH2_AGENT_SIGN_RESPONSE); - buffer_put_string(&msg, signature, slen); + if ((r = sshbuf_put_u8(msg, SSH2_AGENT_SIGN_RESPONSE)) != 0 || + (r = sshbuf_put_string(msg, signature, slen)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); } else { - buffer_put_char(&msg, SSH_AGENT_FAILURE); + if ((r = sshbuf_put_u8(msg, SSH2_AGENT_FAILURE)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); } free(data); free(blob); free(signature); - send_msg(&msg); - buffer_free(&msg); + send_msg(msg); + sshbuf_free(msg); } static void @@ -213,13 +228,14 @@ process(void) u_int msg_len; u_int buf_len; u_int consumed; - u_int type; - u_char *cp; + u_char type; + const u_char *cp; + int r; - buf_len = buffer_len(&iqueue); + buf_len = sshbuf_len(iqueue); if (buf_len < 5) return; /* Incomplete message. */ - cp = buffer_ptr(&iqueue); + cp = sshbuf_ptr(iqueue); msg_len = get_u32(cp); if (msg_len > MAX_MSG_LENGTH) { error("bad message len %d", msg_len); @@ -227,9 +243,10 @@ process(void) } if (buf_len < msg_len + 4) return; - buffer_consume(&iqueue, 4); + if ((r = sshbuf_consume(iqueue, 4)) != 0 || + (r = sshbuf_get_u8(iqueue, &type)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); buf_len -= 4; - type = buffer_get_char(&iqueue); switch (type) { case SSH_AGENTC_ADD_SMARTCARD_KEY: debug("process_add"); @@ -248,17 +265,19 @@ process(void) break; } /* discard the remaining bytes from the current packet */ - if (buf_len < buffer_len(&iqueue)) { + if (buf_len < sshbuf_len(iqueue)) { error("iqueue grew unexpectedly"); cleanup_exit(255); } - consumed = buf_len - buffer_len(&iqueue); + consumed = buf_len - sshbuf_len(iqueue); if (msg_len < consumed) { error("msg_len %d < consumed %d", msg_len, consumed); cleanup_exit(255); } - if (msg_len > consumed) - buffer_consume(&iqueue, msg_len - consumed); + if (msg_len > consumed) { + if ((r = sshbuf_consume(iqueue, msg_len - consumed)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); + } } void @@ -272,7 +291,7 @@ int main(int argc, char **argv) { fd_set *rset, *wset; - int in, out, max, log_stderr = 0; + int r, in, out, max, log_stderr = 0; ssize_t len, olen, set_size; SyslogFacility log_facility = SYSLOG_FACILITY_AUTH; LogLevel log_level = SYSLOG_LEVEL_ERROR; @@ -298,8 +317,10 @@ main(int argc, char **argv) if (out > max) max = out; - buffer_init(&iqueue); - buffer_init(&oqueue); + if ((iqueue = sshbuf_new()) == NULL) + fatal("%s: sshbuf_new failed", __func__); + if ((oqueue = sshbuf_new()) == NULL) + fatal("%s: sshbuf_new failed", __func__); set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask); rset = xmalloc(set_size); @@ -314,11 +335,13 @@ main(int argc, char **argv) * the worst-case length packet it can generate, * otherwise apply backpressure by stopping reads. */ - if (buffer_check_alloc(&iqueue, sizeof(buf)) && - buffer_check_alloc(&oqueue, MAX_MSG_LENGTH)) + if ((r = sshbuf_check_reserve(iqueue, sizeof(buf))) == 0 && + (r = sshbuf_check_reserve(oqueue, MAX_MSG_LENGTH)) == 0) FD_SET(in, rset); + else if (r != SSH_ERR_NO_BUFFER_SPACE) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); - olen = buffer_len(&oqueue); + olen = sshbuf_len(oqueue); if (olen > 0) FD_SET(out, wset); @@ -338,18 +361,20 @@ main(int argc, char **argv) } else if (len < 0) { error("read: %s", strerror(errno)); cleanup_exit(1); - } else { - buffer_append(&iqueue, buf, len); + } else if ((r = sshbuf_put(iqueue, buf, len)) != 0) { + fatal("%s: buffer error: %s", + __func__, ssh_err(r)); } } /* send oqueue to stdout */ if (FD_ISSET(out, wset)) { - len = write(out, buffer_ptr(&oqueue), olen); + len = write(out, sshbuf_ptr(oqueue), olen); if (len < 0) { error("write: %s", strerror(errno)); cleanup_exit(1); - } else { - buffer_consume(&oqueue, len); + } else if ((r = sshbuf_consume(oqueue, len)) != 0) { + fatal("%s: buffer error: %s", + __func__, ssh_err(r)); } } @@ -358,8 +383,10 @@ main(int argc, char **argv) * into the output buffer, otherwise stop processing input * and let the output queue drain. */ - if (buffer_check_alloc(&oqueue, MAX_MSG_LENGTH)) + if ((r = sshbuf_check_reserve(oqueue, MAX_MSG_LENGTH)) == 0) process(); + else if (r != SSH_ERR_NO_BUFFER_SPACE) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); } } #else /* ENABLE_PKCS11 */ diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index b37491c5d68d..65a7b58979d1 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.25 2017/05/31 09:15:42 deraadt Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.26 2018/02/07 02:06:51 jsing Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * @@ -532,8 +532,7 @@ pkcs11_fetch_keys_filter(struct pkcs11_provider *p, CK_ULONG slotidx, == NULL) { error("RSAPublicKey_dup"); } - if (x509) - X509_free(x509); + X509_free(x509); } if (rsa && rsa->n && rsa->e && pkcs11_rsa_wrap(p, slotidx, &attribs[0], rsa) == 0) { diff --git a/ssh-rsa.c b/ssh-rsa.c index f570ae6d40aa..49e71c87f64b 100644 --- a/ssh-rsa.c +++ b/ssh-rsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-rsa.c,v 1.62 2017/07/01 13:50:45 djm Exp $ */ +/* $OpenBSD: ssh-rsa.c,v 1.66 2018/02/14 16:27:24 jsing Exp $ */ /* * Copyright (c) 2000, 2003 Markus Friedl * @@ -33,6 +33,7 @@ #define SSHKEY_INTERNAL #include "sshkey.h" #include "digest.h" +#include "log.h" static int openssh_RSA_verify(int, u_char *, size_t, u_char *, size_t, RSA *); @@ -78,13 +79,12 @@ rsa_hash_alg_nid(int type) } } -/* calculate p-1 and q-1 */ int ssh_rsa_generate_additional_parameters(struct sshkey *key) { - RSA *rsa; BIGNUM *aux = NULL; BN_CTX *ctx = NULL; + BIGNUM d; int r; if (key == NULL || key->rsa == NULL || @@ -97,12 +97,15 @@ ssh_rsa_generate_additional_parameters(struct sshkey *key) r = SSH_ERR_ALLOC_FAIL; goto out; } - rsa = key->rsa; + BN_set_flags(aux, BN_FLG_CONSTTIME); - if ((BN_sub(aux, rsa->q, BN_value_one()) == 0) || - (BN_mod(rsa->dmq1, rsa->d, aux, ctx) == 0) || - (BN_sub(aux, rsa->p, BN_value_one()) == 0) || - (BN_mod(rsa->dmp1, rsa->d, aux, ctx) == 0)) { + BN_init(&d); + BN_with_flags(&d, key->rsa->d, BN_FLG_CONSTTIME); + + if ((BN_sub(aux, key->rsa->q, BN_value_one()) == 0) || + (BN_mod(key->rsa->dmq1, &d, aux, ctx) == 0) || + (BN_sub(aux, key->rsa->p, BN_value_one()) == 0) || + (BN_mod(key->rsa->dmp1, &d, aux, ctx) == 0)) { r = SSH_ERR_LIBCRYPTO_ERROR; goto out; } @@ -119,7 +122,7 @@ ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, const char *alg_ident) { u_char digest[SSH_DIGEST_MAX_LENGTH], *sig = NULL; - size_t slen; + size_t slen = 0; u_int dlen, len; int nid, hash_alg, ret = SSH_ERR_INTERNAL_ERROR; struct sshbuf *b = NULL; @@ -188,21 +191,19 @@ ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, ret = 0; out: explicit_bzero(digest, sizeof(digest)); - if (sig != NULL) { - explicit_bzero(sig, slen); - free(sig); - } + freezero(sig, slen); sshbuf_free(b); return ret; } int ssh_rsa_verify(const struct sshkey *key, - const u_char *sig, size_t siglen, const u_char *data, size_t datalen) + const u_char *sig, size_t siglen, const u_char *data, size_t datalen, + const char *alg) { - char *ktype = NULL; + char *sigtype = NULL; int hash_alg, ret = SSH_ERR_INTERNAL_ERROR; - size_t len, diff, modlen, dlen; + size_t len = 0, diff, modlen, dlen; struct sshbuf *b = NULL; u_char digest[SSH_DIGEST_MAX_LENGTH], *osigblob, *sigblob = NULL; @@ -215,11 +216,19 @@ ssh_rsa_verify(const struct sshkey *key, if ((b = sshbuf_from(sig, siglen)) == NULL) return SSH_ERR_ALLOC_FAIL; - if (sshbuf_get_cstring(b, &ktype, NULL) != 0) { + if (sshbuf_get_cstring(b, &sigtype, NULL) != 0) { ret = SSH_ERR_INVALID_FORMAT; goto out; } - if ((hash_alg = rsa_hash_alg_from_ident(ktype)) == -1) { + /* XXX djm: need cert types that reliably yield SHA-2 signatures */ + if (alg != NULL && strcmp(alg, sigtype) != 0 && + strcmp(alg, "ssh-rsa-cert-v01@openssh.com") != 0) { + error("%s: RSA signature type mismatch: " + "expected %s received %s", __func__, alg, sigtype); + ret = SSH_ERR_SIGNATURE_INVALID; + goto out; + } + if ((hash_alg = rsa_hash_alg_from_ident(sigtype)) == -1) { ret = SSH_ERR_KEY_TYPE_MISMATCH; goto out; } @@ -259,11 +268,8 @@ ssh_rsa_verify(const struct sshkey *key, ret = openssh_RSA_verify(hash_alg, digest, dlen, sigblob, len, key->rsa); out: - if (sigblob != NULL) { - explicit_bzero(sigblob, len); - free(sigblob); - } - free(ktype); + freezero(sigblob, len); + free(sigtype); sshbuf_free(b); explicit_bzero(digest, sizeof(digest)); return ret; @@ -384,10 +390,7 @@ openssh_RSA_verify(int hash_alg, u_char *hash, size_t hashlen, } ret = 0; done: - if (decrypted) { - explicit_bzero(decrypted, rsasize); - free(decrypted); - } + freezero(decrypted, rsasize); return ret; } #endif /* WITH_OPENSSL */ diff --git a/ssh-xmss.c b/ssh-xmss.c new file mode 100644 index 000000000000..4c734fd7d5e2 --- /dev/null +++ b/ssh-xmss.c @@ -0,0 +1,192 @@ +/* $OpenBSD: ssh-xmss.c,v 1.1 2018/02/23 15:58:38 markus Exp $*/ +/* + * Copyright (c) 2017 Stefan-Lukas Gazdag. + * Copyright (c) 2017 Markus Friedl. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ +#include "includes.h" +#ifdef WITH_XMSS + +#define SSHKEY_INTERNAL +#include +#include + +#include +#include +#include + +#include "log.h" +#include "sshbuf.h" +#include "sshkey.h" +#include "sshkey-xmss.h" +#include "ssherr.h" +#include "ssh.h" + +#include "xmss_fast.h" + +int +ssh_xmss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, + const u_char *data, size_t datalen, u_int compat) +{ + u_char *sig = NULL; + size_t slen = 0, len = 0, required_siglen; + unsigned long long smlen; + int r, ret; + struct sshbuf *b = NULL; + + if (lenp != NULL) + *lenp = 0; + if (sigp != NULL) + *sigp = NULL; + + if (key == NULL || + sshkey_type_plain(key->type) != KEY_XMSS || + key->xmss_sk == NULL || + sshkey_xmss_params(key) == NULL) + return SSH_ERR_INVALID_ARGUMENT; + if ((r = sshkey_xmss_siglen(key, &required_siglen)) != 0) + return r; + if (datalen >= INT_MAX - required_siglen) + return SSH_ERR_INVALID_ARGUMENT; + smlen = slen = datalen + required_siglen; + if ((sig = malloc(slen)) == NULL) + return SSH_ERR_ALLOC_FAIL; + if ((r = sshkey_xmss_get_state(key, error)) != 0) + goto out; + if ((ret = xmss_sign(key->xmss_sk, sshkey_xmss_bds_state(key), sig, &smlen, + data, datalen, sshkey_xmss_params(key))) != 0 || smlen <= datalen) { + r = SSH_ERR_INVALID_ARGUMENT; /* XXX better error? */ + goto out; + } + /* encode signature */ + if ((b = sshbuf_new()) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto out; + } + if ((r = sshbuf_put_cstring(b, "ssh-xmss@openssh.com")) != 0 || + (r = sshbuf_put_string(b, sig, smlen - datalen)) != 0) + goto out; + len = sshbuf_len(b); + if (sigp != NULL) { + if ((*sigp = malloc(len)) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto out; + } + memcpy(*sigp, sshbuf_ptr(b), len); + } + if (lenp != NULL) + *lenp = len; + /* success */ + r = 0; + out: + if ((ret = sshkey_xmss_update_state(key, error)) != 0) { + /* discard signature since we cannot update the state */ + if (r == 0 && sigp != NULL && *sigp != NULL) { + explicit_bzero(*sigp, len); + free(*sigp); + } + if (sigp != NULL) + *sigp = NULL; + if (lenp != NULL) + *lenp = 0; + r = ret; + } + sshbuf_free(b); + if (sig != NULL) { + explicit_bzero(sig, slen); + free(sig); + } + + return r; +} + +int +ssh_xmss_verify(const struct sshkey *key, + const u_char *signature, size_t signaturelen, + const u_char *data, size_t datalen, u_int compat) +{ + struct sshbuf *b = NULL; + char *ktype = NULL; + const u_char *sigblob; + u_char *sm = NULL, *m = NULL; + size_t len, required_siglen; + unsigned long long smlen = 0, mlen = 0; + int r, ret; + + if (key == NULL || + sshkey_type_plain(key->type) != KEY_XMSS || + key->xmss_pk == NULL || + sshkey_xmss_params(key) == NULL || + signature == NULL || signaturelen == 0) + return SSH_ERR_INVALID_ARGUMENT; + if ((r = sshkey_xmss_siglen(key, &required_siglen)) != 0) + return r; + if (datalen >= INT_MAX - required_siglen) + return SSH_ERR_INVALID_ARGUMENT; + + if ((b = sshbuf_from(signature, signaturelen)) == NULL) + return SSH_ERR_ALLOC_FAIL; + if ((r = sshbuf_get_cstring(b, &ktype, NULL)) != 0 || + (r = sshbuf_get_string_direct(b, &sigblob, &len)) != 0) + goto out; + if (strcmp("ssh-xmss@openssh.com", ktype) != 0) { + r = SSH_ERR_KEY_TYPE_MISMATCH; + goto out; + } + if (sshbuf_len(b) != 0) { + r = SSH_ERR_UNEXPECTED_TRAILING_DATA; + goto out; + } + if (len != required_siglen) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } + if (datalen >= SIZE_MAX - len) { + r = SSH_ERR_INVALID_ARGUMENT; + goto out; + } + smlen = len + datalen; + mlen = smlen; + if ((sm = malloc(smlen)) == NULL || (m = malloc(mlen)) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto out; + } + memcpy(sm, sigblob, len); + memcpy(sm+len, data, datalen); + if ((ret = xmss_sign_open(m, &mlen, sm, smlen, + key->xmss_pk, sshkey_xmss_params(key))) != 0) { + debug2("%s: crypto_sign_xmss_open failed: %d", + __func__, ret); + } + if (ret != 0 || mlen != datalen) { + r = SSH_ERR_SIGNATURE_INVALID; + goto out; + } + /* XXX compare 'm' and 'data' ? */ + /* success */ + r = 0; + out: + if (sm != NULL) { + explicit_bzero(sm, smlen); + free(sm); + } + if (m != NULL) { + explicit_bzero(m, smlen); /* NB mlen may be invalid if r != 0 */ + free(m); + } + sshbuf_free(b); + free(ktype); + return r; +} +#endif /* WITH_XMSS */ diff --git a/ssh.0 b/ssh.0 index f920dd97e010..228553c8b370 100644 --- a/ssh.0 +++ b/ssh.0 @@ -4,13 +4,13 @@ NAME ssh M-bM-^@M-^S OpenSSH SSH client (remote login program) SYNOPSIS - ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec] - [-D [bind_address:]port] [-E log_file] [-e escape_char] - [-F configfile] [-I pkcs11] [-i identity_file] - [-J [user@]host[:port]] [-L address] [-l login_name] [-m mac_spec] + ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-B bind_interface] [-b bind_address] + [-c cipher_spec] [-D [bind_address:]port] [-E log_file] + [-e escape_char] [-F configfile] [-I pkcs11] [-i identity_file] + [-J destination] [-L address] [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port] [-Q query_option] [-R address] - [-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]] - [user@]hostname [command] + [-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]] destination + [command] DESCRIPTION ssh (SSH client) is a program for logging into a remote machine and for @@ -19,11 +19,12 @@ DESCRIPTION network. X11 connections, arbitrary TCP ports and UNIX-domain sockets can also be forwarded over the secure channel. - ssh connects and logs into the specified hostname (with optional user - name). The user must prove his/her identity to the remote machine using - one of several methods (see below). + ssh connects and logs into the specified destination, which may be + specified as either [user@]hostname or a URI of the form + ssh://[user@]hostname[:port]. The user must prove his/her identity to + the remote machine using one of several methods (see below). - If command is specified, it is executed on the remote host instead of a + If a command is specified, it is executed on the remote host instead of a login shell. The options are as follows: @@ -46,6 +47,11 @@ DESCRIPTION -a Disables forwarding of the authentication agent connection. + -B bind_interface + Bind to the address of bind_interface before attempting to + connect to the destination host. This is only useful on systems + with more than one address. + -b bind_address Use bind_address on the local machine as the source address of the connection. Only useful on systems with more than one @@ -138,12 +144,12 @@ DESCRIPTION information from the filename obtained by appending -cert.pub to identity filenames. - -J [user@]host[:port] + -J destination Connect to the target host by first making a ssh connection to - the jump host and then establishing a TCP forwarding to the - ultimate destination from there. Multiple jump hops may be - specified separated by comma characters. This is a shortcut to - specify a ProxyJump configuration directive. + the jump host described by destination and then establishing a + TCP forwarding to the ultimate destination from there. Multiple + jump hops may be specified separated by comma characters. This + is a shortcut to specify a ProxyJump configuration directive. -K Enables GSSAPI-based authentication and forwarding (delegation) of GSSAPI credentials to the server. @@ -785,6 +791,16 @@ ENVIRONMENT command. If the current session has no tty, this variable is not set. + SSH_TUNNEL Optionally set by sshd(8) to contain the interface + names assigned if tunnel forwarding was requested + by the client. + + SSH_USER_AUTH Optionally set by sshd(8), this variable may + contain a pathname to a file that lists the + authentication methods successfully used when the + session was established, including any public keys + that were used. + TZ This variable is set to indicate the present time zone if it was set when the daemon was started (i.e. the daemon passes the value on to new @@ -846,7 +862,7 @@ FILES ignore a private key file if it is accessible by others. It is possible to specify a passphrase when generating the key which will be used to encrypt the sensitive part of this file using - 3DES. + AES-128. ~/.ssh/id_dsa.pub ~/.ssh/id_ecdsa.pub @@ -957,4 +973,4 @@ AUTHORS created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -OpenBSD 6.2 September 21, 2017 OpenBSD 6.2 +OpenBSD 6.2 February 23, 2018 OpenBSD 6.2 diff --git a/ssh.1 b/ssh.1 index 2ab1697f95de..b4078525b32a 100644 --- a/ssh.1 +++ b/ssh.1 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.384 2017/09/21 19:16:53 markus Exp $ -.Dd $Mdocdate: September 21 2017 $ +.\" $OpenBSD: ssh.1,v 1.391 2018/02/23 07:38:09 jmc Exp $ +.Dd $Mdocdate: February 23 2018 $ .Dt SSH 1 .Os .Sh NAME @@ -42,8 +42,8 @@ .Nd OpenSSH SSH client (remote login program) .Sh SYNOPSIS .Nm ssh -.Bk -words .Op Fl 46AaCfGgKkMNnqsTtVvXxYy +.Op Fl B Ar bind_interface .Op Fl b Ar bind_address .Op Fl c Ar cipher_spec .Op Fl D Oo Ar bind_address : Oc Ns Ar port @@ -52,7 +52,7 @@ .Op Fl F Ar configfile .Op Fl I Ar pkcs11 .Op Fl i Ar identity_file -.Op Fl J Oo Ar user Ns @ Oc Ns Ar host Ns Op : Ns Ar port +.Op Fl J Ar destination .Op Fl L Ar address .Op Fl l Ar login_name .Op Fl m Ar mac_spec @@ -64,9 +64,8 @@ .Op Fl S Ar ctl_path .Op Fl W Ar host : Ns Ar port .Op Fl w Ar local_tun Ns Op : Ns Ar remote_tun -.Oo Ar user Ns @ Oc Ns Ar hostname +.Ar destination .Op Ar command -.Ek .Sh DESCRIPTION .Nm (SSH client) is a program for logging into a remote machine and for @@ -79,15 +78,20 @@ sockets can also be forwarded over the secure channel. .Pp .Nm connects and logs into the specified -.Ar hostname -(with optional -.Ar user -name). +.Ar destination , +which may be specified as either +.Sm off +.Oo user @ Oc hostname +.Sm on +or a URI of the form +.Sm off +.No ssh:// Oo user @ Oc hostname Op : port . +.Sm on The user must prove his/her identity to the remote machine using one of several methods (see below). .Pp -If +If a .Ar command is specified, it is executed on the remote host instead of a login shell. @@ -121,6 +125,12 @@ authenticate using the identities loaded into the agent. .It Fl a Disables forwarding of the authentication agent connection. .Pp +.It Fl B Ar bind_interface +Bind to the address of +.Ar bind_interface +before attempting to connect to the destination host. +This is only useful on systems with more than one address. +.Pp .It Fl b Ar bind_address Use .Ar bind_address @@ -287,17 +297,11 @@ by appending .Pa -cert.pub to identity filenames. .Pp -.It Fl J Xo -.Sm off -.Op Ar user No @ -.Ar host -.Op : Ar port -.Sm on -.Xc +.It Fl J Ar destination Connect to the target host by first making a .Nm -connection to the jump -.Ar host +connection to the jump host described by +.Ar destination and then establishing a TCP forwarding to the ultimate destination from there. Multiple jump hops may be specified separated by comma characters. @@ -1393,6 +1397,17 @@ This is set to the name of the tty (path to the device) associated with the current shell or command. If the current session has no tty, this variable is not set. +.It Ev SSH_TUNNEL +Optionally set by +.Xr sshd 8 +to contain the interface names assigned if tunnel forwarding was +requested by the client. +.It Ev SSH_USER_AUTH +Optionally set by +.Xr sshd 8 , +this variable may contain a pathname to a file that lists the authentication +methods successfully used when the session was established, including any +public keys that were used. .It Ev TZ This variable is set to indicate the present time zone if it was set when the daemon was started (i.e. the daemon passes the value @@ -1474,7 +1489,7 @@ accessible by others (read/write/execute). will simply ignore a private key file if it is accessible by others. It is possible to specify a passphrase when generating the key which will be used to encrypt the -sensitive part of this file using 3DES. +sensitive part of this file using AES-128. .Pp .It Pa ~/.ssh/id_dsa.pub .It Pa ~/.ssh/id_ecdsa.pub diff --git a/ssh.c b/ssh.c index ae37432bd47e..d3619fe292a2 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.464 2017/09/21 19:16:53 markus Exp $ */ +/* $OpenBSD: ssh.c,v 1.475 2018/02/23 15:58:38 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -168,6 +168,10 @@ char *config = NULL; */ char *host; +/* Various strings used to to percent_expand() arguments */ +static char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV]; +static char uidstr[32], *host_arg, *conn_hash_hex; + /* socket address the host resolves to */ struct sockaddr_storage hostaddr; @@ -197,19 +201,19 @@ static void usage(void) { fprintf(stderr, -"usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]\n" -" [-D [bind_address:]port] [-E log_file] [-e escape_char]\n" -" [-F configfile] [-I pkcs11] [-i identity_file]\n" -" [-J [user@]host[:port]] [-L address] [-l login_name] [-m mac_spec]\n" -" [-O ctl_cmd] [-o option] [-p port] [-Q query_option] [-R address]\n" -" [-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]]\n" -" [user@]hostname [command]\n" +"usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-B bind_interface]\n" +" [-b bind_address] [-c cipher_spec] [-D [bind_address:]port]\n" +" [-E log_file] [-e escape_char] [-F configfile] [-I pkcs11]\n" +" [-i identity_file] [-J [user@]host[:port]] [-L address]\n" +" [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]\n" +" [-Q query_option] [-R address] [-S ctl_path] [-W host:port]\n" +" [-w local_tun[:remote_tun]] destination [command]\n" ); exit(255); } -static int ssh_session2(struct ssh *); -static void load_public_identity_files(void); +static int ssh_session2(struct ssh *, struct passwd *); +static void load_public_identity_files(struct passwd *); static void main_sigchld_handler(int); /* ~/ expand a list of paths. NB. assumes path[n] is heap-allocated. */ @@ -267,6 +271,40 @@ resolve_host(const char *name, int port, int logerr, char *cname, size_t clen) return res; } +/* Returns non-zero if name can only be an address and not a hostname */ +static int +is_addr_fast(const char *name) +{ + return (strchr(name, '%') != NULL || strchr(name, ':') != NULL || + strspn(name, "0123456789.") == strlen(name)); +} + +/* Returns non-zero if name represents a valid, single address */ +static int +is_addr(const char *name) +{ + char strport[NI_MAXSERV]; + struct addrinfo hints, *res; + + if (is_addr_fast(name)) + return 1; + + snprintf(strport, sizeof strport, "%u", default_ssh_port()); + memset(&hints, 0, sizeof(hints)); + hints.ai_family = options.address_family == -1 ? + AF_UNSPEC : options.address_family; + hints.ai_socktype = SOCK_STREAM; + hints.ai_flags = AI_NUMERICHOST|AI_NUMERICSERV; + if (getaddrinfo(name, strport, &hints, &res) != 0) + return 0; + if (res == NULL || res->ai_next != NULL) { + freeaddrinfo(res); + return 0; + } + freeaddrinfo(res); + return 1; +} + /* * Attempt to resolve a numeric host address / port to a single address. * Returns a canonical address string. @@ -372,6 +410,33 @@ resolve_canonicalize(char **hostp, int port) char *cp, *fullhost, newname[NI_MAXHOST]; struct addrinfo *addrs; + /* + * Attempt to canonicalise addresses, regardless of + * whether hostname canonicalisation was requested + */ + if ((addrs = resolve_addr(*hostp, port, + newname, sizeof(newname))) != NULL) { + debug2("%s: hostname %.100s is address", __func__, *hostp); + if (strcasecmp(*hostp, newname) != 0) { + debug2("%s: canonicalised address \"%s\" => \"%s\"", + __func__, *hostp, newname); + free(*hostp); + *hostp = xstrdup(newname); + } + return addrs; + } + + /* + * If this looks like an address but didn't parse as one, it might + * be an address with an invalid interface scope. Skip further + * attempts at canonicalisation. + */ + if (is_addr_fast(*hostp)) { + debug("%s: hostname %.100s is an unrecognised address", + __func__, *hostp); + return NULL; + } + if (options.canonicalize_hostname == SSH_CANONICALISE_NO) return NULL; @@ -385,19 +450,6 @@ resolve_canonicalize(char **hostp, int port) options.canonicalize_hostname != SSH_CANONICALISE_ALWAYS) return NULL; - /* Try numeric hostnames first */ - if ((addrs = resolve_addr(*hostp, port, - newname, sizeof(newname))) != NULL) { - debug2("%s: hostname %.100s is address", __func__, *hostp); - if (strcasecmp(*hostp, newname) != 0) { - debug2("%s: canonicalised address \"%s\" => \"%s\"", - __func__, *hostp, newname); - free(*hostp); - *hostp = xstrdup(newname); - } - return addrs; - } - /* If domain name is anchored, then resolve it now */ if ((*hostp)[strlen(*hostp) - 1] == '.') { debug3("%s: name is fully qualified", __func__); @@ -456,14 +508,14 @@ resolve_canonicalize(char **hostp, int port) * file if the user specifies a config file on the command line. */ static void -process_config_files(const char *host_arg, struct passwd *pw, int post_canon) +process_config_files(const char *host_name, struct passwd *pw, int post_canon) { char buf[PATH_MAX]; int r; if (config != NULL) { if (strcasecmp(config, "none") != 0 && - !read_config_file(config, pw, host, host_arg, &options, + !read_config_file(config, pw, host, host_name, &options, SSHCONF_USERCONF | (post_canon ? SSHCONF_POSTCANON : 0))) fatal("Can't open user config file %.100s: " "%.100s", config, strerror(errno)); @@ -471,13 +523,13 @@ process_config_files(const char *host_arg, struct passwd *pw, int post_canon) r = snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, _PATH_SSH_USER_CONFFILE); if (r > 0 && (size_t)r < sizeof(buf)) - (void)read_config_file(buf, pw, host, host_arg, + (void)read_config_file(buf, pw, host, host_name, &options, SSHCONF_CHECKPERM | SSHCONF_USERCONF | (post_canon ? SSHCONF_POSTCANON : 0)); /* Read systemwide configuration file after user config. */ (void)read_config_file(_PATH_HOST_CONFIG_FILE, pw, - host, host_arg, &options, + host, host_name, &options, post_canon ? SSHCONF_POSTCANON : 0); } } @@ -510,10 +562,9 @@ main(int ac, char **av) { struct ssh *ssh = NULL; int i, r, opt, exit_status, use_syslog, direct, timeout_ms; - int config_test = 0, opt_terminated = 0; - char *p, *cp, *line, *argv0, buf[PATH_MAX], *host_arg, *logfile; - char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV]; - char cname[NI_MAXHOST], uidstr[32], *conn_hash_hex; + int was_addr, config_test = 0, opt_terminated = 0; + char *p, *cp, *line, *argv0, buf[PATH_MAX], *logfile; + char cname[NI_MAXHOST]; struct stat st; struct passwd *pw; extern int optind, optreset; @@ -612,7 +663,7 @@ main(int ac, char **av) again: while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx" - "ACD:E:F:GI:J:KL:MNO:PQ:R:S:TVw:W:XYy")) != -1) { + "AB:CD:E:F:GI:J:KL:MNO:PQ:R:S:TVw:W:XYy")) != -1) { switch (opt) { case '1': fatal("SSH protocol v.1 is no longer supported"); @@ -846,14 +897,18 @@ main(int ac, char **av) options.control_master = SSHCTL_MASTER_YES; break; case 'p': - options.port = a2port(optarg); - if (options.port <= 0) { - fprintf(stderr, "Bad port '%s'\n", optarg); - exit(255); + if (options.port == -1) { + options.port = a2port(optarg); + if (options.port <= 0) { + fprintf(stderr, "Bad port '%s'\n", + optarg); + exit(255); + } } break; case 'l': - options.user = optarg; + if (options.user == NULL) + options.user = optarg; break; case 'L': @@ -918,6 +973,9 @@ main(int ac, char **av) case 'b': options.bind_address = optarg; break; + case 'B': + options.bind_interface = optarg; + break; case 'F': config = optarg; break; @@ -933,16 +991,38 @@ main(int ac, char **av) av += optind; if (ac > 0 && !host) { - if (strrchr(*av, '@')) { + int tport; + char *tuser; + switch (parse_ssh_uri(*av, &tuser, &host, &tport)) { + case -1: + usage(); + break; + case 0: + if (options.user == NULL) { + options.user = tuser; + tuser = NULL; + } + free(tuser); + if (options.port == -1 && tport != -1) + options.port = tport; + break; + default: p = xstrdup(*av); cp = strrchr(p, '@'); - if (cp == NULL || cp == p) - usage(); - options.user = p; - *cp = '\0'; - host = xstrdup(++cp); - } else - host = xstrdup(*av); + if (cp != NULL) { + if (cp == p) + usage(); + if (options.user == NULL) { + options.user = p; + p = NULL; + } + *cp++ = '\0'; + host = xstrdup(cp); + free(p); + } else + host = p; + break; + } if (ac > 1 && !opt_terminated) { optind = optreset = 1; goto again; @@ -994,9 +1074,9 @@ main(int ac, char **av) if (logfile != NULL) log_redirect_stderr_to(logfile); log_init(argv0, - options.log_level == SYSLOG_LEVEL_NOT_SET ? + options.log_level == SYSLOG_LEVEL_NOT_SET ? SYSLOG_LEVEL_INFO : options.log_level, - options.log_facility == SYSLOG_FACILITY_NOT_SET ? + options.log_facility == SYSLOG_FACILITY_NOT_SET ? SYSLOG_FACILITY_USER : options.log_facility, !use_syslog); @@ -1026,16 +1106,22 @@ main(int ac, char **av) options.hostname = xstrdup(host); } - /* If canonicalization requested then try to apply it */ - lowercase(host); - if (options.canonicalize_hostname != SSH_CANONICALISE_NO) + /* Don't lowercase addresses, they will be explicitly canonicalised */ + if ((was_addr = is_addr(host)) == 0) + lowercase(host); + + /* + * Try to canonicalize if requested by configuration or the + * hostname is an address. + */ + if (options.canonicalize_hostname != SSH_CANONICALISE_NO || was_addr) addrs = resolve_canonicalize(&host, options.port); /* * If CanonicalizePermittedCNAMEs have been specified but * other canonicalization did not happen (by not being requested * or by failing with fallback) then the hostname may still be changed - * as a result of CNAME following. + * as a result of CNAME following. * * Try to resolve the bare hostname name using the system resolver's * usual search rules and then apply the CNAME follow rules. @@ -1177,6 +1263,7 @@ main(int ac, char **av) if (options.user == NULL) options.user = xstrdup(pw->pw_name); + /* Set up strings used to percent_expand() arguments */ if (gethostname(thishost, sizeof(thishost)) == -1) fatal("gethostname: %s", strerror(errno)); strlcpy(shorthost, thishost, sizeof(shorthost)); @@ -1194,24 +1281,11 @@ main(int ac, char **av) ssh_digest_free(md); conn_hash_hex = tohex(conn_hash, ssh_digest_bytes(SSH_DIGEST_SHA1)); - if (options.local_command != NULL) { - debug3("expanding LocalCommand: %s", options.local_command); - cp = options.local_command; - options.local_command = percent_expand(cp, - "C", conn_hash_hex, - "L", shorthost, - "d", pw->pw_dir, - "h", host, - "l", thishost, - "n", host_arg, - "p", portstr, - "r", options.user, - "u", pw->pw_name, - (char *)NULL); - debug3("expanded LocalCommand: %s", options.local_command); - free(cp); - } - + /* + * Expand tokens in arguments. NB. LocalCommand is expanded later, + * after port-forwarding is set up, so it may pick up any local + * tunnel interface name allocated. + */ if (options.remote_command != NULL) { debug3("expanding RemoteCommand: %s", options.remote_command); cp = options.remote_command; @@ -1230,7 +1304,6 @@ main(int ac, char **av) free(cp); buffer_append(&command, options.remote_command, strlen(options.remote_command)); - } if (options.control_path != NULL) { @@ -1311,7 +1384,7 @@ main(int ac, char **av) sensitive_data.keys = NULL; sensitive_data.external_keysign = 0; if (options.hostbased_authentication) { - sensitive_data.nkeys = 9; + sensitive_data.nkeys = 11; sensitive_data.keys = xcalloc(sensitive_data.nkeys, sizeof(struct sshkey)); /* XXX */ for (i = 0; i < sensitive_data.nkeys; i++) @@ -1338,6 +1411,10 @@ main(int ac, char **av) _PATH_HOST_RSA_KEY_FILE, "", NULL, NULL); sensitive_data.keys[8] = key_load_private_type(KEY_DSA, _PATH_HOST_DSA_KEY_FILE, "", NULL, NULL); + sensitive_data.keys[9] = key_load_private_cert(KEY_XMSS, + _PATH_HOST_XMSS_KEY_FILE, "", NULL); + sensitive_data.keys[10] = key_load_private_type(KEY_XMSS, + _PATH_HOST_XMSS_KEY_FILE, "", NULL, NULL); PRIV_END; if (options.hostbased_authentication == 1 && @@ -1345,7 +1422,8 @@ main(int ac, char **av) sensitive_data.keys[5] == NULL && sensitive_data.keys[6] == NULL && sensitive_data.keys[7] == NULL && - sensitive_data.keys[8] == NULL) { + sensitive_data.keys[8] == NULL && + sensitive_data.keys[9] == NULL) { #ifdef OPENSSL_HAS_ECC sensitive_data.keys[1] = key_load_cert( _PATH_HOST_ECDSA_KEY_FILE); @@ -1366,6 +1444,10 @@ main(int ac, char **av) _PATH_HOST_RSA_KEY_FILE, NULL); sensitive_data.keys[8] = key_load_public( _PATH_HOST_DSA_KEY_FILE, NULL); + sensitive_data.keys[9] = key_load_cert( + _PATH_HOST_XMSS_KEY_FILE); + sensitive_data.keys[10] = key_load_public( + _PATH_HOST_XMSS_KEY_FILE, NULL); sensitive_data.external_keysign = 1; } } @@ -1401,7 +1483,7 @@ main(int ac, char **av) } } /* load options.identity_files */ - load_public_identity_files(); + load_public_identity_files(pw); /* optionally set the SSH_AUTHSOCKET_ENV_NAME varibale */ if (options.identity_agent && @@ -1465,7 +1547,7 @@ main(int ac, char **av) } skip_connect: - exit_status = ssh_session2(ssh); + exit_status = ssh_session2(ssh, pw); packet_close(); if (options.control_path != NULL && muxserver_sock != -1) @@ -1485,29 +1567,29 @@ control_persist_detach(void) debug("%s: backgrounding master process", __func__); - /* - * master (current process) into the background, and make the - * foreground process a client of the backgrounded master. - */ + /* + * master (current process) into the background, and make the + * foreground process a client of the backgrounded master. + */ switch ((pid = fork())) { case -1: fatal("%s: fork: %s", __func__, strerror(errno)); case 0: /* Child: master process continues mainloop */ - break; - default: + break; + default: /* Parent: set up mux slave to connect to backgrounded master */ debug2("%s: background process is %ld", __func__, (long)pid); stdin_null_flag = ostdin_null_flag; options.request_tty = orequest_tty; tty_flag = otty_flag; - close(muxserver_sock); - muxserver_sock = -1; + close(muxserver_sock); + muxserver_sock = -1; options.control_master = SSHCTL_MASTER_NO; - muxclient(options.control_path); + muxclient(options.control_path); /* muxclient() doesn't return on success. */ - fatal("Failed to connect to new control master"); - } + fatal("Failed to connect to new control master"); + } if ((devnull = open(_PATH_DEVNULL, O_RDWR)) == -1) { error("%s: open(\"/dev/null\"): %s", __func__, strerror(errno)); @@ -1562,7 +1644,7 @@ ssh_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt) channel_update_permitted_opens(ssh, rfwd->handle, -1); } } - + if (type == SSH2_MSG_REQUEST_FAILURE) { if (options.exit_on_forward_failure) { if (rfwd->listen_path != NULL) @@ -1624,7 +1706,7 @@ ssh_init_stdio_forwarding(struct ssh *ssh) } static void -ssh_init_forwarding(struct ssh *ssh) +ssh_init_forwarding(struct ssh *ssh, char **ifname) { int success = 0; int i; @@ -1682,14 +1764,15 @@ ssh_init_forwarding(struct ssh *ssh) /* Initiate tunnel forwarding. */ if (options.tun_open != SSH_TUNMODE_NO) { - if (client_request_tun_fwd(ssh, options.tun_open, - options.tun_local, options.tun_remote) == -1) { + if ((*ifname = client_request_tun_fwd(ssh, + options.tun_open, options.tun_local, + options.tun_remote)) == NULL) { if (options.exit_on_forward_failure) fatal("Could not request tunnel forwarding."); else error("Could not request tunnel forwarding."); } - } + } } static void @@ -1798,20 +1881,41 @@ ssh_session2_open(struct ssh *ssh) } static int -ssh_session2(struct ssh *ssh) +ssh_session2(struct ssh *ssh, struct passwd *pw) { - int id = -1; + int devnull, id = -1; + char *cp, *tun_fwd_ifname = NULL; /* XXX should be pre-session */ if (!options.control_persist) ssh_init_stdio_forwarding(ssh); - ssh_init_forwarding(ssh); + + ssh_init_forwarding(ssh, &tun_fwd_ifname); + + if (options.local_command != NULL) { + debug3("expanding LocalCommand: %s", options.local_command); + cp = options.local_command; + options.local_command = percent_expand(cp, + "C", conn_hash_hex, + "L", shorthost, + "d", pw->pw_dir, + "h", host, + "l", thishost, + "n", host_arg, + "p", portstr, + "r", options.user, + "u", pw->pw_name, + "T", tun_fwd_ifname == NULL ? "NONE" : tun_fwd_ifname, + (char *)NULL); + debug3("expanded LocalCommand: %s", options.local_command); + free(cp); + } /* Start listening for multiplex clients */ if (!packet_get_mux()) muxserver_listen(ssh); - /* + /* * If we are in control persist mode and have a working mux listen * socket, then prepare to background ourselves and have a foreground * client attach as a control slave. @@ -1820,18 +1924,18 @@ ssh_session2(struct ssh *ssh) * after the connection is fully established (in particular, * async rfwd replies have been received for ExitOnForwardFailure). */ - if (options.control_persist && muxserver_sock != -1) { + if (options.control_persist && muxserver_sock != -1) { ostdin_null_flag = stdin_null_flag; ono_shell_flag = no_shell_flag; orequest_tty = options.request_tty; otty_flag = tty_flag; - stdin_null_flag = 1; - no_shell_flag = 1; - tty_flag = 0; + stdin_null_flag = 1; + no_shell_flag = 1; + tty_flag = 0; if (!fork_after_authentication_flag) need_controlpersist_detach = 1; fork_after_authentication_flag = 1; - } + } /* * ControlPersist mux listen socket setup failed, attempt the * stdio forward setup that we skipped earlier. @@ -1839,7 +1943,7 @@ ssh_session2(struct ssh *ssh) if (options.control_persist && muxserver_sock == -1) ssh_init_stdio_forwarding(ssh); - if (!no_shell_flag || (datafellows & SSH_BUG_DUMMYCHAN)) + if (!no_shell_flag) id = ssh_session2_open(ssh); else { packet_set_interactive( @@ -1862,6 +1966,22 @@ ssh_session2(struct ssh *ssh) options.permit_local_command) ssh_local_cmd(options.local_command); + /* + * stdout is now owned by the session channel; clobber it here + * so future channel closes are propagated to the local fd. + * NB. this can only happen after LocalCommand has completed, + * as it may want to write to stdout. + */ + if (!need_controlpersist_detach) { + if ((devnull = open(_PATH_DEVNULL, O_WRONLY)) == -1) + error("%s: open %s: %s", __func__, + _PATH_DEVNULL, strerror(errno)); + if (dup2(devnull, STDOUT_FILENO) < 0) + fatal("%s: dup2() stdout failed", __func__); + if (devnull > STDERR_FILENO) + close(devnull); + } + /* * If requested and we are not interested in replies to remote * forwarding requests, then let ssh continue in the background. @@ -1881,12 +2001,10 @@ ssh_session2(struct ssh *ssh) /* Loads all IdentityFile and CertificateFile keys */ static void -load_public_identity_files(void) +load_public_identity_files(struct passwd *pw) { - char *filename, *cp, thishost[NI_MAXHOST]; - char *pwdir = NULL, *pwname = NULL; + char *filename, *cp; struct sshkey *public; - struct passwd *pw; int i; u_int n_ids, n_certs; char *identity_files[SSH_MAX_IDENTITY_FILES]; @@ -1925,11 +2043,6 @@ load_public_identity_files(void) #endif /* ENABLE_PKCS11 */ if ((pw = getpwuid(original_real_uid)) == NULL) fatal("load_public_identity_files: getpwuid failed"); - pwname = xstrdup(pw->pw_name); - pwdir = xstrdup(pw->pw_dir); - if (gethostname(thishost, sizeof(thishost)) == -1) - fatal("load_public_identity_files: gethostname: %s", - strerror(errno)); for (i = 0; i < options.num_identity_files; i++) { if (n_ids >= SSH_MAX_IDENTITY_FILES || strcasecmp(options.identity_files[i], "none") == 0) { @@ -1939,8 +2052,8 @@ load_public_identity_files(void) } cp = tilde_expand_filename(options.identity_files[i], original_real_uid); - filename = percent_expand(cp, "d", pwdir, - "u", pwname, "l", thishost, "h", host, + filename = percent_expand(cp, "d", pw->pw_dir, + "u", pw->pw_name, "l", thishost, "h", host, "r", options.user, (char *)NULL); free(cp); public = key_load_public(filename, NULL); @@ -1985,8 +2098,8 @@ load_public_identity_files(void) for (i = 0; i < options.num_certificate_files; i++) { cp = tilde_expand_filename(options.certificate_files[i], original_real_uid); - filename = percent_expand(cp, "d", pwdir, - "u", pwname, "l", thishost, "h", host, + filename = percent_expand(cp, "d", pw->pw_dir, + "u", pw->pw_name, "l", thishost, "h", host, "r", options.user, (char *)NULL); free(cp); @@ -2019,11 +2132,6 @@ load_public_identity_files(void) memcpy(options.certificate_files, certificate_files, sizeof(certificate_files)); memcpy(options.certificates, certificates, sizeof(certificates)); - - explicit_bzero(pwname, strlen(pwname)); - free(pwname); - explicit_bzero(pwdir, strlen(pwdir)); - free(pwdir); } static void @@ -2036,7 +2144,5 @@ main_sigchld_handler(int sig) while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || (pid < 0 && errno == EINTR)) ; - - signal(sig, main_sigchld_handler); errno = save_errno; } diff --git a/ssh_config.0 b/ssh_config.0 index 9493953ab187..4109b1909038 100644 --- a/ssh_config.0 +++ b/ssh_config.0 @@ -112,6 +112,11 @@ DESCRIPTION one address. Note that this option does not work if UsePrivilegedPort is set to yes. + BindInterface + Use the address of the specified interface on the local machine + as the source address of the connection. Note that this option + does not work if UsePrivilegedPort is set to yes. + CanonicalDomains When CanonicalizeHostname is enabled, this option specifies the list of domain suffixes in which to search for the specified @@ -583,7 +588,10 @@ DESCRIPTION curve25519-sha256,curve25519-sha256@libssh.org, ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, diffie-hellman-group-exchange-sha256, + diffie-hellman-group16-sha512, + diffie-hellman-group18-sha512, diffie-hellman-group-exchange-sha1, + diffie-hellman-group14-sha256, diffie-hellman-group14-sha1 The list of available key exchange algorithms may also be @@ -652,12 +660,8 @@ DESCRIPTION "ssh -Q mac". NoHostAuthenticationForLocalhost - This option can be used if the home directory is shared across - machines. In this case localhost will refer to a different - machine on each of the machines and the user will get many - warnings about changed host keys. However, this option disables - host authentication for localhost. The argument to this keyword - must be yes or no (the default). + Disable host authentication for localhost (loopback addresses). + The argument to this keyword must be yes or no (the default). NumberOfPasswordPrompts Specifies the number of password prompts before giving up. The @@ -713,12 +717,12 @@ DESCRIPTION ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p ProxyJump - Specifies one or more jump proxies as [user@]host[:port]. - Multiple proxies may be separated by comma characters and will be - visited sequentially. Setting this option will cause ssh(1) to - connect to the target host by first making a ssh(1) connection to - the specified ProxyJump host and then establishing a TCP - forwarding to the ultimate target from there. + Specifies one or more jump proxies as either [user@]host[:port] + or an ssh URI. Multiple proxies may be separated by comma + characters and will be visited sequentially. Setting this option + will cause ssh(1) to connect to the target host by first making a + ssh(1) connection to the specified ProxyJump host and then + establishing a TCP forwarding to the ultimate target from there. Note that this option will compete with the ProxyCommand option - whichever is specified first will prevent later instances of the @@ -883,8 +887,8 @@ DESCRIPTION If this flag is set to yes, ssh(1) will never automatically add host keys to the ~/.ssh/known_hosts file, and refuses to connect to hosts whose host key has changed. This provides maximum - protection against trojan horse attacks, though it can be - annoying when the /etc/ssh/ssh_known_hosts file is poorly + protection against man-in-the-middle (MITM) attacks, though it + can be annoying when the /etc/ssh/ssh_known_hosts file is poorly maintained or when connections to new hosts are frequently made. This option forces the user to manually add all new hosts. @@ -918,6 +922,7 @@ DESCRIPTION dies. This is important in scripts, and many users want it too. To disable TCP keepalive messages, the value should be set to no. + See also ServerAliveInterval for protocol-level keepalives. Tunnel Request tun(4) device forwarding between the client and the server. The argument must be yes, point-to-point (layer 3), @@ -1012,12 +1017,23 @@ PATTERNS from="!*.dialup.example.com,*.example.com" + Note that a negated match will never produce a positive result by itself. + For example, attempting to match "host3" against the following pattern- + list will fail: + + from="!host1,!host2" + + The solution here is to include a term that will yield a positive match, + such as a wildcard: + + from="!host1,!host2,*" + TOKENS Arguments to some keywords can make use of tokens, which are expanded at runtime: %% A literal M-bM-^@M-^X%M-bM-^@M-^Y. - %C Shorthand for %l%h%p%r. + %C Hash of %l%h%p%r. %d Local user's home directory. %h The remote hostname. %i The local user ID. @@ -1026,6 +1042,8 @@ TOKENS %n The original remote hostname, as given on the command line. %p The remote port. %r The remote username. + %T The local tun(4) or tap(4) network interface assigned if + tunnel forwarding was requested, or "NONE" otherwise. %u The local username. Match exec accepts the tokens %%, %h, %L, %l, %n, %p, %r, and %u. @@ -1040,7 +1058,8 @@ TOKENS IdentityAgent and IdentityFile accept the tokens %%, %d, %h, %l, %r, and %u. - LocalCommand accepts the tokens %%, %C, %d, %h, %l, %n, %p, %r, and %u. + LocalCommand accepts the tokens %%, %C, %d, %h, %l, %n, %p, %r, %T, and + %u. ProxyCommand accepts the tokens %%, %h, %p, and %r. @@ -1070,4 +1089,4 @@ AUTHORS created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -OpenBSD 6.2 September 21, 2017 OpenBSD 6.2 +OpenBSD 6.2 February 23, 2018 OpenBSD 6.2 diff --git a/ssh_config.5 b/ssh_config.5 index eab8dd01c22a..71705cabddaa 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.256 2017/09/21 19:16:53 markus Exp $ -.Dd $Mdocdate: September 21 2017 $ +.\" $OpenBSD: ssh_config.5,v 1.268 2018/02/23 07:38:09 jmc Exp $ +.Dd $Mdocdate: February 23 2018 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -262,6 +262,13 @@ Note that this option does not work if .Cm UsePrivilegedPort is set to .Cm yes . +.It Cm BindInterface +Use the address of the specified interface on the local machine as the +source address of the connection. +Note that this option does not work if +.Cm UsePrivilegedPort +is set to +.Cm yes . .It Cm CanonicalDomains When .Cm CanonicalizeHostname @@ -1015,7 +1022,10 @@ The default is: curve25519-sha256,curve25519-sha256@libssh.org, ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, diffie-hellman-group-exchange-sha256, +diffie-hellman-group16-sha512, +diffie-hellman-group18-sha512, diffie-hellman-group-exchange-sha1, +diffie-hellman-group14-sha256, diffie-hellman-group14-sha1 .Ed .Pp @@ -1107,10 +1117,7 @@ hmac-sha2-256,hmac-sha2-512,hmac-sha1 The list of available MAC algorithms may also be obtained using .Qq ssh -Q mac . .It Cm NoHostAuthenticationForLocalhost -This option can be used if the home directory is shared across machines. -In this case localhost will refer to a different machine on each of -the machines and the user will get many warnings about changed host keys. -However, this option disables host authentication for localhost. +Disable host authentication for localhost (loopback addresses). The argument to this keyword must be .Cm yes or @@ -1198,13 +1205,14 @@ For example, the following directive would connect via an HTTP proxy at ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p .Ed .It Cm ProxyJump -Specifies one or more jump proxies as +Specifies one or more jump proxies as either .Xo .Sm off .Op Ar user No @ .Ar host .Op : Ns Ar port .Sm on +or an ssh URI .Xc . Multiple proxies may be separated by comma characters and will be visited sequentially. @@ -1457,7 +1465,7 @@ If this flag is set to will never automatically add host keys to the .Pa ~/.ssh/known_hosts file, and refuses to connect to hosts whose host key has changed. -This provides maximum protection against trojan horse attacks, +This provides maximum protection against man-in-the-middle (MITM) attacks, though it can be annoying when the .Pa /etc/ssh/ssh_known_hosts file is poorly maintained or when connections to new hosts are @@ -1509,6 +1517,9 @@ This is important in scripts, and many users want it too. .Pp To disable TCP keepalive messages, the value should be set to .Cm no . +See also +.Cm ServerAliveInterval +for protocol-level keepalives. .It Cm Tunnel Request .Xr tun 4 @@ -1674,6 +1685,18 @@ pool, the following entry (in authorized_keys) could be used: .Pp .Dl from=\&"!*.dialup.example.com,*.example.com\&" +.Pp +Note that a negated match will never produce a positive result by itself. +For example, attempting to match +.Qq host3 +against the following pattern-list will fail: +.Pp +.Dl from=\&"!host1,!host2\&" +.Pp +The solution here is to include a term that will yield a positive match, +such as a wildcard: +.Pp +.Dl from=\&"!host1,!host2,*\&" .Sh TOKENS Arguments to some keywords can make use of tokens, which are expanded at runtime: @@ -1683,7 +1706,7 @@ which are expanded at runtime: A literal .Sq % . .It \&%C -Shorthand for %l%h%p%r. +Hash of %l%h%p%r. .It %d Local user's home directory. .It %h @@ -1700,6 +1723,15 @@ The original remote hostname, as given on the command line. The remote port. .It %r The remote username. +.It \&%T +The local +.Xr tun 4 +or +.Xr tap 4 +network interface assigned if +tunnel forwarding was requested, or +.Qq NONE +otherwise. .It %u The local username. .El @@ -1722,7 +1754,7 @@ and accept the tokens %%, %d, %h, %l, %r, and %u. .Pp .Cm LocalCommand -accepts the tokens %%, %C, %d, %h, %l, %n, %p, %r, and %u. +accepts the tokens %%, %C, %d, %h, %l, %n, %p, %r, %T, and %u. .Pp .Cm ProxyCommand accepts the tokens %%, %h, %p, and %r. diff --git a/sshconnect.c b/sshconnect.c index dc7a704d2a2d..3805d35d9845 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.287 2017/09/14 04:32:21 djm Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.297 2018/02/23 15:58:38 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -23,6 +23,7 @@ # include #endif +#include #include #include @@ -43,6 +44,9 @@ #include #include #include +#ifdef HAVE_IFADDRS_H +# include +#endif #include "xmalloc.h" #include "key.h" @@ -270,14 +274,83 @@ ssh_kill_proxy_command(void) kill(proxy_command_pid, SIGHUP); } +#ifdef HAVE_IFADDRS_H +/* + * Search a interface address list (returned from getifaddrs(3)) for an + * address that matches the desired address family on the specifed interface. + * Returns 0 and fills in *resultp and *rlenp on success. Returns -1 on failure. + */ +static int +check_ifaddrs(const char *ifname, int af, const struct ifaddrs *ifaddrs, + struct sockaddr_storage *resultp, socklen_t *rlenp) +{ + struct sockaddr_in6 *sa6; + struct sockaddr_in *sa; + struct in6_addr *v6addr; + const struct ifaddrs *ifa; + int allow_local; + + /* + * Prefer addresses that are not loopback or linklocal, but use them + * if nothing else matches. + */ + for (allow_local = 0; allow_local < 2; allow_local++) { + for (ifa = ifaddrs; ifa != NULL; ifa = ifa->ifa_next) { + if (ifa->ifa_addr == NULL || ifa->ifa_name == NULL || + (ifa->ifa_flags & IFF_UP) == 0 || + ifa->ifa_addr->sa_family != af || + strcmp(ifa->ifa_name, options.bind_interface) != 0) + continue; + switch (ifa->ifa_addr->sa_family) { + case AF_INET: + sa = (struct sockaddr_in *)ifa->ifa_addr; + if (!allow_local && sa->sin_addr.s_addr == + htonl(INADDR_LOOPBACK)) + continue; + if (*rlenp < sizeof(struct sockaddr_in)) { + error("%s: v4 addr doesn't fit", + __func__); + return -1; + } + *rlenp = sizeof(struct sockaddr_in); + memcpy(resultp, sa, *rlenp); + return 0; + case AF_INET6: + sa6 = (struct sockaddr_in6 *)ifa->ifa_addr; + v6addr = &sa6->sin6_addr; + if (!allow_local && + (IN6_IS_ADDR_LINKLOCAL(v6addr) || + IN6_IS_ADDR_LOOPBACK(v6addr))) + continue; + if (*rlenp < sizeof(struct sockaddr_in6)) { + error("%s: v6 addr doesn't fit", + __func__); + return -1; + } + *rlenp = sizeof(struct sockaddr_in6); + memcpy(resultp, sa6, *rlenp); + return 0; + } + } + } + return -1; +} +#endif + /* * Creates a (possibly privileged) socket for use as the ssh connection. */ static int ssh_create_socket(int privileged, struct addrinfo *ai) { - int sock, r, gaierr; + int sock, r, oerrno; + struct sockaddr_storage bindaddr; + socklen_t bindaddrlen = 0; struct addrinfo hints, *res = NULL; +#ifdef HAVE_IFADDRS_H + struct ifaddrs *ifaddrs = NULL; +#endif + char ntop[NI_MAXHOST]; sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); if (sock < 0) { @@ -287,22 +360,55 @@ ssh_create_socket(int privileged, struct addrinfo *ai) fcntl(sock, F_SETFD, FD_CLOEXEC); /* Bind the socket to an alternative local IP address */ - if (options.bind_address == NULL && !privileged) + if (options.bind_address == NULL && options.bind_interface == NULL && + !privileged) return sock; - if (options.bind_address) { + if (options.bind_address != NULL) { memset(&hints, 0, sizeof(hints)); hints.ai_family = ai->ai_family; hints.ai_socktype = ai->ai_socktype; hints.ai_protocol = ai->ai_protocol; hints.ai_flags = AI_PASSIVE; - gaierr = getaddrinfo(options.bind_address, NULL, &hints, &res); - if (gaierr) { + if ((r = getaddrinfo(options.bind_address, NULL, + &hints, &res)) != 0) { error("getaddrinfo: %s: %s", options.bind_address, - ssh_gai_strerror(gaierr)); - close(sock); - return -1; + ssh_gai_strerror(r)); + goto fail; } + if (res == NULL) { + error("getaddrinfo: no addrs"); + goto fail; + } + if (res->ai_addrlen > sizeof(bindaddr)) { + error("%s: addr doesn't fit", __func__); + goto fail; + } + memcpy(&bindaddr, res->ai_addr, res->ai_addrlen); + bindaddrlen = res->ai_addrlen; + } else if (options.bind_interface != NULL) { +#ifdef HAVE_IFADDRS_H + if ((r = getifaddrs(&ifaddrs)) != 0) { + error("getifaddrs: %s: %s", options.bind_interface, + strerror(errno)); + goto fail; + } + bindaddrlen = sizeof(bindaddr); + if (check_ifaddrs(options.bind_interface, ai->ai_family, + ifaddrs, &bindaddr, &bindaddrlen) != 0) { + logit("getifaddrs: %s: no suitable addresses", + options.bind_interface); + goto fail; + } +#else + error("BindInterface not supported on this platform."); +#endif + } + if ((r = getnameinfo((struct sockaddr *)&bindaddr, bindaddrlen, + ntop, sizeof(ntop), NULL, 0, NI_NUMERICHOST)) != 0) { + error("%s: getnameinfo failed: %s", __func__, + ssh_gai_strerror(r)); + goto fail; } /* * If we are running as root and want to connect to a privileged @@ -310,25 +416,32 @@ ssh_create_socket(int privileged, struct addrinfo *ai) */ if (privileged) { PRIV_START; - r = bindresvport_sa(sock, res ? res->ai_addr : NULL); + r = bindresvport_sa(sock, + bindaddrlen == 0 ? NULL : (struct sockaddr *)&bindaddr); + oerrno = errno; PRIV_END; if (r < 0) { - error("bindresvport_sa: af=%d %s", ai->ai_family, - strerror(errno)); + error("bindresvport_sa %s: %s", ntop, + strerror(oerrno)); goto fail; } - } else { - if (bind(sock, res->ai_addr, res->ai_addrlen) < 0) { - error("bind: %s: %s", options.bind_address, - strerror(errno)); - fail: - close(sock); - freeaddrinfo(res); - return -1; - } + } else if (bind(sock, (struct sockaddr *)&bindaddr, bindaddrlen) != 0) { + error("bind %s: %s", ntop, strerror(errno)); + goto fail; } + debug("%s: bound to %s", __func__, ntop); + /* success */ + goto out; +fail: + close(sock); + sock = -1; + out: if (res != NULL) freeaddrinfo(res); +#ifdef HAVE_IFADDRS_H + if (ifaddrs != NULL) + freeifaddrs(ifaddrs); +#endif return sock; } @@ -344,7 +457,7 @@ waitrfd(int fd, int *timeoutp) struct timeval t_start; int oerrno, r; - gettimeofday(&t_start, NULL); + monotime_tv(&t_start); pfd.fd = fd; pfd.events = POLLIN; for (; *timeoutp >= 0;) { @@ -416,7 +529,7 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop, int connection_attempts, int *timeout_ms, int want_keepalive, int needpriv) { int on = 1; - int sock = -1, attempt; + int oerrno, sock = -1, attempt; char ntop[NI_MAXHOST], strport[NI_MAXSERV]; struct addrinfo *ai; @@ -436,12 +549,16 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop, */ for (ai = aitop; ai; ai = ai->ai_next) { if (ai->ai_family != AF_INET && - ai->ai_family != AF_INET6) + ai->ai_family != AF_INET6) { + errno = EAFNOSUPPORT; continue; + } if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, sizeof(ntop), strport, sizeof(strport), NI_NUMERICHOST|NI_NUMERICSERV) != 0) { + oerrno = errno; error("%s: getnameinfo failed", __func__); + errno = oerrno; continue; } debug("Connecting to %.200s [%.100s] port %s.", @@ -449,9 +566,11 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop, /* Create a socket for connecting. */ sock = ssh_create_socket(needpriv, ai); - if (sock < 0) + if (sock < 0) { /* Any error is already output */ + errno = 0; continue; + } if (timeout_connect(sock, ai->ai_addr, ai->ai_addrlen, timeout_ms) >= 0) { @@ -459,10 +578,12 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop, memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen); break; } else { + oerrno = errno; debug("connect to address %s port %s: %s", ntop, strport, strerror(errno)); close(sock); sock = -1; + errno = oerrno; } } if (sock != -1) @@ -472,8 +593,8 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop, /* Return failure if we didn't get a successful connection. */ if (sock == -1) { error("ssh: connect to host %s port %s: %s", - host, strport, strerror(errno)); - return (-1); + host, strport, errno == 0 ? "failure" : strerror(errno)); + return -1; } debug("Connection established."); @@ -610,9 +731,6 @@ ssh_exchange_identification(int timeout_ms) if (mismatch) fatal("Protocol major versions differ: %d vs. %d", PROTOCOL_MAJOR_2, remote_major); - if ((datafellows & SSH_BUG_DERIVEKEY) != 0) - fatal("Server version \"%.100s\" uses unsafe key agreement; " - "refusing connection", remote_version); if ((datafellows & SSH_BUG_RSASIGMD5) != 0) logit("Server version \"%.100s\" uses unsafe RSA signature " "scheme; disabling use of RSA keys", remote_version); @@ -631,11 +749,12 @@ confirm(const char *prompt) return 0; for (msg = prompt;;msg = again) { p = read_passphrase(msg, RP_ECHO); - if (p == NULL || - (p[0] == '\0') || (p[0] == '\n') || - strncasecmp(p, "no", 2) == 0) + if (p == NULL) + return 0; + p[strcspn(p, "\n")] = '\0'; + if (p[0] == '\0' || strcasecmp(p, "no") == 0) ret = 0; - if (p && strncasecmp(p, "yes", 3) == 0) + else if (strcasecmp(p, "yes") == 0) ret = 1; free(p); if (ret != -1) @@ -1171,8 +1290,7 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, host_key = raw_key; goto retry; } - if (raw_key != NULL) - sshkey_free(raw_key); + sshkey_free(raw_key); free(ip); free(host); if (host_hostkeys != NULL) @@ -1357,6 +1475,7 @@ show_other_keys(struct hostkeys *hostkeys, struct sshkey *key) KEY_DSA, KEY_ECDSA, KEY_ED25519, + KEY_XMSS, -1 }; int i, ret = 0; @@ -1453,8 +1572,8 @@ ssh_local_cmd(const char *args) } void -maybe_add_key_to_agent(char *authfile, struct sshkey *private, char *comment, - char *passphrase) +maybe_add_key_to_agent(char *authfile, const struct sshkey *private, + char *comment, char *passphrase) { int auth_sock = -1, r; @@ -1474,7 +1593,7 @@ maybe_add_key_to_agent(char *authfile, struct sshkey *private, char *comment, } if ((r = ssh_add_identity_constrained(auth_sock, private, comment, 0, - (options.add_keys_to_agent == 3))) == 0) + (options.add_keys_to_agent == 3), 0)) == 0) debug("identity added to agent: %s", authfile); else debug("could not add identity to agent: %s (%d)", authfile, r); diff --git a/sshconnect.h b/sshconnect.h index b5029e2347e0..dd648b096e9e 100644 --- a/sshconnect.h +++ b/sshconnect.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.h,v 1.31 2017/09/12 06:32:07 djm Exp $ */ +/* $OpenBSD: sshconnect.h,v 1.32 2018/02/10 09:25:35 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -57,7 +57,7 @@ void ssh_userauth2(const char *, const char *, char *, Sensitive *); void ssh_put_password(char *); int ssh_local_cmd(const char *); -void maybe_add_key_to_agent(char *, struct sshkey *, char *, char *); +void maybe_add_key_to_agent(char *, const struct sshkey *, char *, char *); /* * Macros to raise/lower permissions. diff --git a/sshconnect2.c b/sshconnect2.c index be9397e481bd..1f4a74cf46f8 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.266 2017/08/27 00:38:41 dtucker Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.270 2018/03/24 19:28:43 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -578,7 +578,6 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) Authctxt *authctxt = ssh->authctxt; struct sshkey *key = NULL; Identity *id = NULL; - Buffer b; int pktype, sent = 0; u_int alen, blen; char *pkalg, *fp; @@ -586,18 +585,9 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) if (authctxt == NULL) fatal("input_userauth_pk_ok: no authentication context"); - if (datafellows & SSH_BUG_PKOK) { - /* this is similar to SSH_BUG_PKAUTH */ - debug2("input_userauth_pk_ok: SSH_BUG_PKOK"); - pkblob = packet_get_string(&blen); - buffer_init(&b); - buffer_append(&b, pkblob, blen); - pkalg = buffer_get_string(&b, &alen); - buffer_free(&b); - } else { - pkalg = packet_get_string(&alen); - pkblob = packet_get_string(&blen); - } + + pkalg = packet_get_string(&alen); + pkblob = packet_get_string(&blen); packet_check_eom(); debug("Server accepts key: pkalg %s blen %u", pkalg, blen); @@ -634,8 +624,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) } } done: - if (key != NULL) - key_free(key); + key_free(key); free(pkalg); free(pkblob); @@ -1013,17 +1002,46 @@ key_sign_encode(const struct sshkey *key) return key_ssh_name(key); } +/* + * Some agents will return ssh-rsa signatures when asked to make a + * rsa-sha2-* signature. Check what they actually gave back and warn the + * user if the agent has returned an unexpected type. + */ +static int +check_sigtype(const struct sshkey *key, const u_char *sig, size_t len) +{ + int r; + char *sigtype = NULL; + const char *alg = key_sign_encode(key); + + if (sshkey_is_cert(key)) + return 0; + if ((r = sshkey_sigtype(sig, len, &sigtype)) != 0) + return r; + if (strcmp(sigtype, alg) != 0) { + logit("warning: agent returned different signature type %s " + "(expected %s)", sigtype, alg); + } + free(sigtype); + /* Incorrect signature types aren't an error ... yet */ + return 0; +} + static int identity_sign(struct identity *id, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, u_int compat) { struct sshkey *prv; - int ret; + int r; /* the agent supports this key */ - if (id->key != NULL && id->agent_fd != -1) - return ssh_agent_sign(id->agent_fd, id->key, sigp, lenp, - data, datalen, key_sign_encode(id->key), compat); + if (id->key != NULL && id->agent_fd != -1) { + if ((r = ssh_agent_sign(id->agent_fd, id->key, sigp, lenp, + data, datalen, key_sign_encode(id->key), compat)) != 0 || + (r = check_sigtype(id->key, *sigp, *lenp)) != 0) + return r; + return 0; + } /* * we have already loaded the private key or @@ -1042,10 +1060,10 @@ identity_sign(struct identity *id, u_char **sigp, size_t *lenp, __func__, id->filename); return SSH_ERR_KEY_NOT_FOUND; } - ret = sshkey_sign(prv, sigp, lenp, data, datalen, + r = sshkey_sign(prv, sigp, lenp, data, datalen, key_sign_encode(prv), compat); sshkey_free(prv); - return (ret); + return r; } static int @@ -1100,17 +1118,10 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id) } buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); buffer_put_cstring(&b, authctxt->server_user); - buffer_put_cstring(&b, - datafellows & SSH_BUG_PKSERVICE ? - "ssh-userauth" : - authctxt->service); - if (datafellows & SSH_BUG_PKAUTH) { - buffer_put_char(&b, have_sig); - } else { - buffer_put_cstring(&b, authctxt->method->name); - buffer_put_char(&b, have_sig); - buffer_put_cstring(&b, key_sign_encode(id->key)); - } + buffer_put_cstring(&b, authctxt->service); + buffer_put_cstring(&b, authctxt->method->name); + buffer_put_char(&b, have_sig); + buffer_put_cstring(&b, key_sign_encode(id->key)); buffer_put_string(&b, blob, bloblen); /* @@ -1170,19 +1181,6 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id) #ifdef DEBUG_PK buffer_dump(&b); #endif - if (datafellows & SSH_BUG_PKSERVICE) { - buffer_clear(&b); - buffer_append(&b, session_id2, session_id2_len); - skip = session_id2_len; - buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); - buffer_put_cstring(&b, authctxt->server_user); - buffer_put_cstring(&b, authctxt->service); - buffer_put_cstring(&b, authctxt->method->name); - buffer_put_char(&b, have_sig); - if (!(datafellows & SSH_BUG_PKAUTH)) - buffer_put_cstring(&b, key_ssh_name(id->key)); - buffer_put_string(&b, blob, bloblen); - } free(blob); /* append signature */ @@ -1224,8 +1222,7 @@ send_pubkey_test(Authctxt *authctxt, Identity *id) packet_put_cstring(authctxt->service); packet_put_cstring(authctxt->method->name); packet_put_char(have_sig); - if (!(datafellows & SSH_BUG_PKAUTH)) - packet_put_cstring(key_sign_encode(id->key)); + packet_put_cstring(key_sign_encode(id->key)); packet_put_string(blob, bloblen); free(blob); packet_send(); @@ -1741,7 +1738,6 @@ userauth_hostbased(Authctxt *authctxt) struct ssh *ssh = active_state; struct sshkey *private = NULL; struct sshbuf *b = NULL; - const char *service; u_char *sig = NULL, *keyblob = NULL; char *fp = NULL, *chost = NULL, *lname = NULL; size_t siglen = 0, keylen = 0; @@ -1812,9 +1808,6 @@ userauth_hostbased(Authctxt *authctxt) xasprintf(&chost, "%s.", lname); debug2("%s: chost %s", __func__, chost); - service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : - authctxt->service; - /* construct data */ if ((b = sshbuf_new()) == NULL) { error("%s: sshbuf_new failed", __func__); @@ -1827,7 +1820,7 @@ userauth_hostbased(Authctxt *authctxt) if ((r = sshbuf_put_string(b, session_id2, session_id2_len)) != 0 || (r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 || (r = sshbuf_put_cstring(b, authctxt->server_user)) != 0 || - (r = sshbuf_put_cstring(b, service)) != 0 || + (r = sshbuf_put_cstring(b, authctxt->service)) != 0 || (r = sshbuf_put_cstring(b, authctxt->method->name)) != 0 || (r = sshbuf_put_cstring(b, key_ssh_name(private))) != 0 || (r = sshbuf_put_string(b, keyblob, keylen)) != 0 || diff --git a/sshd.0 b/sshd.0 index 92c8ec53306c..999d160bf8dd 100644 --- a/sshd.0 +++ b/sshd.0 @@ -33,12 +33,14 @@ DESCRIPTION -C connection_spec Specify the connection parameters to use for the -T extended test mode. If provided, any Match directives in the configuration - file that would apply to the specified user, host, and address - will be set before the configuration is written to standard - output. The connection parameters are supplied as keyword=value - pairs. The keywords are M-bM-^@M-^\userM-bM-^@M-^], M-bM-^@M-^\hostM-bM-^@M-^], M-bM-^@M-^\laddrM-bM-^@M-^], M-bM-^@M-^\lportM-bM-^@M-^], and - M-bM-^@M-^\addrM-bM-^@M-^]. All are required and may be supplied in any order, + file that would apply are applied before the configuration is + written to standard output. The connection parameters are + supplied as keyword=value pairs and may be supplied in any order, either with multiple -C options or as a comma-separated list. + The keywords are M-bM-^@M-^\addr,M-bM-^@M-^] M-bM-^@M-^\userM-bM-^@M-^], M-bM-^@M-^\hostM-bM-^@M-^], M-bM-^@M-^\laddrM-bM-^@M-^], M-bM-^@M-^\lportM-bM-^@M-^], and + M-bM-^@M-^\rdomainM-bM-^@M-^] and correspond to source address, user, resolved source + host name, local address, local port number and routing domain + respectively. -c host_certificate_file Specifies a path to a certificate file to identify sshd during @@ -75,10 +77,9 @@ DESCRIPTION Specifies a file from which a host key is read. This option must be given if sshd is not run as root (as the normal host key files are normally not readable by anyone but root). The default is - /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_ecdsa_key, - /etc/ssh/ssh_host_ed25519_key and /etc/ssh/ssh_host_rsa_key. It - is possible to have multiple host key files for the different - host key algorithms. + /etc/ssh/ssh_host_ecdsa_key, /etc/ssh/ssh_host_ed25519_key and + /etc/ssh/ssh_host_rsa_key. It is possible to have multiple host + key files for the different host key algorithms. -i Specifies that sshd is being run from inetd(8). @@ -247,7 +248,7 @@ AUTHORIZED_KEYS FILE FORMAT You don't want to type them in; instead, copy the id_dsa.pub, id_ecdsa.pub, id_ed25519.pub, or the id_rsa.pub file and edit it. - sshd enforces a minimum RSA key modulus size of 768 bits. + sshd enforces a minimum RSA key modulus size of 1024 bits. The options (if present) consist of comma-separated option specifications. No spaces are permitted, except within double quotes. @@ -299,6 +300,11 @@ AUTHORIZED_KEYS FILE FORMAT this type are permitted. Environment processing is disabled by default and is controlled via the PermitUserEnvironment option. + expiry-time="timespec" + Specifies a time after which the key will not be accepted. The + time may be specified as a YYYYMMDD date or a YYYYMMDDHHMM[SS] + time in the system time-zone. + from="pattern-list" Specifies that in addition to public key authentication, either the canonical name of the remote host or its IP address must be @@ -346,6 +352,7 @@ AUTHORIZED_KEYS FILE FORMAT port-forwarding Enable port forwarding previously disabled by the restrict + option. principals="principals" On a cert-authority line, specifies allowed principals for @@ -567,7 +574,6 @@ FILES allows host-based authentication without permitting login with rlogin/rsh. - /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ed25519_key /etc/ssh/ssh_host_rsa_key @@ -576,7 +582,6 @@ FILES not accessible to others. Note that sshd does not start if these files are group/world-accessible. - /etc/ssh/ssh_host_dsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ed25519_key.pub /etc/ssh/ssh_host_rsa_key.pub @@ -629,4 +634,4 @@ AUTHORS versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support for privilege separation. -OpenBSD 6.2 June 24, 2017 OpenBSD 6.2 +OpenBSD 6.2 March 14, 2018 OpenBSD 6.2 diff --git a/sshd.8 b/sshd.8 index a4201146bc23..968ba66bbe8d 100644 --- a/sshd.8 +++ b/sshd.8 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.291 2017/06/24 06:28:50 jmc Exp $ -.Dd $Mdocdate: June 24 2017 $ +.\" $OpenBSD: sshd.8,v 1.299 2018/03/14 06:56:20 jmc Exp $ +.Dd $Mdocdate: March 14 2018 $ .Dt SSHD 8 .Os .Sh NAME @@ -100,20 +100,22 @@ Specify the connection parameters to use for the extended test mode. If provided, any .Cm Match -directives in the configuration file -that would apply to the specified user, host, and address will be set before -the configuration is written to standard output. -The connection parameters are supplied as keyword=value pairs. +directives in the configuration file that would apply are applied before the +configuration is written to standard output. +The connection parameters are supplied as keyword=value pairs and may be +supplied in any order, either with multiple +.Fl C +options or as a comma-separated list. The keywords are +.Dq addr, .Dq user , .Dq host , .Dq laddr , .Dq lport , and -.Dq addr . -All are required and may be supplied in any order, either with multiple -.Fl C -options or as a comma-separated list. +.Dq rdomain +and correspond to source address, user, resolved source host name, +local address, local port number and routing domain respectively. .It Fl c Ar host_certificate_file Specifies a path to a certificate file to identify .Nm @@ -164,7 +166,6 @@ This option must be given if is not run as root (as the normal host key files are normally not readable by anyone but root). The default is -.Pa /etc/ssh/ssh_host_dsa_key , .Pa /etc/ssh/ssh_host_ecdsa_key , .Pa /etc/ssh/ssh_host_ed25519_key and @@ -452,7 +453,7 @@ or the file and edit it. .Pp .Nm -enforces a minimum RSA key modulus size of 768 bits. +enforces a minimum RSA key modulus size of 1024 bits. .Pp The options (if present) consist of comma-separated option specifications. @@ -512,6 +513,10 @@ Environment processing is disabled by default and is controlled via the .Cm PermitUserEnvironment option. +.It Cm expiry-time="timespec" +Specifies a time after which the key will not be accepted. +The time may be specified as a YYYYMMDD date or a YYYYMMDDHHMM[SS] time +in the system time-zone. .It Cm from="pattern-list" Specifies that in addition to public key authentication, either the canonical name of the remote host or its IP address must be present in the @@ -566,6 +571,7 @@ matches any port. .It Cm port-forwarding Enable port forwarding previously disabled by the .Cm restrict +option. .It Cm principals="principals" On a .Cm cert-authority @@ -871,7 +877,6 @@ This file is used in exactly the same way as but allows host-based authentication without permitting login with rlogin/rsh. .Pp -.It Pa /etc/ssh/ssh_host_dsa_key .It Pa /etc/ssh/ssh_host_ecdsa_key .It Pa /etc/ssh/ssh_host_ed25519_key .It Pa /etc/ssh/ssh_host_rsa_key @@ -882,7 +887,6 @@ Note that .Nm does not start if these files are group/world-accessible. .Pp -.It Pa /etc/ssh/ssh_host_dsa_key.pub .It Pa /etc/ssh/ssh_host_ecdsa_key.pub .It Pa /etc/ssh/ssh_host_ed25519_key.pub .It Pa /etc/ssh/ssh_host_rsa_key.pub diff --git a/sshd.c b/sshd.c index 51a1aaf6ec86..fd95b681b7c5 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.492 2017/09/12 06:32:07 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.506 2018/03/03 03:15:51 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -119,6 +119,7 @@ #endif #include "monitor_wrap.h" #include "ssh-sandbox.h" +#include "auth-options.h" #include "version.h" #include "ssherr.h" @@ -144,7 +145,12 @@ char *config_file_name = _PATH_SERVER_CONFIG_FILE; */ int debug_flag = 0; -/* Flag indicating that the daemon should only test the configuration and keys. */ +/* + * Indicating that the daemon should only test the configuration and keys. + * If test_flag > 1 ("-T" flag), then sshd will also dump the effective + * configuration, optionally using connection information provided by the + * "-C" flag. + */ int test_flag = 0; /* Flag indicating that the daemon is being started from inetd. */ @@ -227,6 +233,9 @@ static int privsep_chroot = 1; /* global authentication context */ Authctxt *the_authctxt = NULL; +/* global key/cert auth options. XXX move to permanent ssh->authctxt? */ +struct sshauthopt *auth_opts = NULL; + /* sshd_config buffer */ Buffer cfg; @@ -278,7 +287,6 @@ sighup_handler(int sig) int save_errno = errno; received_sighup = 1; - signal(SIGHUP, sighup_handler); errno = save_errno; } @@ -328,8 +336,6 @@ main_sigchld_handler(int sig) while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || (pid < 0 && errno == EINTR)) ; - - signal(SIGCHLD, main_sigchld_handler); errno = save_errno; } @@ -441,16 +447,12 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out) logit("Client version \"%.100s\" uses unsafe RSA signature " "scheme; disabling use of RSA keys", remote_version); } - if ((ssh->compat & SSH_BUG_DERIVEKEY) != 0) { - fatal("Client version \"%.100s\" uses unsafe key agreement; " - "refusing connection", remote_version); - } chop(server_version_string); debug("Local version string %.200s", server_version_string); - if (remote_major != 2 || - (remote_major == 1 && remote_minor != 99)) { + if (remote_major != 2 && + !(remote_major == 1 && remote_minor == 99)) { s = "Protocol major versions differ.\n"; (void) atomicio(vwrite, sock_out, s, strlen(s)); close(sock_in); @@ -467,7 +469,7 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out) void destroy_sensitive_data(void) { - int i; + u_int i; for (i = 0; i < options.num_host_key_files; i++) { if (sensitive_data.host_keys[i]) { @@ -486,7 +488,7 @@ void demote_sensitive_data(void) { struct sshkey *tmp; - int i; + u_int i; for (i = 0; i < options.num_host_key_files; i++) { if (sensitive_data.host_keys[i]) { @@ -685,7 +687,7 @@ list_hostkey_types(void) Buffer b; const char *p; char *ret; - int i; + u_int i; struct sshkey *key; buffer_init(&b); @@ -707,6 +709,7 @@ list_hostkey_types(void) case KEY_DSA: case KEY_ECDSA: case KEY_ED25519: + case KEY_XMSS: if (buffer_len(&b) > 0) buffer_append(&b, ",", 1); p = key_ssh_name(key); @@ -728,6 +731,7 @@ list_hostkey_types(void) case KEY_DSA_CERT: case KEY_ECDSA_CERT: case KEY_ED25519_CERT: + case KEY_XMSS_CERT: if (buffer_len(&b) > 0) buffer_append(&b, ",", 1); p = key_ssh_name(key); @@ -745,7 +749,7 @@ list_hostkey_types(void) static struct sshkey * get_hostkey_by_type(int type, int nid, int need_private, struct ssh *ssh) { - int i; + u_int i; struct sshkey *key; for (i = 0; i < options.num_host_key_files; i++) { @@ -754,6 +758,7 @@ get_hostkey_by_type(int type, int nid, int need_private, struct ssh *ssh) case KEY_DSA_CERT: case KEY_ECDSA_CERT: case KEY_ED25519_CERT: + case KEY_XMSS_CERT: key = sensitive_data.host_certificates[i]; break; default: @@ -785,7 +790,7 @@ get_hostkey_private_by_type(int type, int nid, struct ssh *ssh) struct sshkey * get_hostkey_by_index(int ind) { - if (ind < 0 || ind >= options.num_host_key_files) + if (ind < 0 || (u_int)ind >= options.num_host_key_files) return (NULL); return (sensitive_data.host_keys[ind]); } @@ -793,7 +798,7 @@ get_hostkey_by_index(int ind) struct sshkey * get_hostkey_public_by_index(int ind, struct ssh *ssh) { - if (ind < 0 || ind >= options.num_host_key_files) + if (ind < 0 || (u_int)ind >= options.num_host_key_files) return (NULL); return (sensitive_data.host_pubkeys[ind]); } @@ -801,7 +806,7 @@ get_hostkey_public_by_index(int ind, struct ssh *ssh) int get_hostkey_index(struct sshkey *key, int compare, struct ssh *ssh) { - int i; + u_int i; for (i = 0; i < options.num_host_key_files; i++) { if (key_is_cert(key)) { @@ -830,7 +835,8 @@ notify_hostkeys(struct ssh *ssh) { struct sshbuf *buf; struct sshkey *key; - int i, nkeys, r; + u_int i, nkeys; + int r; char *fp; /* Some clients cannot cope with the hostkeys message, skip those. */ @@ -861,7 +867,7 @@ notify_hostkeys(struct ssh *ssh) packet_put_string(sshbuf_ptr(buf), sshbuf_len(buf)); nkeys++; } - debug3("%s: sent %d hostkeys", __func__, nkeys); + debug3("%s: sent %u hostkeys", __func__, nkeys); if (nkeys == 0) fatal("%s: no hostkeys", __func__); packet_send(); @@ -1014,13 +1020,13 @@ server_accept_inetd(int *sock_in, int *sock_out) * Listen for TCP connections */ static void -server_listen(void) +listen_on_addrs(struct listenaddr *la) { - int ret, listen_sock, on = 1; + int ret, listen_sock; struct addrinfo *ai; char ntop[NI_MAXHOST], strport[NI_MAXSERV]; - for (ai = options.listen_addrs; ai; ai = ai->ai_next) { + for (ai = la->addrs; ai; ai = ai->ai_next) { if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) continue; if (num_listen_socks >= MAX_LISTEN_SOCKS) @@ -1050,13 +1056,13 @@ server_listen(void) close(listen_sock); continue; } - /* - * Set socket options. - * Allow local port reuse in TIME_WAIT. - */ - if (setsockopt(listen_sock, SOL_SOCKET, SO_REUSEADDR, - &on, sizeof(on)) == -1) - error("setsockopt SO_REUSEADDR: %s", strerror(errno)); + /* Socket options */ + set_reuseaddr(listen_sock); + if (la->rdomain != NULL && + set_rdomain(listen_sock, la->rdomain) == -1) { + close(listen_sock); + continue; + } /* Only communicate in IPv6 over AF_INET6 sockets. */ if (ai->ai_family == AF_INET6) @@ -1078,9 +1084,28 @@ server_listen(void) if (listen(listen_sock, SSH_LISTEN_BACKLOG) < 0) fatal("listen on [%s]:%s: %.100s", ntop, strport, strerror(errno)); - logit("Server listening on %s port %s.", ntop, strport); + logit("Server listening on %s port %s%s%s.", + ntop, strport, + la->rdomain == NULL ? "" : " rdomain ", + la->rdomain == NULL ? "" : la->rdomain); } - freeaddrinfo(options.listen_addrs); +} + +static void +server_listen(void) +{ + u_int i; + + for (i = 0; i < options.num_listen_addrs; i++) { + listen_on_addrs(&options.listen_addrs[i]); + freeaddrinfo(options.listen_addrs[i].addrs); + free(options.listen_addrs[i].rdomain); + memset(&options.listen_addrs[i], 0, + sizeof(options.listen_addrs[i])); + } + free(options.listen_addrs); + options.listen_addrs = NULL; + options.num_listen_addrs = 0; if (!num_listen_socks) fatal("Cannot bind any address."); @@ -1348,6 +1373,46 @@ check_ip_options(struct ssh *ssh) #endif /* IP_OPTIONS */ } +/* Set the routing domain for this process */ +static void +set_process_rdomain(struct ssh *ssh, const char *name) +{ +#if defined(HAVE_SYS_SET_PROCESS_RDOMAIN) + if (name == NULL) + return; /* default */ + + if (strcmp(name, "%D") == 0) { + /* "expands" to routing domain of connection */ + if ((name = ssh_packet_rdomain_in(ssh)) == NULL) + return; + } + /* NB. We don't pass 'ssh' to sys_set_process_rdomain() */ + return sys_set_process_rdomain(name); +#elif defined(__OpenBSD__) + int rtable, ortable = getrtable(); + const char *errstr; + + if (name == NULL) + return; /* default */ + + if (strcmp(name, "%D") == 0) { + /* "expands" to routing domain of connection */ + if ((name = ssh_packet_rdomain_in(ssh)) == NULL) + return; + } + + rtable = (int)strtonum(name, 0, 255, &errstr); + if (errstr != NULL) /* Shouldn't happen */ + fatal("Invalid routing domain \"%s\": %s", name, errstr); + if (rtable != ortable && setrtable(rtable) != 0) + fatal("Unable to set routing domain %d: %s", + rtable, strerror(errno)); + debug("%s: set routing domain %d (was %d)", __func__, rtable, ortable); +#else /* defined(__OpenBSD__) */ + fatal("Unable to set routing domain: not supported in this platform"); +#endif +} + /* * Main program for the daemon. */ @@ -1357,20 +1422,19 @@ main(int ac, char **av) struct ssh *ssh = NULL; extern char *optarg; extern int optind; - int r, opt, i, j, on = 1, already_daemon; + int r, opt, on = 1, already_daemon, remote_port; int sock_in = -1, sock_out = -1, newsock = -1; - const char *remote_ip; - int remote_port; + const char *remote_ip, *rdomain; char *fp, *line, *laddr, *logfile = NULL; int config_s[2] = { -1 , -1 }; - u_int n; + u_int i, j; u_int64_t ibytes, obytes; mode_t new_umask; struct sshkey *key; struct sshkey *pubkey; int keytype; Authctxt *authctxt; - struct connection_info *connection_info = get_connection_info(0, 0); + struct connection_info *connection_info = NULL; ssh_malloc_init(); /* must be called before any mallocs */ @@ -1383,7 +1447,7 @@ main(int ac, char **av) saved_argc = ac; rexec_argc = ac; saved_argv = xcalloc(ac + 1, sizeof(*saved_argv)); - for (i = 0; i < ac; i++) + for (i = 0; (int)i < ac; i++) saved_argv[i] = xstrdup(av[i]); saved_argv[i] = NULL; @@ -1416,12 +1480,8 @@ main(int ac, char **av) config_file_name = optarg; break; case 'c': - if (options.num_host_cert_files >= MAX_HOSTCERTS) { - fprintf(stderr, "too many host certificates.\n"); - exit(1); - } - options.host_cert_files[options.num_host_cert_files++] = - derelativise_path(optarg); + servconf_add_hostcert("[command-line]", 0, + &options, optarg); break; case 'd': if (debug_flag == 0) { @@ -1480,12 +1540,8 @@ main(int ac, char **av) /* protocol 1, ignored */ break; case 'h': - if (options.num_host_key_files >= MAX_HOSTKEYS) { - fprintf(stderr, "too many host keys.\n"); - exit(1); - } - options.host_key_files[options.num_host_key_files++] = - derelativise_path(optarg); + servconf_add_hostkey("[command-line]", 0, + &options, optarg); break; case 't': test_flag = 1; @@ -1494,6 +1550,7 @@ main(int ac, char **av) test_flag = 2; break; case 'C': + connection_info = get_connection_info(0, 0); if (parse_server_match_testspec(connection_info, optarg) == -1) exit(1); @@ -1552,24 +1609,13 @@ main(int ac, char **av) if (getenv("KRB5CCNAME") != NULL) (void) unsetenv("KRB5CCNAME"); -#ifdef _UNICOS - /* Cray can define user privs drop all privs now! - * Not needed on PRIV_SU systems! - */ - drop_cray_privs(); -#endif - sensitive_data.have_ssh2_key = 0; /* - * If we're doing an extended config test, make sure we have all of - * the parameters we need. If we're not doing an extended test, - * do not silently ignore connection test params. + * If we're not doing an extended test do not silently ignore connection + * test params. */ - if (test_flag >= 2 && server_match_spec_complete(connection_info) == 0) - fatal("user, host and addr are all required when testing " - "Match configs"); - if (test_flag < 2 && server_match_spec_complete(connection_info) >= 0) + if (test_flag < 2 && connection_info != NULL) fatal("Config test connection parameter (-C) provided without " "test mode (-T)"); @@ -1611,12 +1657,12 @@ main(int ac, char **av) * and warns for trivial misconfigurations that could break login. */ if (options.num_auth_methods != 0) { - for (n = 0; n < options.num_auth_methods; n++) { - if (auth2_methods_valid(options.auth_methods[n], + for (i = 0; i < options.num_auth_methods; i++) { + if (auth2_methods_valid(options.auth_methods[i], 1) == 0) break; } - if (n >= options.num_auth_methods) + if (i >= options.num_auth_methods) fatal("AuthenticationMethods cannot be satisfied by " "enabled authentication methods"); } @@ -1642,10 +1688,8 @@ main(int ac, char **av) fatal("Privilege separation user %s does not exist", SSH_PRIVSEP_USER); } else { - explicit_bzero(privsep_pw->pw_passwd, - strlen(privsep_pw->pw_passwd)); privsep_pw = pwcopy(privsep_pw); - free(privsep_pw->pw_passwd); + freezero(privsep_pw->pw_passwd, strlen(privsep_pw->pw_passwd)); privsep_pw->pw_passwd = xstrdup("*"); } endpwent(); @@ -1697,6 +1741,7 @@ main(int ac, char **av) case KEY_DSA: case KEY_ECDSA: case KEY_ED25519: + case KEY_XMSS: if (have_agent || key != NULL) sensitive_data.have_ssh2_key = 1; break; @@ -1752,7 +1797,7 @@ main(int ac, char **av) continue; } sensitive_data.host_certificates[j] = key; - debug("host certificate: #%d type %d %s", j, key->type, + debug("host certificate: #%u type %d %s", j, key->type, key_type(key)); } @@ -1776,8 +1821,13 @@ main(int ac, char **av) } if (test_flag > 1) { - if (server_match_spec_complete(connection_info) == 1) - parse_server_match_config(&options, connection_info); + /* + * If no connection info was provided by -C then use + * use a blank one that will cause no predicate to match. + */ + if (connection_info == NULL) + connection_info = get_connection_info(0, 0); + parse_server_match_config(&options, connection_info); dump_config(&options); } @@ -1796,8 +1846,10 @@ main(int ac, char **av) debug("setgroups() failed: %.200s", strerror(errno)); if (rexec_flag) { + if (rexec_argc < 0) + fatal("rexec_argc %d < 0", rexec_argc); rexec_argv = xcalloc(rexec_argc + 2, sizeof(char *)); - for (i = 0; i < rexec_argc; i++) { + for (i = 0; i < (u_int)rexec_argc; i++) { debug("rexec_argv[%d]='%s'", i, saved_argv[i]); rexec_argv[i] = saved_argv[i]; } @@ -1970,6 +2022,9 @@ main(int ac, char **av) cleanup_exit(255); } + if (options.routing_domain != NULL) + set_process_rdomain(ssh, options.routing_domain); + /* * The rest of the code depends on the fact that * ssh_remote_ipaddr() caches the remote ip, even if @@ -1981,10 +2036,15 @@ main(int ac, char **av) audit_connection_from(remote_ip, remote_port); #endif + rdomain = ssh_packet_rdomain_in(ssh); + /* Log the connection. */ laddr = get_local_ipaddr(sock_in); - verbose("Connection from %s port %d on %s port %d", - remote_ip, remote_port, laddr, ssh_local_port(ssh)); + verbose("Connection from %s port %d on %s port %d%s%s%s", + remote_ip, remote_port, laddr, ssh_local_port(ssh), + rdomain == NULL ? "" : " rdomain \"", + rdomain == NULL ? "" : rdomain, + rdomain == NULL ? "" : "\""); free(laddr); /* @@ -2010,6 +2070,10 @@ main(int ac, char **av) /* XXX global for cleanup, access from other modules */ the_authctxt = authctxt; + /* Set default key authentication options */ + if ((auth_opts = sshauthopt_new_with_keys_defaults()) == NULL) + fatal("allocation failed"); + /* prepare buffer to collect messages to display to user after login */ buffer_init(&loginmsg); auth_debug_reset(); @@ -2066,7 +2130,7 @@ main(int ac, char **av) #ifdef USE_PAM if (options.use_pam) { do_pam_setcred(1); - do_pam_session(); + do_pam_session(ssh); } #endif diff --git a/sshd_config b/sshd_config index 4eb2e02e0448..3109d5d73754 100644 --- a/sshd_config +++ b/sshd_config @@ -1,4 +1,4 @@ -# $OpenBSD: sshd_config,v 1.101 2017/03/14 07:19:07 djm Exp $ +# $OpenBSD: sshd_config,v 1.102 2018/02/16 02:32:40 djm Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. @@ -16,7 +16,6 @@ #ListenAddress :: #HostKey /etc/ssh/ssh_host_rsa_key -#HostKey /etc/ssh/ssh_host_dsa_key #HostKey /etc/ssh/ssh_host_ecdsa_key #HostKey /etc/ssh/ssh_host_ed25519_key diff --git a/sshd_config.0 b/sshd_config.0 index 678ee14b4d3d..95c17fc8ddf0 100644 --- a/sshd_config.0 +++ b/sshd_config.0 @@ -6,9 +6,10 @@ NAME DESCRIPTION sshd(8) reads configuration data from /etc/ssh/sshd_config (or the file specified with -f on the command line). The file contains keyword- - argument pairs, one per line. Lines starting with M-bM-^@M-^X#M-bM-^@M-^Y and empty lines - are interpreted as comments. Arguments may optionally be enclosed in - double quotes (") in order to represent arguments containing spaces. + argument pairs, one per line. For each keyword, the first obtained value + will be used. Lines starting with M-bM-^@M-^X#M-bM-^@M-^Y and empty lines are interpreted as + comments. Arguments may optionally be enclosed in double quotes (") in + order to represent arguments containing spaces. The possible keywords and their meanings are as follows (note that keywords are case-insensitive and arguments are case-sensitive): @@ -422,9 +423,8 @@ DESCRIPTION HostKey Specifies a file containing a private host key used by SSH. The - defaults are /etc/ssh/ssh_host_dsa_key, - /etc/ssh/ssh_host_ecdsa_key, /etc/ssh/ssh_host_ed25519_key and - /etc/ssh/ssh_host_rsa_key. + defaults are /etc/ssh/ssh_host_ecdsa_key, + /etc/ssh/ssh_host_ed25519_key and /etc/ssh/ssh_host_rsa_key. Note that sshd(8) will refuse to use a file if it is group/world- accessible and that the HostKeyAlgorithms option restricts which @@ -465,8 +465,9 @@ DESCRIPTION IgnoreUserKnownHosts Specifies whether sshd(8) should ignore the user's - ~/.ssh/known_hosts during HostbasedAuthentication. The default - is no. + ~/.ssh/known_hosts during HostbasedAuthentication and use only + the system-wide known hosts file /etc/ssh/known_hosts. The + default is no. IPQoS Specifies the IPv4 type-of-service or DSCP class for the connection. Accepted values are af11, af12, af13, af21, af22, @@ -521,6 +522,9 @@ DESCRIPTION curve25519-sha256@libssh.org diffie-hellman-group1-sha1 diffie-hellman-group14-sha1 + diffie-hellman-group14-sha256 + diffie-hellman-group16-sha512 + diffie-hellman-group18-sha512 diffie-hellman-group-exchange-sha1 diffie-hellman-group-exchange-sha256 ecdh-sha2-nistp256 @@ -532,7 +536,8 @@ DESCRIPTION curve25519-sha256,curve25519-sha256@libssh.org, ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, diffie-hellman-group-exchange-sha256, - diffie-hellman-group14-sha1 + diffie-hellman-group16-sha512,diffie-hellman-group18-sha512, + diffie-hellman-group14-sha256,diffie-hellman-group14-sha1 The list of available key exchange algorithms may also be obtained using "ssh -Q kex". @@ -541,13 +546,18 @@ DESCRIPTION Specifies the local addresses sshd(8) should listen on. The following forms may be used: - ListenAddress host|IPv4_addr|IPv6_addr - ListenAddress host|IPv4_addr:port - ListenAddress [host|IPv6_addr]:port + ListenAddress hostname|address [rdomain domain] + ListenAddress hostname:port [rdomain domain] + ListenAddress IPv4_address:port [rdomain domain] + ListenAddress [hostname|address]:port [rdomain domain] - If port is not specified, sshd will listen on the address and all - Port options specified. The default is to listen on all local - addresses. Multiple ListenAddress options are permitted. + The optional rdomain qualifier requests sshd(8) listen in an + explicit routing domain. If port is not specified, sshd will + listen on the address and all Port options specified. The + default is to listen on all local addresses on the current + default routing domain. Multiple ListenAddress options are + permitted. For more information on routing domains, see + rdomain(4). LoginGraceTime The server disconnects after this time if the user has not @@ -612,10 +622,13 @@ DESCRIPTION The arguments to Match are one or more criteria-pattern pairs or the single token All which matches all criteria. The available - criteria are User, Group, Host, LocalAddress, LocalPort, and - Address. The match patterns may consist of single entries or - comma-separated lists and may use the wildcard and negation - operators described in the PATTERNS section of ssh_config(5). + criteria are User, Group, Host, LocalAddress, LocalPort, RDomain, + and Address (with RDomain representing the rdomain(4) on which + the connection was received.) + + The match patterns may consist of single entries or comma- + separated lists and may use the wildcard and negation operators + described in the PATTERNS section of ssh_config(5). The patterns in an Address criteria may additionally contain addresses to match in CIDR address/masklen format, such as @@ -640,7 +653,7 @@ DESCRIPTION MaxAuthTries, MaxSessions, PasswordAuthentication, PermitEmptyPasswords, PermitOpen, PermitRootLogin, PermitTTY, PermitTunnel, PermitUserRC, PubkeyAcceptedKeyTypes, - PubkeyAuthentication, RekeyLimit, RevokedKeys, + PubkeyAuthentication, RekeyLimit, RevokedKeys, RDomain, StreamLocalBindMask, StreamLocalBindUnlink, TrustedUserCAKeys, X11DisplayOffset, X11Forwarding and X11UseLocalHost. @@ -700,12 +713,12 @@ DESCRIPTION PermitRootLogin Specifies whether root can log in using ssh(1). The argument - must be yes, prohibit-password, without-password, - forced-commands-only, or no. The default is prohibit-password. + must be yes, prohibit-password, forced-commands-only, or no. The + default is prohibit-password. - If this option is set to prohibit-password or without-password, - password and keyboard-interactive authentication are disabled for - root. + If this option is set to prohibit-password (or its deprecated + alias, without-password), password and keyboard-interactive + authentication are disabled for root. If this option is set to forced-commands-only, root login with public key authentication will be allowed, but only if the @@ -807,6 +820,13 @@ DESCRIPTION ssh-keygen(1). For more information on KRLs, see the KEY REVOCATION LISTS section in ssh-keygen(1). + RDomain + Specifies an explicit routing domain that is applied after + authentication has completed. The user session, as well and any + forwarded or listening IP sockets, will be bound to this + rdomain(4). If the routing domain is set to %D, then the domain + in which the incoming connection was received will be applied. + StreamLocalBindMask Sets the octal file creation mode mask (umask) used when creating a Unix-domain socket file for local or remote port forwarding. @@ -980,6 +1000,8 @@ TOKENS runtime: %% A literal M-bM-^@M-^X%M-bM-^@M-^Y. + %D The routing domain in which the incoming connection was + received. %F The fingerprint of the CA key. %f The fingerprint of the key or certificate. %h The home directory of the user. @@ -1002,6 +1024,8 @@ TOKENS ChrootDirectory accepts the tokens %%, %h, and %u. + RoutingDomain accepts the token %D. + FILES /etc/ssh/sshd_config Contains configuration data for sshd(8). This file should be @@ -1019,4 +1043,4 @@ AUTHORS versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support for privilege separation. -OpenBSD 6.2 September 27, 2017 OpenBSD 6.2 +OpenBSD 6.2 February 16, 2018 OpenBSD 6.2 diff --git a/sshd_config.5 b/sshd_config.5 index 251b7467fd28..e3c7c3936dd3 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.253 2017/09/27 06:45:53 jmc Exp $ -.Dd $Mdocdate: September 27 2017 $ +.\" $OpenBSD: sshd_config.5,v 1.263 2018/02/16 02:40:45 djm Exp $ +.Dd $Mdocdate: February 16 2018 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -48,6 +48,7 @@ reads configuration data from .Fl f on the command line). The file contains keyword-argument pairs, one per line. +For each keyword, the first obtained value will be used. Lines starting with .Ql # and empty lines are interpreted as comments. @@ -713,7 +714,6 @@ is not to load any certificates. Specifies a file containing a private host key used by SSH. The defaults are -.Pa /etc/ssh/ssh_host_dsa_key , .Pa /etc/ssh/ssh_host_ecdsa_key , .Pa /etc/ssh/ssh_host_ed25519_key and @@ -776,7 +776,9 @@ Specifies whether should ignore the user's .Pa ~/.ssh/known_hosts during -.Cm HostbasedAuthentication . +.Cm HostbasedAuthentication +and use only the system-wide known hosts file +.Pa /etc/ssh/known_hosts . The default is .Cm no . .It Cm IPQoS @@ -877,6 +879,12 @@ diffie-hellman-group1-sha1 .It diffie-hellman-group14-sha1 .It +diffie-hellman-group14-sha256 +.It +diffie-hellman-group16-sha512 +.It +diffie-hellman-group18-sha512 +.It diffie-hellman-group-exchange-sha1 .It diffie-hellman-group-exchange-sha256 @@ -893,7 +901,8 @@ The default is: curve25519-sha256,curve25519-sha256@libssh.org, ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, diffie-hellman-group-exchange-sha256, -diffie-hellman-group14-sha1 +diffie-hellman-group16-sha512,diffie-hellman-group18-sha512, +diffie-hellman-group14-sha256,diffie-hellman-group14-sha1 .Ed .Pp The list of available key exchange algorithms may also be obtained using @@ -908,31 +917,47 @@ The following forms may be used: .It .Cm ListenAddress .Sm off -.Ar host | Ar IPv4_addr | Ar IPv6_addr +.Ar hostname | address .Sm on +.Op Cm rdomain Ar domain .It .Cm ListenAddress .Sm off -.Ar host | Ar IPv4_addr : Ar port +.Ar hostname : port .Sm on +.Op Cm rdomain Ar domain .It .Cm ListenAddress .Sm off -.Oo -.Ar host | Ar IPv6_addr Oc : Ar port +.Ar IPv4_address : port .Sm on +.Op Cm rdomain Ar domain +.It +.Cm ListenAddress +.Sm off +.Oo Ar hostname | address Oc : Ar port +.Sm on +.Op Cm rdomain Ar domain .El .Pp +The optional +.Cm rdomain +qualifier requests +.Xr sshd 8 +listen in an explicit routing domain. If .Ar port is not specified, sshd will listen on the address and all .Cm Port options specified. -The default is to listen on all local addresses. +The default is to listen on all local addresses on the current default +routing domain. Multiple .Cm ListenAddress options are permitted. +For more information on routing domains, see +.Xr rdomain 4 . .It Cm LoginGraceTime The server disconnects after this time if the user has not successfully logged in. @@ -1036,8 +1061,15 @@ The available criteria are .Cm Host , .Cm LocalAddress , .Cm LocalPort , +.Cm RDomain , and -.Cm Address . +.Cm Address +(with +.Cm RDomain +representing the +.Xr rdomain 4 +on which the connection was received.) +.Pp The match patterns may consist of single entries or comma-separated lists and may use the wildcard and negation operators described in the .Sx PATTERNS @@ -1100,6 +1132,7 @@ Available keywords are .Cm PubkeyAuthentication , .Cm RekeyLimit , .Cm RevokedKeys , +.Cm RDomain , .Cm StreamLocalBindMask , .Cm StreamLocalBindUnlink , .Cm TrustedUserCAKeys , @@ -1188,7 +1221,6 @@ Specifies whether root can log in using The argument must be .Cm yes , .Cm prohibit-password , -.Cm without-password , .Cm forced-commands-only , or .Cm no . @@ -1197,8 +1229,8 @@ The default is .Pp If this option is set to .Cm prohibit-password -or -.Cm without-password , +(or its deprecated alias, +.Cm without-password ) , password and keyboard-interactive authentication are disabled for root. .Pp If this option is set to @@ -1361,6 +1393,15 @@ an OpenSSH Key Revocation List (KRL) as generated by .Xr ssh-keygen 1 . For more information on KRLs, see the KEY REVOCATION LISTS section in .Xr ssh-keygen 1 . +.It Cm RDomain +Specifies an explicit routing domain that is applied after authentication +has completed. +The user session, as well and any forwarded or listening IP sockets, +will be bound to this +.Xr rdomain 4 . +If the routing domain is set to +.Cm \&%D , +then the domain in which the incoming connection was received will be applied. .It Cm StreamLocalBindMask Sets the octal file creation mode mask .Pq umask @@ -1626,6 +1667,8 @@ which are expanded at runtime: .It %% A literal .Sq % . +.It \&%D +The routing domain in which the incoming connection was received. .It %F The fingerprint of the CA key. .It %f @@ -1662,6 +1705,9 @@ accepts the tokens %%, %h, and %u. .Pp .Cm ChrootDirectory accepts the tokens %%, %h, and %u. +.Pp +.Cm RoutingDomain +accepts the token %D. .Sh FILES .Bl -tag -width Ds .It Pa /etc/ssh/sshd_config diff --git a/sshkey-xmss.c b/sshkey-xmss.c new file mode 100644 index 000000000000..5d66ee790350 --- /dev/null +++ b/sshkey-xmss.c @@ -0,0 +1,1055 @@ +/* $OpenBSD: sshkey-xmss.c,v 1.1 2018/02/23 15:58:38 markus Exp $ */ +/* + * Copyright (c) 2017 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "includes.h" +#ifdef WITH_XMSS + +#include +#include + +#include +#include +#include +#include +#include +#ifdef HAVE_SYS_FILE_H +# include +#endif + +#include "ssh2.h" +#include "ssherr.h" +#include "sshbuf.h" +#include "cipher.h" +#include "sshkey.h" +#include "sshkey-xmss.h" +#include "atomicio.h" + +#include "xmss_fast.h" + +/* opaque internal XMSS state */ +#define XMSS_MAGIC "xmss-state-v1" +#define XMSS_CIPHERNAME "aes256-gcm@openssh.com" +struct ssh_xmss_state { + xmss_params params; + u_int32_t n, w, h, k; + + bds_state bds; + u_char *stack; + u_int32_t stackoffset; + u_char *stacklevels; + u_char *auth; + u_char *keep; + u_char *th_nodes; + u_char *retain; + treehash_inst *treehash; + + u_int32_t idx; /* state read from file */ + u_int32_t maxidx; /* resticted # of signatures */ + int have_state; /* .state file exists */ + int lockfd; /* locked in sshkey_xmss_get_state() */ + int allow_update; /* allow sshkey_xmss_update_state() */ + char *enc_ciphername;/* encrypt state with cipher */ + u_char *enc_keyiv; /* encrypt state with key */ + u_int32_t enc_keyiv_len; /* length of enc_keyiv */ +}; + +int sshkey_xmss_init_bds_state(struct sshkey *); +int sshkey_xmss_init_enc_key(struct sshkey *, const char *); +void sshkey_xmss_free_bds(struct sshkey *); +int sshkey_xmss_get_state_from_file(struct sshkey *, const char *, + int *, sshkey_printfn *); +int sshkey_xmss_encrypt_state(const struct sshkey *, struct sshbuf *, + struct sshbuf **); +int sshkey_xmss_decrypt_state(const struct sshkey *, struct sshbuf *, + struct sshbuf **); +int sshkey_xmss_serialize_enc_key(const struct sshkey *, struct sshbuf *); +int sshkey_xmss_deserialize_enc_key(struct sshkey *, struct sshbuf *); + +#define PRINT(s...) do { if (pr) pr(s); } while (0) + +int +sshkey_xmss_init(struct sshkey *key, const char *name) +{ + struct ssh_xmss_state *state; + + if (key->xmss_state != NULL) + return SSH_ERR_INVALID_FORMAT; + if (name == NULL) + return SSH_ERR_INVALID_FORMAT; + state = calloc(sizeof(struct ssh_xmss_state), 1); + if (state == NULL) + return SSH_ERR_ALLOC_FAIL; + if (strcmp(name, XMSS_SHA2_256_W16_H10_NAME) == 0) { + state->n = 32; + state->w = 16; + state->h = 10; + } else if (strcmp(name, XMSS_SHA2_256_W16_H16_NAME) == 0) { + state->n = 32; + state->w = 16; + state->h = 16; + } else if (strcmp(name, XMSS_SHA2_256_W16_H20_NAME) == 0) { + state->n = 32; + state->w = 16; + state->h = 20; + } else { + free(state); + return SSH_ERR_KEY_TYPE_UNKNOWN; + } + if ((key->xmss_name = strdup(name)) == NULL) { + free(state); + return SSH_ERR_ALLOC_FAIL; + } + state->k = 2; /* XXX hardcoded */ + state->lockfd = -1; + if (xmss_set_params(&state->params, state->n, state->h, state->w, + state->k) != 0) { + free(state); + return SSH_ERR_INVALID_FORMAT; + } + key->xmss_state = state; + return 0; +} + +void +sshkey_xmss_free_state(struct sshkey *key) +{ + struct ssh_xmss_state *state = key->xmss_state; + + sshkey_xmss_free_bds(key); + if (state) { + if (state->enc_keyiv) { + explicit_bzero(state->enc_keyiv, state->enc_keyiv_len); + free(state->enc_keyiv); + } + free(state->enc_ciphername); + free(state); + } + key->xmss_state = NULL; +} + +#define SSH_XMSS_K2_MAGIC "k=2" +#define num_stack(x) ((x->h+1)*(x->n)) +#define num_stacklevels(x) (x->h+1) +#define num_auth(x) ((x->h)*(x->n)) +#define num_keep(x) ((x->h >> 1)*(x->n)) +#define num_th_nodes(x) ((x->h - x->k)*(x->n)) +#define num_retain(x) (((1ULL << x->k) - x->k - 1) * (x->n)) +#define num_treehash(x) ((x->h) - (x->k)) + +int +sshkey_xmss_init_bds_state(struct sshkey *key) +{ + struct ssh_xmss_state *state = key->xmss_state; + u_int32_t i; + + state->stackoffset = 0; + if ((state->stack = calloc(num_stack(state), 1)) == NULL || + (state->stacklevels = calloc(num_stacklevels(state), 1))== NULL || + (state->auth = calloc(num_auth(state), 1)) == NULL || + (state->keep = calloc(num_keep(state), 1)) == NULL || + (state->th_nodes = calloc(num_th_nodes(state), 1)) == NULL || + (state->retain = calloc(num_retain(state), 1)) == NULL || + (state->treehash = calloc(num_treehash(state), + sizeof(treehash_inst))) == NULL) { + sshkey_xmss_free_bds(key); + return SSH_ERR_ALLOC_FAIL; + } + for (i = 0; i < state->h - state->k; i++) + state->treehash[i].node = &state->th_nodes[state->n*i]; + xmss_set_bds_state(&state->bds, state->stack, state->stackoffset, + state->stacklevels, state->auth, state->keep, state->treehash, + state->retain, 0); + return 0; +} + +void +sshkey_xmss_free_bds(struct sshkey *key) +{ + struct ssh_xmss_state *state = key->xmss_state; + + if (state == NULL) + return; + free(state->stack); + free(state->stacklevels); + free(state->auth); + free(state->keep); + free(state->th_nodes); + free(state->retain); + free(state->treehash); + state->stack = NULL; + state->stacklevels = NULL; + state->auth = NULL; + state->keep = NULL; + state->th_nodes = NULL; + state->retain = NULL; + state->treehash = NULL; +} + +void * +sshkey_xmss_params(const struct sshkey *key) +{ + struct ssh_xmss_state *state = key->xmss_state; + + if (state == NULL) + return NULL; + return &state->params; +} + +void * +sshkey_xmss_bds_state(const struct sshkey *key) +{ + struct ssh_xmss_state *state = key->xmss_state; + + if (state == NULL) + return NULL; + return &state->bds; +} + +int +sshkey_xmss_siglen(const struct sshkey *key, size_t *lenp) +{ + struct ssh_xmss_state *state = key->xmss_state; + + if (lenp == NULL) + return SSH_ERR_INVALID_ARGUMENT; + if (state == NULL) + return SSH_ERR_INVALID_FORMAT; + *lenp = 4 + state->n + + state->params.wots_par.keysize + + state->h * state->n; + return 0; +} + +size_t +sshkey_xmss_pklen(const struct sshkey *key) +{ + struct ssh_xmss_state *state = key->xmss_state; + + if (state == NULL) + return 0; + return state->n * 2; +} + +size_t +sshkey_xmss_sklen(const struct sshkey *key) +{ + struct ssh_xmss_state *state = key->xmss_state; + + if (state == NULL) + return 0; + return state->n * 4 + 4; +} + +int +sshkey_xmss_init_enc_key(struct sshkey *k, const char *ciphername) +{ + struct ssh_xmss_state *state = k->xmss_state; + const struct sshcipher *cipher; + size_t keylen = 0, ivlen = 0; + + if (state == NULL) + return SSH_ERR_INVALID_ARGUMENT; + if ((cipher = cipher_by_name(ciphername)) == NULL) + return SSH_ERR_INTERNAL_ERROR; + if ((state->enc_ciphername = strdup(ciphername)) == NULL) + return SSH_ERR_ALLOC_FAIL; + keylen = cipher_keylen(cipher); + ivlen = cipher_ivlen(cipher); + state->enc_keyiv_len = keylen + ivlen; + if ((state->enc_keyiv = calloc(state->enc_keyiv_len, 1)) == NULL) { + free(state->enc_ciphername); + state->enc_ciphername = NULL; + return SSH_ERR_ALLOC_FAIL; + } + arc4random_buf(state->enc_keyiv, state->enc_keyiv_len); + return 0; +} + +int +sshkey_xmss_serialize_enc_key(const struct sshkey *k, struct sshbuf *b) +{ + struct ssh_xmss_state *state = k->xmss_state; + int r; + + if (state == NULL || state->enc_keyiv == NULL || + state->enc_ciphername == NULL) + return SSH_ERR_INVALID_ARGUMENT; + if ((r = sshbuf_put_cstring(b, state->enc_ciphername)) != 0 || + (r = sshbuf_put_string(b, state->enc_keyiv, + state->enc_keyiv_len)) != 0) + return r; + return 0; +} + +int +sshkey_xmss_deserialize_enc_key(struct sshkey *k, struct sshbuf *b) +{ + struct ssh_xmss_state *state = k->xmss_state; + size_t len; + int r; + + if (state == NULL) + return SSH_ERR_INVALID_ARGUMENT; + if ((r = sshbuf_get_cstring(b, &state->enc_ciphername, NULL)) != 0 || + (r = sshbuf_get_string(b, &state->enc_keyiv, &len)) != 0) + return r; + state->enc_keyiv_len = len; + return 0; +} + +int +sshkey_xmss_serialize_pk_info(const struct sshkey *k, struct sshbuf *b, + enum sshkey_serialize_rep opts) +{ + struct ssh_xmss_state *state = k->xmss_state; + u_char have_info = 1; + u_int32_t idx; + int r; + + if (state == NULL) + return SSH_ERR_INVALID_ARGUMENT; + if (opts != SSHKEY_SERIALIZE_INFO) + return 0; + idx = k->xmss_sk ? PEEK_U32(k->xmss_sk) : state->idx; + if ((r = sshbuf_put_u8(b, have_info)) != 0 || + (r = sshbuf_put_u32(b, idx)) != 0 || + (r = sshbuf_put_u32(b, state->maxidx)) != 0) + return r; + return 0; +} + +int +sshkey_xmss_deserialize_pk_info(struct sshkey *k, struct sshbuf *b) +{ + struct ssh_xmss_state *state = k->xmss_state; + u_char have_info; + int r; + + if (state == NULL) + return SSH_ERR_INVALID_ARGUMENT; + /* optional */ + if (sshbuf_len(b) == 0) + return 0; + if ((r = sshbuf_get_u8(b, &have_info)) != 0) + return r; + if (have_info != 1) + return SSH_ERR_INVALID_ARGUMENT; + if ((r = sshbuf_get_u32(b, &state->idx)) != 0 || + (r = sshbuf_get_u32(b, &state->maxidx)) != 0) + return r; + return 0; +} + +int +sshkey_xmss_generate_private_key(struct sshkey *k, u_int bits) +{ + int r; + const char *name; + + if (bits == 10) { + name = XMSS_SHA2_256_W16_H10_NAME; + } else if (bits == 16) { + name = XMSS_SHA2_256_W16_H16_NAME; + } else if (bits == 20) { + name = XMSS_SHA2_256_W16_H20_NAME; + } else { + name = XMSS_DEFAULT_NAME; + } + if ((r = sshkey_xmss_init(k, name)) != 0 || + (r = sshkey_xmss_init_bds_state(k)) != 0 || + (r = sshkey_xmss_init_enc_key(k, XMSS_CIPHERNAME)) != 0) + return r; + if ((k->xmss_pk = malloc(sshkey_xmss_pklen(k))) == NULL || + (k->xmss_sk = malloc(sshkey_xmss_sklen(k))) == NULL) { + return SSH_ERR_ALLOC_FAIL; + } + xmss_keypair(k->xmss_pk, k->xmss_sk, sshkey_xmss_bds_state(k), + sshkey_xmss_params(k)); + return 0; +} + +int +sshkey_xmss_get_state_from_file(struct sshkey *k, const char *filename, + int *have_file, sshkey_printfn *pr) +{ + struct sshbuf *b = NULL, *enc = NULL; + int ret = SSH_ERR_SYSTEM_ERROR, r, fd = -1; + u_int32_t len; + unsigned char buf[4], *data = NULL; + + *have_file = 0; + if ((fd = open(filename, O_RDONLY)) >= 0) { + *have_file = 1; + if (atomicio(read, fd, buf, sizeof(buf)) != sizeof(buf)) { + PRINT("%s: corrupt state file: %s", __func__, filename); + goto done; + } + len = PEEK_U32(buf); + if ((data = calloc(len, 1)) == NULL) { + ret = SSH_ERR_ALLOC_FAIL; + goto done; + } + if (atomicio(read, fd, data, len) != len) { + PRINT("%s: cannot read blob: %s", __func__, filename); + goto done; + } + if ((enc = sshbuf_from(data, len)) == NULL) { + ret = SSH_ERR_ALLOC_FAIL; + goto done; + } + sshkey_xmss_free_bds(k); + if ((r = sshkey_xmss_decrypt_state(k, enc, &b)) != 0) { + ret = r; + goto done; + } + if ((r = sshkey_xmss_deserialize_state(k, b)) != 0) { + ret = r; + goto done; + } + ret = 0; + } +done: + if (fd != -1) + close(fd); + free(data); + sshbuf_free(enc); + sshbuf_free(b); + return ret; +} + +int +sshkey_xmss_get_state(const struct sshkey *k, sshkey_printfn *pr) +{ + struct ssh_xmss_state *state = k->xmss_state; + u_int32_t idx = 0; + char *filename = NULL; + char *statefile = NULL, *ostatefile = NULL, *lockfile = NULL; + int lockfd = -1, have_state = 0, have_ostate, tries = 0; + int ret = SSH_ERR_INVALID_ARGUMENT, r; + + if (state == NULL) + goto done; + /* + * If maxidx is set, then we are allowed a limited number + * of signatures, but don't need to access the disk. + * Otherwise we need to deal with the on-disk state. + */ + if (state->maxidx) { + /* xmss_sk always contains the current state */ + idx = PEEK_U32(k->xmss_sk); + if (idx < state->maxidx) { + state->allow_update = 1; + return 0; + } + return SSH_ERR_INVALID_ARGUMENT; + } + if ((filename = k->xmss_filename) == NULL) + goto done; + if (asprintf(&lockfile, "%s.lock", filename) < 0 || + asprintf(&statefile, "%s.state", filename) < 0 || + asprintf(&ostatefile, "%s.ostate", filename) < 0) { + ret = SSH_ERR_ALLOC_FAIL; + goto done; + } + if ((lockfd = open(lockfile, O_CREAT|O_RDONLY, 0600)) < 0) { + ret = SSH_ERR_SYSTEM_ERROR; + PRINT("%s: cannot open/create: %s", __func__, lockfile); + goto done; + } + while (flock(lockfd, LOCK_EX|LOCK_NB) < 0) { + if (errno != EWOULDBLOCK) { + ret = SSH_ERR_SYSTEM_ERROR; + PRINT("%s: cannot lock: %s", __func__, lockfile); + goto done; + } + if (++tries > 10) { + ret = SSH_ERR_SYSTEM_ERROR; + PRINT("%s: giving up on: %s", __func__, lockfile); + goto done; + } + usleep(1000*100*tries); + } + /* XXX no longer const */ + if ((r = sshkey_xmss_get_state_from_file((struct sshkey *)k, + statefile, &have_state, pr)) != 0) { + if ((r = sshkey_xmss_get_state_from_file((struct sshkey *)k, + ostatefile, &have_ostate, pr)) == 0) { + state->allow_update = 1; + r = sshkey_xmss_forward_state(k, 1); + state->idx = PEEK_U32(k->xmss_sk); + state->allow_update = 0; + } + } + if (!have_state && !have_ostate) { + /* check that bds state is initialized */ + if (state->bds.auth == NULL) + goto done; + PRINT("%s: start from scratch idx 0: %u", __func__, state->idx); + } else if (r != 0) { + ret = r; + goto done; + } + if (state->idx + 1 < state->idx) { + PRINT("%s: state wrap: %u", __func__, state->idx); + goto done; + } + state->have_state = have_state; + state->lockfd = lockfd; + state->allow_update = 1; + lockfd = -1; + ret = 0; +done: + if (lockfd != -1) + close(lockfd); + free(lockfile); + free(statefile); + free(ostatefile); + return ret; +} + +int +sshkey_xmss_forward_state(const struct sshkey *k, u_int32_t reserve) +{ + struct ssh_xmss_state *state = k->xmss_state; + u_char *sig = NULL; + size_t required_siglen; + unsigned long long smlen; + u_char data; + int ret, r; + + if (state == NULL || !state->allow_update) + return SSH_ERR_INVALID_ARGUMENT; + if (reserve == 0) + return SSH_ERR_INVALID_ARGUMENT; + if (state->idx + reserve <= state->idx) + return SSH_ERR_INVALID_ARGUMENT; + if ((r = sshkey_xmss_siglen(k, &required_siglen)) != 0) + return r; + if ((sig = malloc(required_siglen)) == NULL) + return SSH_ERR_ALLOC_FAIL; + while (reserve-- > 0) { + state->idx = PEEK_U32(k->xmss_sk); + smlen = required_siglen; + if ((ret = xmss_sign(k->xmss_sk, sshkey_xmss_bds_state(k), + sig, &smlen, &data, 0, sshkey_xmss_params(k))) != 0) { + r = SSH_ERR_INVALID_ARGUMENT; + break; + } + } + free(sig); + return r; +} + +int +sshkey_xmss_update_state(const struct sshkey *k, sshkey_printfn *pr) +{ + struct ssh_xmss_state *state = k->xmss_state; + struct sshbuf *b = NULL, *enc = NULL; + u_int32_t idx = 0; + unsigned char buf[4]; + char *filename = NULL; + char *statefile = NULL, *ostatefile = NULL, *nstatefile = NULL; + int fd = -1; + int ret = SSH_ERR_INVALID_ARGUMENT; + + if (state == NULL || !state->allow_update) + return ret; + if (state->maxidx) { + /* no update since the number of signatures is limited */ + ret = 0; + goto done; + } + idx = PEEK_U32(k->xmss_sk); + if (idx == state->idx) { + /* no signature happend, no need to update */ + ret = 0; + goto done; + } else if (idx != state->idx + 1) { + PRINT("%s: more than one signature happened: idx %u state %u", + __func__, idx, state->idx); + goto done; + } + state->idx = idx; + if ((filename = k->xmss_filename) == NULL) + goto done; + if (asprintf(&statefile, "%s.state", filename) < 0 || + asprintf(&ostatefile, "%s.ostate", filename) < 0 || + asprintf(&nstatefile, "%s.nstate", filename) < 0) { + ret = SSH_ERR_ALLOC_FAIL; + goto done; + } + unlink(nstatefile); + if ((b = sshbuf_new()) == NULL) { + ret = SSH_ERR_ALLOC_FAIL; + goto done; + } + if ((ret = sshkey_xmss_serialize_state(k, b)) != 0) { + PRINT("%s: SERLIALIZE FAILED: %d", __func__, ret); + goto done; + } + if ((ret = sshkey_xmss_encrypt_state(k, b, &enc)) != 0) { + PRINT("%s: ENCRYPT FAILED: %d", __func__, ret); + goto done; + } + if ((fd = open(nstatefile, O_CREAT|O_WRONLY|O_EXCL, 0600)) < 0) { + ret = SSH_ERR_SYSTEM_ERROR; + PRINT("%s: open new state file: %s", __func__, nstatefile); + goto done; + } + POKE_U32(buf, sshbuf_len(enc)); + if (atomicio(vwrite, fd, buf, sizeof(buf)) != sizeof(buf)) { + ret = SSH_ERR_SYSTEM_ERROR; + PRINT("%s: write new state file hdr: %s", __func__, nstatefile); + close(fd); + goto done; + } + if (atomicio(vwrite, fd, (void *)sshbuf_ptr(enc), sshbuf_len(enc)) != + sshbuf_len(enc)) { + ret = SSH_ERR_SYSTEM_ERROR; + PRINT("%s: write new state file data: %s", __func__, nstatefile); + close(fd); + goto done; + } + if (fsync(fd) < 0) { + ret = SSH_ERR_SYSTEM_ERROR; + PRINT("%s: sync new state file: %s", __func__, nstatefile); + close(fd); + goto done; + } + if (close(fd) < 0) { + ret = SSH_ERR_SYSTEM_ERROR; + PRINT("%s: close new state file: %s", __func__, nstatefile); + goto done; + } + if (state->have_state) { + unlink(ostatefile); + if (link(statefile, ostatefile)) { + ret = SSH_ERR_SYSTEM_ERROR; + PRINT("%s: backup state %s to %s", __func__, statefile, + ostatefile); + goto done; + } + } + if (rename(nstatefile, statefile) < 0) { + ret = SSH_ERR_SYSTEM_ERROR; + PRINT("%s: rename %s to %s", __func__, nstatefile, statefile); + goto done; + } + ret = 0; +done: + if (state->lockfd != -1) { + close(state->lockfd); + state->lockfd = -1; + } + if (nstatefile) + unlink(nstatefile); + free(statefile); + free(ostatefile); + free(nstatefile); + sshbuf_free(b); + sshbuf_free(enc); + return ret; +} + +int +sshkey_xmss_serialize_state(const struct sshkey *k, struct sshbuf *b) +{ + struct ssh_xmss_state *state = k->xmss_state; + treehash_inst *th; + u_int32_t i, node; + int r; + + if (state == NULL) + return SSH_ERR_INVALID_ARGUMENT; + if (state->stack == NULL) + return SSH_ERR_INVALID_ARGUMENT; + state->stackoffset = state->bds.stackoffset; /* copy back */ + if ((r = sshbuf_put_cstring(b, SSH_XMSS_K2_MAGIC)) != 0 || + (r = sshbuf_put_u32(b, state->idx)) != 0 || + (r = sshbuf_put_string(b, state->stack, num_stack(state))) != 0 || + (r = sshbuf_put_u32(b, state->stackoffset)) != 0 || + (r = sshbuf_put_string(b, state->stacklevels, num_stacklevels(state))) != 0 || + (r = sshbuf_put_string(b, state->auth, num_auth(state))) != 0 || + (r = sshbuf_put_string(b, state->keep, num_keep(state))) != 0 || + (r = sshbuf_put_string(b, state->th_nodes, num_th_nodes(state))) != 0 || + (r = sshbuf_put_string(b, state->retain, num_retain(state))) != 0 || + (r = sshbuf_put_u32(b, num_treehash(state))) != 0) + return r; + for (i = 0; i < num_treehash(state); i++) { + th = &state->treehash[i]; + node = th->node - state->th_nodes; + if ((r = sshbuf_put_u32(b, th->h)) != 0 || + (r = sshbuf_put_u32(b, th->next_idx)) != 0 || + (r = sshbuf_put_u32(b, th->stackusage)) != 0 || + (r = sshbuf_put_u8(b, th->completed)) != 0 || + (r = sshbuf_put_u32(b, node)) != 0) + return r; + } + return 0; +} + +int +sshkey_xmss_serialize_state_opt(const struct sshkey *k, struct sshbuf *b, + enum sshkey_serialize_rep opts) +{ + struct ssh_xmss_state *state = k->xmss_state; + int r = SSH_ERR_INVALID_ARGUMENT; + + if (state == NULL) + return SSH_ERR_INVALID_ARGUMENT; + if ((r = sshbuf_put_u8(b, opts)) != 0) + return r; + switch (opts) { + case SSHKEY_SERIALIZE_STATE: + r = sshkey_xmss_serialize_state(k, b); + break; + case SSHKEY_SERIALIZE_FULL: + if ((r = sshkey_xmss_serialize_enc_key(k, b)) != 0) + break; + r = sshkey_xmss_serialize_state(k, b); + break; + case SSHKEY_SERIALIZE_DEFAULT: + r = 0; + break; + default: + r = SSH_ERR_INVALID_ARGUMENT; + break; + } + return r; +} + +int +sshkey_xmss_deserialize_state(struct sshkey *k, struct sshbuf *b) +{ + struct ssh_xmss_state *state = k->xmss_state; + treehash_inst *th; + u_int32_t i, lh, node; + size_t ls, lsl, la, lk, ln, lr; + char *magic; + int r; + + if (state == NULL) + return SSH_ERR_INVALID_ARGUMENT; + if (k->xmss_sk == NULL) + return SSH_ERR_INVALID_ARGUMENT; + if ((state->treehash = calloc(num_treehash(state), + sizeof(treehash_inst))) == NULL) + return SSH_ERR_ALLOC_FAIL; + if ((r = sshbuf_get_cstring(b, &magic, NULL)) != 0 || + (r = sshbuf_get_u32(b, &state->idx)) != 0 || + (r = sshbuf_get_string(b, &state->stack, &ls)) != 0 || + (r = sshbuf_get_u32(b, &state->stackoffset)) != 0 || + (r = sshbuf_get_string(b, &state->stacklevels, &lsl)) != 0 || + (r = sshbuf_get_string(b, &state->auth, &la)) != 0 || + (r = sshbuf_get_string(b, &state->keep, &lk)) != 0 || + (r = sshbuf_get_string(b, &state->th_nodes, &ln)) != 0 || + (r = sshbuf_get_string(b, &state->retain, &lr)) != 0 || + (r = sshbuf_get_u32(b, &lh)) != 0) + return r; + if (strcmp(magic, SSH_XMSS_K2_MAGIC) != 0) + return SSH_ERR_INVALID_ARGUMENT; + /* XXX check stackoffset */ + if (ls != num_stack(state) || + lsl != num_stacklevels(state) || + la != num_auth(state) || + lk != num_keep(state) || + ln != num_th_nodes(state) || + lr != num_retain(state) || + lh != num_treehash(state)) + return SSH_ERR_INVALID_ARGUMENT; + for (i = 0; i < num_treehash(state); i++) { + th = &state->treehash[i]; + if ((r = sshbuf_get_u32(b, &th->h)) != 0 || + (r = sshbuf_get_u32(b, &th->next_idx)) != 0 || + (r = sshbuf_get_u32(b, &th->stackusage)) != 0 || + (r = sshbuf_get_u8(b, &th->completed)) != 0 || + (r = sshbuf_get_u32(b, &node)) != 0) + return r; + if (node < num_th_nodes(state)) + th->node = &state->th_nodes[node]; + } + POKE_U32(k->xmss_sk, state->idx); + xmss_set_bds_state(&state->bds, state->stack, state->stackoffset, + state->stacklevels, state->auth, state->keep, state->treehash, + state->retain, 0); + return 0; +} + +int +sshkey_xmss_deserialize_state_opt(struct sshkey *k, struct sshbuf *b) +{ + enum sshkey_serialize_rep opts; + u_char have_state; + int r; + + if ((r = sshbuf_get_u8(b, &have_state)) != 0) + return r; + + opts = have_state; + switch (opts) { + case SSHKEY_SERIALIZE_DEFAULT: + r = 0; + break; + case SSHKEY_SERIALIZE_STATE: + if ((r = sshkey_xmss_deserialize_state(k, b)) != 0) + return r; + break; + case SSHKEY_SERIALIZE_FULL: + if ((r = sshkey_xmss_deserialize_enc_key(k, b)) != 0 || + (r = sshkey_xmss_deserialize_state(k, b)) != 0) + return r; + break; + default: + r = SSH_ERR_INVALID_FORMAT; + break; + } + return r; +} + +int +sshkey_xmss_encrypt_state(const struct sshkey *k, struct sshbuf *b, + struct sshbuf **retp) +{ + struct ssh_xmss_state *state = k->xmss_state; + struct sshbuf *encrypted = NULL, *encoded = NULL, *padded = NULL; + struct sshcipher_ctx *ciphercontext = NULL; + const struct sshcipher *cipher; + u_char *cp, *key, *iv = NULL; + size_t i, keylen, ivlen, blocksize, authlen, encrypted_len, aadlen; + int r = SSH_ERR_INTERNAL_ERROR; + + if (retp != NULL) + *retp = NULL; + if (state == NULL || + state->enc_keyiv == NULL || + state->enc_ciphername == NULL) + return SSH_ERR_INTERNAL_ERROR; + if ((cipher = cipher_by_name(state->enc_ciphername)) == NULL) { + r = SSH_ERR_INTERNAL_ERROR; + goto out; + } + blocksize = cipher_blocksize(cipher); + keylen = cipher_keylen(cipher); + ivlen = cipher_ivlen(cipher); + authlen = cipher_authlen(cipher); + if (state->enc_keyiv_len != keylen + ivlen) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } + key = state->enc_keyiv; + if ((encrypted = sshbuf_new()) == NULL || + (encoded = sshbuf_new()) == NULL || + (padded = sshbuf_new()) == NULL || + (iv = malloc(ivlen)) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto out; + } + + /* replace first 4 bytes of IV with index to ensure uniqueness */ + memcpy(iv, key + keylen, ivlen); + POKE_U32(iv, state->idx); + + if ((r = sshbuf_put(encoded, XMSS_MAGIC, sizeof(XMSS_MAGIC))) != 0 || + (r = sshbuf_put_u32(encoded, state->idx)) != 0) + goto out; + + /* padded state will be encrypted */ + if ((r = sshbuf_putb(padded, b)) != 0) + goto out; + i = 0; + while (sshbuf_len(padded) % blocksize) { + if ((r = sshbuf_put_u8(padded, ++i & 0xff)) != 0) + goto out; + } + encrypted_len = sshbuf_len(padded); + + /* header including the length of state is used as AAD */ + if ((r = sshbuf_put_u32(encoded, encrypted_len)) != 0) + goto out; + aadlen = sshbuf_len(encoded); + + /* concat header and state */ + if ((r = sshbuf_putb(encoded, padded)) != 0) + goto out; + + /* reserve space for encryption of encoded data plus auth tag */ + /* encrypt at offset addlen */ + if ((r = sshbuf_reserve(encrypted, + encrypted_len + aadlen + authlen, &cp)) != 0 || + (r = cipher_init(&ciphercontext, cipher, key, keylen, + iv, ivlen, 1)) != 0 || + (r = cipher_crypt(ciphercontext, 0, cp, sshbuf_ptr(encoded), + encrypted_len, aadlen, authlen)) != 0) + goto out; + + /* success */ + r = 0; + out: + if (retp != NULL) { + *retp = encrypted; + encrypted = NULL; + } + sshbuf_free(padded); + sshbuf_free(encoded); + sshbuf_free(encrypted); + cipher_free(ciphercontext); + free(iv); + return r; +} + +int +sshkey_xmss_decrypt_state(const struct sshkey *k, struct sshbuf *encoded, + struct sshbuf **retp) +{ + struct ssh_xmss_state *state = k->xmss_state; + struct sshbuf *copy = NULL, *decrypted = NULL; + struct sshcipher_ctx *ciphercontext = NULL; + const struct sshcipher *cipher = NULL; + u_char *key, *iv = NULL, *dp; + size_t keylen, ivlen, authlen, aadlen; + u_int blocksize, encrypted_len, index; + int r = SSH_ERR_INTERNAL_ERROR; + + if (retp != NULL) + *retp = NULL; + if (state == NULL || + state->enc_keyiv == NULL || + state->enc_ciphername == NULL) + return SSH_ERR_INTERNAL_ERROR; + if ((cipher = cipher_by_name(state->enc_ciphername)) == NULL) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } + blocksize = cipher_blocksize(cipher); + keylen = cipher_keylen(cipher); + ivlen = cipher_ivlen(cipher); + authlen = cipher_authlen(cipher); + if (state->enc_keyiv_len != keylen + ivlen) { + r = SSH_ERR_INTERNAL_ERROR; + goto out; + } + key = state->enc_keyiv; + + if ((copy = sshbuf_fromb(encoded)) == NULL || + (decrypted = sshbuf_new()) == NULL || + (iv = malloc(ivlen)) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto out; + } + + /* check magic */ + if (sshbuf_len(encoded) < sizeof(XMSS_MAGIC) || + memcmp(sshbuf_ptr(encoded), XMSS_MAGIC, sizeof(XMSS_MAGIC))) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } + /* parse public portion */ + if ((r = sshbuf_consume(encoded, sizeof(XMSS_MAGIC))) != 0 || + (r = sshbuf_get_u32(encoded, &index)) != 0 || + (r = sshbuf_get_u32(encoded, &encrypted_len)) != 0) + goto out; + + /* check size of encrypted key blob */ + if (encrypted_len < blocksize || (encrypted_len % blocksize) != 0) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } + /* check that an appropriate amount of auth data is present */ + if (sshbuf_len(encoded) < encrypted_len + authlen) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } + + aadlen = sshbuf_len(copy) - sshbuf_len(encoded); + + /* replace first 4 bytes of IV with index to ensure uniqueness */ + memcpy(iv, key + keylen, ivlen); + POKE_U32(iv, index); + + /* decrypt private state of key */ + if ((r = sshbuf_reserve(decrypted, aadlen + encrypted_len, &dp)) != 0 || + (r = cipher_init(&ciphercontext, cipher, key, keylen, + iv, ivlen, 0)) != 0 || + (r = cipher_crypt(ciphercontext, 0, dp, sshbuf_ptr(copy), + encrypted_len, aadlen, authlen)) != 0) + goto out; + + /* there should be no trailing data */ + if ((r = sshbuf_consume(encoded, encrypted_len + authlen)) != 0) + goto out; + if (sshbuf_len(encoded) != 0) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } + + /* remove AAD */ + if ((r = sshbuf_consume(decrypted, aadlen)) != 0) + goto out; + /* XXX encrypted includes unchecked padding */ + + /* success */ + r = 0; + if (retp != NULL) { + *retp = decrypted; + decrypted = NULL; + } + out: + cipher_free(ciphercontext); + sshbuf_free(copy); + sshbuf_free(decrypted); + free(iv); + return r; +} + +u_int32_t +sshkey_xmss_signatures_left(const struct sshkey *k) +{ + struct ssh_xmss_state *state = k->xmss_state; + u_int32_t idx; + + if (sshkey_type_plain(k->type) == KEY_XMSS && state && + state->maxidx) { + idx = k->xmss_sk ? PEEK_U32(k->xmss_sk) : state->idx; + if (idx < state->maxidx) + return state->maxidx - idx; + } + return 0; +} + +int +sshkey_xmss_enable_maxsign(struct sshkey *k, u_int32_t maxsign) +{ + struct ssh_xmss_state *state = k->xmss_state; + + if (sshkey_type_plain(k->type) != KEY_XMSS) + return SSH_ERR_INVALID_ARGUMENT; + if (maxsign == 0) + return 0; + if (state->idx + maxsign < state->idx) + return SSH_ERR_INVALID_ARGUMENT; + state->maxidx = state->idx + maxsign; + return 0; +} +#endif /* WITH_XMSS */ diff --git a/sshkey-xmss.h b/sshkey-xmss.h new file mode 100644 index 000000000000..b9f8ead1047f --- /dev/null +++ b/sshkey-xmss.h @@ -0,0 +1,56 @@ +/* $OpenBSD: sshkey-xmss.h,v 1.1 2018/02/23 15:58:38 markus Exp $ */ +/* + * Copyright (c) 2017 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef SSHKEY_XMSS_H +#define SSHKEY_XMSS_H + +#define XMSS_SHA2_256_W16_H10_NAME "XMSS_SHA2-256_W16_H10" +#define XMSS_SHA2_256_W16_H16_NAME "XMSS_SHA2-256_W16_H16" +#define XMSS_SHA2_256_W16_H20_NAME "XMSS_SHA2-256_W16_H20" +#define XMSS_DEFAULT_NAME XMSS_SHA2_256_W16_H10_NAME + +size_t sshkey_xmss_pklen(const struct sshkey *); +size_t sshkey_xmss_sklen(const struct sshkey *); +int sshkey_xmss_init(struct sshkey *, const char *); +void sshkey_xmss_free_state(struct sshkey *); +int sshkey_xmss_generate_private_key(struct sshkey *, u_int); +int sshkey_xmss_serialize_state(const struct sshkey *, struct sshbuf *); +int sshkey_xmss_serialize_state_opt(const struct sshkey *, struct sshbuf *, + enum sshkey_serialize_rep); +int sshkey_xmss_serialize_pk_info(const struct sshkey *, struct sshbuf *, + enum sshkey_serialize_rep); +int sshkey_xmss_deserialize_state(struct sshkey *, struct sshbuf *); +int sshkey_xmss_deserialize_state_opt(struct sshkey *, struct sshbuf *); +int sshkey_xmss_deserialize_pk_info(struct sshkey *, struct sshbuf *); + +int sshkey_xmss_siglen(const struct sshkey *, size_t *); +void *sshkey_xmss_params(const struct sshkey *); +void *sshkey_xmss_bds_state(const struct sshkey *); +int sshkey_xmss_get_state(const struct sshkey *, sshkey_printfn *); +int sshkey_xmss_enable_maxsign(struct sshkey *, u_int32_t); +int sshkey_xmss_forward_state(const struct sshkey *, u_int32_t); +int sshkey_xmss_update_state(const struct sshkey *, sshkey_printfn *); +u_int32_t sshkey_xmss_signatures_left(const struct sshkey *); + +#endif /* SSHKEY_XMSS_H */ diff --git a/sshkey.c b/sshkey.c index e91c54f53bbd..7712fba2363b 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.56 2017/08/12 06:42:52 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.64 2018/03/22 07:05:48 markus Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -55,8 +55,11 @@ #include "digest.h" #define SSHKEY_INTERNAL #include "sshkey.h" +#include "sshkey-xmss.h" #include "match.h" +#include "xmss_fast.h" + /* openssh private key file format */ #define MARK_BEGIN "-----BEGIN OPENSSH PRIVATE KEY-----\n" #define MARK_END "-----END OPENSSH PRIVATE KEY-----\n" @@ -71,6 +74,8 @@ /* Version identification string for SSH v1 identity files. */ #define LEGACY_BEGIN "SSH PRIVATE KEY FILE FORMAT 1.1\n" +int sshkey_private_serialize_opt(const struct sshkey *key, + struct sshbuf *buf, enum sshkey_serialize_rep); static int sshkey_from_blob_internal(struct sshbuf *buf, struct sshkey **keyp, int allow_cert); @@ -87,6 +92,11 @@ static const struct keytype keytypes[] = { { "ssh-ed25519", "ED25519", KEY_ED25519, 0, 0, 0 }, { "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT", KEY_ED25519_CERT, 0, 1, 0 }, +#ifdef WITH_XMSS + { "ssh-xmss@openssh.com", "XMSS", KEY_XMSS, 0, 0, 0 }, + { "ssh-xmss-cert-v01@openssh.com", "XMSS-CERT", + KEY_XMSS_CERT, 0, 1, 0 }, +#endif /* WITH_XMSS */ #ifdef WITH_OPENSSL { "ssh-rsa", "RSA", KEY_RSA, 0, 0, 0 }, { "rsa-sha2-256", "RSA", KEY_RSA, 0, 0, 1 }, @@ -274,6 +284,8 @@ sshkey_size(const struct sshkey *k) #endif /* WITH_OPENSSL */ case KEY_ED25519: case KEY_ED25519_CERT: + case KEY_XMSS: + case KEY_XMSS_CERT: return 256; /* XXX */ } return 0; @@ -287,6 +299,7 @@ sshkey_type_is_valid_ca(int type) case KEY_DSA: case KEY_ECDSA: case KEY_ED25519: + case KEY_XMSS: return 1; default: return 0; @@ -314,6 +327,8 @@ sshkey_type_plain(int type) return KEY_ECDSA; case KEY_ED25519_CERT: return KEY_ED25519; + case KEY_XMSS_CERT: + return KEY_XMSS; default: return type; } @@ -420,8 +435,7 @@ cert_free(struct sshkey_cert *cert) free(cert->principals[i]); free(cert->principals); sshkey_free(cert->signature_key); - explicit_bzero(cert, sizeof(*cert)); - free(cert); + freezero(cert, sizeof(*cert)); } static struct sshkey_cert * @@ -462,6 +476,8 @@ sshkey_new(int type) k->cert = NULL; k->ed25519_sk = NULL; k->ed25519_pk = NULL; + k->xmss_sk = NULL; + k->xmss_pk = NULL; switch (k->type) { #ifdef WITH_OPENSSL case KEY_RSA: @@ -469,8 +485,7 @@ sshkey_new(int type) if ((rsa = RSA_new()) == NULL || (rsa->n = BN_new()) == NULL || (rsa->e = BN_new()) == NULL) { - if (rsa != NULL) - RSA_free(rsa); + RSA_free(rsa); free(k); return NULL; } @@ -483,8 +498,7 @@ sshkey_new(int type) (dsa->q = BN_new()) == NULL || (dsa->g = BN_new()) == NULL || (dsa->pub_key = BN_new()) == NULL) { - if (dsa != NULL) - DSA_free(dsa); + DSA_free(dsa); free(k); return NULL; } @@ -497,6 +511,8 @@ sshkey_new(int type) #endif /* WITH_OPENSSL */ case KEY_ED25519: case KEY_ED25519_CERT: + case KEY_XMSS: + case KEY_XMSS_CERT: /* no need to prealloc */ break; case KEY_UNSPEC: @@ -545,6 +561,8 @@ sshkey_add_private(struct sshkey *k) #endif /* WITH_OPENSSL */ case KEY_ED25519: case KEY_ED25519_CERT: + case KEY_XMSS: + case KEY_XMSS_CERT: /* no need to prealloc */ break; case KEY_UNSPEC: @@ -578,38 +596,43 @@ sshkey_free(struct sshkey *k) #ifdef WITH_OPENSSL case KEY_RSA: case KEY_RSA_CERT: - if (k->rsa != NULL) - RSA_free(k->rsa); + RSA_free(k->rsa); k->rsa = NULL; break; case KEY_DSA: case KEY_DSA_CERT: - if (k->dsa != NULL) - DSA_free(k->dsa); + DSA_free(k->dsa); k->dsa = NULL; break; # ifdef OPENSSL_HAS_ECC case KEY_ECDSA: case KEY_ECDSA_CERT: - if (k->ecdsa != NULL) - EC_KEY_free(k->ecdsa); + EC_KEY_free(k->ecdsa); k->ecdsa = NULL; break; # endif /* OPENSSL_HAS_ECC */ #endif /* WITH_OPENSSL */ case KEY_ED25519: case KEY_ED25519_CERT: - if (k->ed25519_pk) { - explicit_bzero(k->ed25519_pk, ED25519_PK_SZ); - free(k->ed25519_pk); - k->ed25519_pk = NULL; - } - if (k->ed25519_sk) { - explicit_bzero(k->ed25519_sk, ED25519_SK_SZ); - free(k->ed25519_sk); - k->ed25519_sk = NULL; - } + freezero(k->ed25519_pk, ED25519_PK_SZ); + k->ed25519_pk = NULL; + freezero(k->ed25519_sk, ED25519_SK_SZ); + k->ed25519_sk = NULL; break; +#ifdef WITH_XMSS + case KEY_XMSS: + case KEY_XMSS_CERT: + freezero(k->xmss_pk, sshkey_xmss_pklen(k)); + k->xmss_pk = NULL; + freezero(k->xmss_sk, sshkey_xmss_sklen(k)); + k->xmss_sk = NULL; + sshkey_xmss_free_state(k); + free(k->xmss_name); + k->xmss_name = NULL; + free(k->xmss_filename); + k->xmss_filename = NULL; + break; +#endif /* WITH_XMSS */ case KEY_UNSPEC: break; default: @@ -617,8 +640,7 @@ sshkey_free(struct sshkey *k) } if (sshkey_is_cert(k)) cert_free(k->cert); - explicit_bzero(k, sizeof(*k)); - free(k); + freezero(k, sizeof(*k)); } static int @@ -690,6 +712,13 @@ sshkey_equal_public(const struct sshkey *a, const struct sshkey *b) case KEY_ED25519_CERT: return a->ed25519_pk != NULL && b->ed25519_pk != NULL && memcmp(a->ed25519_pk, b->ed25519_pk, ED25519_PK_SZ) == 0; +#ifdef WITH_XMSS + case KEY_XMSS: + case KEY_XMSS_CERT: + return a->xmss_pk != NULL && b->xmss_pk != NULL && + sshkey_xmss_pklen(a) == sshkey_xmss_pklen(b) && + memcmp(a->xmss_pk, b->xmss_pk, sshkey_xmss_pklen(a)) == 0; +#endif /* WITH_XMSS */ default: return 0; } @@ -709,7 +738,8 @@ sshkey_equal(const struct sshkey *a, const struct sshkey *b) } static int -to_blob_buf(const struct sshkey *key, struct sshbuf *b, int force_plain) +to_blob_buf(const struct sshkey *key, struct sshbuf *b, int force_plain, + enum sshkey_serialize_rep opts) { int type, ret = SSH_ERR_INTERNAL_ERROR; const char *typename; @@ -733,6 +763,9 @@ to_blob_buf(const struct sshkey *key, struct sshbuf *b, int force_plain) case KEY_RSA_CERT: #endif /* WITH_OPENSSL */ case KEY_ED25519_CERT: +#ifdef WITH_XMSS + case KEY_XMSS_CERT: +#endif /* WITH_XMSS */ /* Use the existing blob */ /* XXX modified flag? */ if ((ret = sshbuf_putb(b, key->cert->certblob)) != 0) @@ -777,6 +810,19 @@ to_blob_buf(const struct sshkey *key, struct sshbuf *b, int force_plain) key->ed25519_pk, ED25519_PK_SZ)) != 0) return ret; break; +#ifdef WITH_XMSS + case KEY_XMSS: + if (key->xmss_name == NULL || key->xmss_pk == NULL || + sshkey_xmss_pklen(key) == 0) + return SSH_ERR_INVALID_ARGUMENT; + if ((ret = sshbuf_put_cstring(b, typename)) != 0 || + (ret = sshbuf_put_cstring(b, key->xmss_name)) != 0 || + (ret = sshbuf_put_string(b, + key->xmss_pk, sshkey_xmss_pklen(key))) != 0 || + (ret = sshkey_xmss_serialize_pk_info(key, b, opts)) != 0) + return ret; + break; +#endif /* WITH_XMSS */ default: return SSH_ERR_KEY_TYPE_UNKNOWN; } @@ -786,32 +832,40 @@ to_blob_buf(const struct sshkey *key, struct sshbuf *b, int force_plain) int sshkey_putb(const struct sshkey *key, struct sshbuf *b) { - return to_blob_buf(key, b, 0); + return to_blob_buf(key, b, 0, SSHKEY_SERIALIZE_DEFAULT); } int -sshkey_puts(const struct sshkey *key, struct sshbuf *b) +sshkey_puts_opts(const struct sshkey *key, struct sshbuf *b, + enum sshkey_serialize_rep opts) { struct sshbuf *tmp; int r; if ((tmp = sshbuf_new()) == NULL) return SSH_ERR_ALLOC_FAIL; - r = to_blob_buf(key, tmp, 0); + r = to_blob_buf(key, tmp, 0, opts); if (r == 0) r = sshbuf_put_stringb(b, tmp); sshbuf_free(tmp); return r; } +int +sshkey_puts(const struct sshkey *key, struct sshbuf *b) +{ + return sshkey_puts_opts(key, b, SSHKEY_SERIALIZE_DEFAULT); +} + int sshkey_putb_plain(const struct sshkey *key, struct sshbuf *b) { - return to_blob_buf(key, b, 1); + return to_blob_buf(key, b, 1, SSHKEY_SERIALIZE_DEFAULT); } static int -to_blob(const struct sshkey *key, u_char **blobp, size_t *lenp, int force_plain) +to_blob(const struct sshkey *key, u_char **blobp, size_t *lenp, int force_plain, + enum sshkey_serialize_rep opts) { int ret = SSH_ERR_INTERNAL_ERROR; size_t len; @@ -823,7 +877,7 @@ to_blob(const struct sshkey *key, u_char **blobp, size_t *lenp, int force_plain) *blobp = NULL; if ((b = sshbuf_new()) == NULL) return SSH_ERR_ALLOC_FAIL; - if ((ret = to_blob_buf(key, b, force_plain)) != 0) + if ((ret = to_blob_buf(key, b, force_plain, opts)) != 0) goto out; len = sshbuf_len(b); if (lenp != NULL) @@ -844,13 +898,13 @@ to_blob(const struct sshkey *key, u_char **blobp, size_t *lenp, int force_plain) int sshkey_to_blob(const struct sshkey *key, u_char **blobp, size_t *lenp) { - return to_blob(key, blobp, lenp, 0); + return to_blob(key, blobp, lenp, 0, SSHKEY_SERIALIZE_DEFAULT); } int sshkey_plain_to_blob(const struct sshkey *key, u_char **blobp, size_t *lenp) { - return to_blob(key, blobp, lenp, 1); + return to_blob(key, blobp, lenp, 1, SSHKEY_SERIALIZE_DEFAULT); } int @@ -869,7 +923,8 @@ sshkey_fingerprint_raw(const struct sshkey *k, int dgst_alg, r = SSH_ERR_INVALID_ARGUMENT; goto out; } - if ((r = to_blob(k, &blob, &blob_len, 1)) != 0) + if ((r = to_blob(k, &blob, &blob_len, 1, SSHKEY_SERIALIZE_DEFAULT)) + != 0) goto out; if ((ret = calloc(1, SSH_DIGEST_MAX_LENGTH)) == NULL) { r = SSH_ERR_ALLOC_FAIL; @@ -911,8 +966,7 @@ fingerprint_b64(const char *alg, u_char *dgst_raw, size_t dgst_raw_len) return ret; if ((r = b64_ntop(dgst_raw, dgst_raw_len, ret + plen, rlen - plen)) == -1) { - explicit_bzero(ret, rlen); - free(ret); + freezero(ret, rlen); return NULL; } /* Trim padding characters from end */ @@ -1161,22 +1215,37 @@ sshkey_fingerprint(const struct sshkey *k, int dgst_alg, return retval; } +static int +peek_type_nid(const char *s, size_t l, int *nid) +{ + const struct keytype *kt; -/* returns 0 ok, and < 0 error */ + for (kt = keytypes; kt->type != -1; kt++) { + if (kt->name == NULL || strlen(kt->name) != l) + continue; + if (memcmp(s, kt->name, l) == 0) { + *nid = -1; + if (kt->type == KEY_ECDSA || kt->type == KEY_ECDSA_CERT) + *nid = kt->nid; + return kt->type; + } + } + return KEY_UNSPEC; +} + +/* XXX this can now be made const char * */ int sshkey_read(struct sshkey *ret, char **cpp) { struct sshkey *k; - int retval = SSH_ERR_INVALID_FORMAT; - char *ep, *cp, *space; + char *cp, *blobcopy; + size_t space; int r, type, curve_nid = -1; struct sshbuf *blob; if (ret == NULL) return SSH_ERR_INVALID_ARGUMENT; - cp = *cpp; - switch (ret->type) { case KEY_UNSPEC: case KEY_RSA: @@ -1187,120 +1256,147 @@ sshkey_read(struct sshkey *ret, char **cpp) case KEY_ECDSA_CERT: case KEY_RSA_CERT: case KEY_ED25519_CERT: - space = strchr(cp, ' '); - if (space == NULL) - return SSH_ERR_INVALID_FORMAT; - *space = '\0'; - type = sshkey_type_from_name(cp); - if (sshkey_type_plain(type) == KEY_ECDSA && - (curve_nid = sshkey_ecdsa_nid_from_name(cp)) == -1) - return SSH_ERR_EC_CURVE_INVALID; - *space = ' '; - if (type == KEY_UNSPEC) - return SSH_ERR_INVALID_FORMAT; - cp = space+1; - if (*cp == '\0') - return SSH_ERR_INVALID_FORMAT; - if (ret->type != KEY_UNSPEC && ret->type != type) - return SSH_ERR_KEY_TYPE_MISMATCH; - if ((blob = sshbuf_new()) == NULL) - return SSH_ERR_ALLOC_FAIL; - /* trim comment */ - space = strchr(cp, ' '); - if (space) { - /* advance 'space': skip whitespace */ - *space++ = '\0'; - while (*space == ' ' || *space == '\t') - space++; - ep = space; - } else - ep = cp + strlen(cp); - if ((r = sshbuf_b64tod(blob, cp)) != 0) { - sshbuf_free(blob); - return r; - } - if ((r = sshkey_from_blob(sshbuf_ptr(blob), - sshbuf_len(blob), &k)) != 0) { - sshbuf_free(blob); - return r; - } - sshbuf_free(blob); - if (k->type != type) { - sshkey_free(k); - return SSH_ERR_KEY_TYPE_MISMATCH; - } - if (sshkey_type_plain(type) == KEY_ECDSA && - curve_nid != k->ecdsa_nid) { - sshkey_free(k); - return SSH_ERR_EC_CURVE_MISMATCH; - } - ret->type = type; - if (sshkey_is_cert(ret)) { - if (!sshkey_is_cert(k)) { - sshkey_free(k); - return SSH_ERR_EXPECTED_CERT; - } - if (ret->cert != NULL) - cert_free(ret->cert); - ret->cert = k->cert; - k->cert = NULL; - } - switch (sshkey_type_plain(ret->type)) { -#ifdef WITH_OPENSSL - case KEY_RSA: - if (ret->rsa != NULL) - RSA_free(ret->rsa); - ret->rsa = k->rsa; - k->rsa = NULL; -#ifdef DEBUG_PK - RSA_print_fp(stderr, ret->rsa, 8); -#endif - break; - case KEY_DSA: - if (ret->dsa != NULL) - DSA_free(ret->dsa); - ret->dsa = k->dsa; - k->dsa = NULL; -#ifdef DEBUG_PK - DSA_print_fp(stderr, ret->dsa, 8); -#endif - break; -# ifdef OPENSSL_HAS_ECC - case KEY_ECDSA: - if (ret->ecdsa != NULL) - EC_KEY_free(ret->ecdsa); - ret->ecdsa = k->ecdsa; - ret->ecdsa_nid = k->ecdsa_nid; - k->ecdsa = NULL; - k->ecdsa_nid = -1; -#ifdef DEBUG_PK - sshkey_dump_ec_key(ret->ecdsa); -#endif - break; -# endif /* OPENSSL_HAS_ECC */ -#endif /* WITH_OPENSSL */ - case KEY_ED25519: - free(ret->ed25519_pk); - ret->ed25519_pk = k->ed25519_pk; - k->ed25519_pk = NULL; -#ifdef DEBUG_PK - /* XXX */ -#endif - break; - } - *cpp = ep; - retval = 0; -/*XXXX*/ - sshkey_free(k); - if (retval != 0) - break; - break; +#ifdef WITH_XMSS + case KEY_XMSS: + case KEY_XMSS_CERT: +#endif /* WITH_XMSS */ + break; /* ok */ default: return SSH_ERR_INVALID_ARGUMENT; } - return retval; + + /* Decode type */ + cp = *cpp; + space = strcspn(cp, " \t"); + if (space == strlen(cp)) + return SSH_ERR_INVALID_FORMAT; + if ((type = peek_type_nid(cp, space, &curve_nid)) == KEY_UNSPEC) + return SSH_ERR_INVALID_FORMAT; + + /* skip whitespace */ + for (cp += space; *cp == ' ' || *cp == '\t'; cp++) + ; + if (*cp == '\0') + return SSH_ERR_INVALID_FORMAT; + if (ret->type != KEY_UNSPEC && ret->type != type) + return SSH_ERR_KEY_TYPE_MISMATCH; + if ((blob = sshbuf_new()) == NULL) + return SSH_ERR_ALLOC_FAIL; + + /* find end of keyblob and decode */ + space = strcspn(cp, " \t"); + if ((blobcopy = strndup(cp, space)) == NULL) { + sshbuf_free(blob); + return SSH_ERR_ALLOC_FAIL; + } + if ((r = sshbuf_b64tod(blob, blobcopy)) != 0) { + free(blobcopy); + sshbuf_free(blob); + return r; + } + free(blobcopy); + if ((r = sshkey_fromb(blob, &k)) != 0) { + sshbuf_free(blob); + return r; + } + sshbuf_free(blob); + + /* skip whitespace and leave cp at start of comment */ + for (cp += space; *cp == ' ' || *cp == '\t'; cp++) + ; + + /* ensure type of blob matches type at start of line */ + if (k->type != type) { + sshkey_free(k); + return SSH_ERR_KEY_TYPE_MISMATCH; + } + if (sshkey_type_plain(type) == KEY_ECDSA && curve_nid != k->ecdsa_nid) { + sshkey_free(k); + return SSH_ERR_EC_CURVE_MISMATCH; + } + + /* Fill in ret from parsed key */ + ret->type = type; + if (sshkey_is_cert(ret)) { + if (!sshkey_is_cert(k)) { + sshkey_free(k); + return SSH_ERR_EXPECTED_CERT; + } + if (ret->cert != NULL) + cert_free(ret->cert); + ret->cert = k->cert; + k->cert = NULL; + } + switch (sshkey_type_plain(ret->type)) { +#ifdef WITH_OPENSSL + case KEY_RSA: + RSA_free(ret->rsa); + ret->rsa = k->rsa; + k->rsa = NULL; +#ifdef DEBUG_PK + RSA_print_fp(stderr, ret->rsa, 8); +#endif + break; + case KEY_DSA: + DSA_free(ret->dsa); + ret->dsa = k->dsa; + k->dsa = NULL; +#ifdef DEBUG_PK + DSA_print_fp(stderr, ret->dsa, 8); +#endif + break; +# ifdef OPENSSL_HAS_ECC + case KEY_ECDSA: + EC_KEY_free(ret->ecdsa); + ret->ecdsa = k->ecdsa; + ret->ecdsa_nid = k->ecdsa_nid; + k->ecdsa = NULL; + k->ecdsa_nid = -1; +#ifdef DEBUG_PK + sshkey_dump_ec_key(ret->ecdsa); +#endif + break; +# endif /* OPENSSL_HAS_ECC */ +#endif /* WITH_OPENSSL */ + case KEY_ED25519: + freezero(ret->ed25519_pk, ED25519_PK_SZ); + ret->ed25519_pk = k->ed25519_pk; + k->ed25519_pk = NULL; +#ifdef DEBUG_PK + /* XXX */ +#endif + break; +#ifdef WITH_XMSS + case KEY_XMSS: + free(ret->xmss_pk); + ret->xmss_pk = k->xmss_pk; + k->xmss_pk = NULL; + free(ret->xmss_state); + ret->xmss_state = k->xmss_state; + k->xmss_state = NULL; + free(ret->xmss_name); + ret->xmss_name = k->xmss_name; + k->xmss_name = NULL; + free(ret->xmss_filename); + ret->xmss_filename = k->xmss_filename; + k->xmss_filename = NULL; +#ifdef DEBUG_PK + /* XXX */ +#endif + break; +#endif /* WITH_XMSS */ + default: + sshkey_free(k); + return SSH_ERR_INTERNAL_ERROR; + } + sshkey_free(k); + + /* success */ + *cpp = cp; + return 0; } + int sshkey_to_base64(const struct sshkey *key, char **b64p) { @@ -1410,10 +1506,8 @@ rsa_generate_private_key(u_int bits, RSA **rsap) private = NULL; ret = 0; out: - if (private != NULL) - RSA_free(private); - if (f4 != NULL) - BN_free(f4); + RSA_free(private); + BN_free(f4); return ret; } @@ -1441,8 +1535,7 @@ dsa_generate_private_key(u_int bits, DSA **dsap) private = NULL; ret = 0; out: - if (private != NULL) - DSA_free(private); + DSA_free(private); return ret; } @@ -1521,8 +1614,7 @@ ecdsa_generate_private_key(u_int bits, int *nid, EC_KEY **ecdsap) private = NULL; ret = 0; out: - if (private != NULL) - EC_KEY_free(private); + EC_KEY_free(private); return ret; } # endif /* OPENSSL_HAS_ECC */ @@ -1549,6 +1641,11 @@ sshkey_generate(int type, u_int bits, struct sshkey **keyp) crypto_sign_ed25519_keypair(k->ed25519_pk, k->ed25519_sk); ret = 0; break; +#ifdef WITH_XMSS + case KEY_XMSS: + ret = sshkey_xmss_generate_private_key(k, bits); + break; +#endif /* WITH_XMSS */ #ifdef WITH_OPENSSL case KEY_DSA: ret = dsa_generate_private_key(bits, &k->dsa); @@ -1692,6 +1789,29 @@ sshkey_from_private(const struct sshkey *k, struct sshkey **pkp) memcpy(n->ed25519_pk, k->ed25519_pk, ED25519_PK_SZ); } break; +#ifdef WITH_XMSS + case KEY_XMSS: + case KEY_XMSS_CERT: + if ((n = sshkey_new(k->type)) == NULL) + return SSH_ERR_ALLOC_FAIL; + if ((ret = sshkey_xmss_init(n, k->xmss_name)) != 0) { + sshkey_free(n); + return ret; + } + if (k->xmss_pk != NULL) { + size_t pklen = sshkey_xmss_pklen(k); + if (pklen == 0 || sshkey_xmss_pklen(n) != pklen) { + sshkey_free(n); + return SSH_ERR_INTERNAL_ERROR; + } + if ((n->xmss_pk = malloc(pklen)) == NULL) { + sshkey_free(n); + return SSH_ERR_ALLOC_FAIL; + } + memcpy(n->xmss_pk, k->xmss_pk, pklen); + } + break; +#endif /* WITH_XMSS */ default: return SSH_ERR_KEY_TYPE_UNKNOWN; } @@ -1814,7 +1934,7 @@ cert_parse(struct sshbuf *b, struct sshkey *key, struct sshbuf *certbuf) goto out; } if ((ret = sshkey_verify(key->cert->signature_key, sig, slen, - sshbuf_ptr(key->cert->certblob), signed_len, 0)) != 0) + sshbuf_ptr(key->cert->certblob), signed_len, NULL, 0)) != 0) goto out; /* Success */ @@ -1833,7 +1953,7 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, int allow_cert) { int type, ret = SSH_ERR_INTERNAL_ERROR; - char *ktype = NULL, *curve = NULL; + char *ktype = NULL, *curve = NULL, *xmss_name = NULL; struct sshkey *key = NULL; size_t len; u_char *pk = NULL; @@ -1933,8 +2053,7 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, ret = SSH_ERR_EC_CURVE_MISMATCH; goto out; } - if (key->ecdsa != NULL) - EC_KEY_free(key->ecdsa); + EC_KEY_free(key->ecdsa); if ((key->ecdsa = EC_KEY_new_by_curve_name(key->ecdsa_nid)) == NULL) { ret = SSH_ERR_EC_CURVE_INVALID; @@ -1985,6 +2104,36 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, key->ed25519_pk = pk; pk = NULL; break; +#ifdef WITH_XMSS + case KEY_XMSS_CERT: + /* Skip nonce */ + if (sshbuf_get_string_direct(b, NULL, NULL) != 0) { + ret = SSH_ERR_INVALID_FORMAT; + goto out; + } + /* FALLTHROUGH */ + case KEY_XMSS: + if ((ret = sshbuf_get_cstring(b, &xmss_name, NULL)) != 0) + goto out; + if ((key = sshkey_new(type)) == NULL) { + ret = SSH_ERR_ALLOC_FAIL; + goto out; + } + if ((ret = sshkey_xmss_init(key, xmss_name)) != 0) + goto out; + if ((ret = sshbuf_get_string(b, &pk, &len)) != 0) + goto out; + if (len == 0 || len != sshkey_xmss_pklen(key)) { + ret = SSH_ERR_INVALID_FORMAT; + goto out; + } + key->xmss_pk = pk; + pk = NULL; + if (type != KEY_XMSS_CERT && + (ret = sshkey_xmss_deserialize_pk_info(key, b)) != 0) + goto out; + break; +#endif /* WITH_XMSS */ case KEY_UNSPEC: default: ret = SSH_ERR_KEY_TYPE_UNKNOWN; @@ -2007,12 +2156,12 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, out: sshbuf_free(copy); sshkey_free(key); + free(xmss_name); free(ktype); free(curve); free(pk); #if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) - if (q != NULL) - EC_POINT_free(q); + EC_POINT_free(q); #endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */ return ret; } @@ -2049,6 +2198,31 @@ sshkey_froms(struct sshbuf *buf, struct sshkey **keyp) return r; } +int +sshkey_sigtype(const u_char *sig, size_t siglen, char **sigtypep) +{ + int r; + struct sshbuf *b = NULL; + char *sigtype = NULL; + + if (sigtypep != NULL) + *sigtypep = NULL; + if ((b = sshbuf_from(sig, siglen)) == NULL) + return SSH_ERR_ALLOC_FAIL; + if ((r = sshbuf_get_cstring(b, &sigtype, NULL)) != 0) + goto out; + /* success */ + if (sigtypep != NULL) { + *sigtypep = sigtype; + sigtype = NULL; + } + r = 0; + out: + free(sigtype); + sshbuf_free(b); + return r; +} + int sshkey_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, @@ -2077,6 +2251,11 @@ sshkey_sign(const struct sshkey *key, case KEY_ED25519: case KEY_ED25519_CERT: return ssh_ed25519_sign(key, sigp, lenp, data, datalen, compat); +#ifdef WITH_XMSS + case KEY_XMSS: + case KEY_XMSS_CERT: + return ssh_xmss_sign(key, sigp, lenp, data, datalen, compat); +#endif /* WITH_XMSS */ default: return SSH_ERR_KEY_TYPE_UNKNOWN; } @@ -2084,11 +2263,12 @@ sshkey_sign(const struct sshkey *key, /* * ssh_key_verify returns 0 for a correct signature and < 0 on error. + * If "alg" specified, then the signature must use that algorithm. */ int sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen, - const u_char *data, size_t dlen, u_int compat) + const u_char *data, size_t dlen, const char *alg, u_int compat) { if (siglen == 0 || dlen > SSH_KEY_MAX_SIGN_DATA_SIZE) return SSH_ERR_INVALID_ARGUMENT; @@ -2104,11 +2284,16 @@ sshkey_verify(const struct sshkey *key, # endif /* OPENSSL_HAS_ECC */ case KEY_RSA_CERT: case KEY_RSA: - return ssh_rsa_verify(key, sig, siglen, data, dlen); + return ssh_rsa_verify(key, sig, siglen, data, dlen, alg); #endif /* WITH_OPENSSL */ case KEY_ED25519: case KEY_ED25519_CERT: return ssh_ed25519_verify(key, sig, siglen, data, dlen, compat); +#ifdef WITH_XMSS + case KEY_XMSS: + case KEY_XMSS_CERT: + return ssh_xmss_verify(key, sig, siglen, data, dlen, compat); +#endif /* WITH_XMSS */ default: return SSH_ERR_KEY_TYPE_UNKNOWN; } @@ -2132,6 +2317,8 @@ sshkey_demote(const struct sshkey *k, struct sshkey **dkp) pk->rsa = NULL; pk->ed25519_pk = NULL; pk->ed25519_sk = NULL; + pk->xmss_pk = NULL; + pk->xmss_sk = NULL; switch (k->type) { #ifdef WITH_OPENSSL @@ -2193,6 +2380,29 @@ sshkey_demote(const struct sshkey *k, struct sshkey **dkp) memcpy(pk->ed25519_pk, k->ed25519_pk, ED25519_PK_SZ); } break; +#ifdef WITH_XMSS + case KEY_XMSS_CERT: + if ((ret = sshkey_cert_copy(k, pk)) != 0) + goto fail; + /* FALLTHROUGH */ + case KEY_XMSS: + if ((ret = sshkey_xmss_init(pk, k->xmss_name)) != 0) + goto fail; + if (k->xmss_pk != NULL) { + size_t pklen = sshkey_xmss_pklen(k); + + if (pklen == 0 || sshkey_xmss_pklen(pk) != pklen) { + ret = SSH_ERR_INTERNAL_ERROR; + goto fail; + } + if ((pk->xmss_pk = malloc(pklen)) == NULL) { + ret = SSH_ERR_ALLOC_FAIL; + goto fail; + } + memcpy(pk->xmss_pk, k->xmss_pk, pklen); + } + break; +#endif /* WITH_XMSS */ default: ret = SSH_ERR_KEY_TYPE_UNKNOWN; fail: @@ -2224,6 +2434,11 @@ sshkey_to_certified(struct sshkey *k) case KEY_ED25519: newtype = KEY_ED25519_CERT; break; +#ifdef WITH_XMSS + case KEY_XMSS: + newtype = KEY_XMSS_CERT; + break; +#endif /* WITH_XMSS */ default: return SSH_ERR_INVALID_ARGUMENT; } @@ -2308,6 +2523,18 @@ sshkey_certify_custom(struct sshkey *k, struct sshkey *ca, const char *alg, k->ed25519_pk, ED25519_PK_SZ)) != 0) goto out; break; +#ifdef WITH_XMSS + case KEY_XMSS_CERT: + if (k->xmss_name == NULL) { + ret = SSH_ERR_INVALID_ARGUMENT; + goto out; + } + if ((ret = sshbuf_put_cstring(cert, k->xmss_name)) || + (ret = sshbuf_put_string(cert, + k->xmss_pk, sshkey_xmss_pklen(k))) != 0) + goto out; + break; +#endif /* WITH_XMSS */ default: ret = SSH_ERR_INVALID_ARGUMENT; goto out; @@ -2465,7 +2692,8 @@ sshkey_format_cert_validity(const struct sshkey_cert *cert, char *s, size_t l) } int -sshkey_private_serialize(const struct sshkey *key, struct sshbuf *b) +sshkey_private_serialize_opt(const struct sshkey *key, struct sshbuf *b, + enum sshkey_serialize_rep opts) { int r = SSH_ERR_INTERNAL_ERROR; @@ -2551,6 +2779,36 @@ sshkey_private_serialize(const struct sshkey *key, struct sshbuf *b) ED25519_SK_SZ)) != 0) goto out; break; +#ifdef WITH_XMSS + case KEY_XMSS: + if (key->xmss_name == NULL) { + r = SSH_ERR_INVALID_ARGUMENT; + goto out; + } + if ((r = sshbuf_put_cstring(b, key->xmss_name)) != 0 || + (r = sshbuf_put_string(b, key->xmss_pk, + sshkey_xmss_pklen(key))) != 0 || + (r = sshbuf_put_string(b, key->xmss_sk, + sshkey_xmss_sklen(key))) != 0 || + (r = sshkey_xmss_serialize_state_opt(key, b, opts)) != 0) + goto out; + break; + case KEY_XMSS_CERT: + if (key->cert == NULL || sshbuf_len(key->cert->certblob) == 0 || + key->xmss_name == NULL) { + r = SSH_ERR_INVALID_ARGUMENT; + goto out; + } + if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 || + (r = sshbuf_put_cstring(b, key->xmss_name)) != 0 || + (r = sshbuf_put_string(b, key->xmss_pk, + sshkey_xmss_pklen(key))) != 0 || + (r = sshbuf_put_string(b, key->xmss_sk, + sshkey_xmss_sklen(key))) != 0 || + (r = sshkey_xmss_serialize_state_opt(key, b, opts)) != 0) + goto out; + break; +#endif /* WITH_XMSS */ default: r = SSH_ERR_INVALID_ARGUMENT; goto out; @@ -2561,14 +2819,22 @@ sshkey_private_serialize(const struct sshkey *key, struct sshbuf *b) return r; } +int +sshkey_private_serialize(const struct sshkey *key, struct sshbuf *b) +{ + return sshkey_private_serialize_opt(key, b, + SSHKEY_SERIALIZE_DEFAULT); +} + int sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) { - char *tname = NULL, *curve = NULL; + char *tname = NULL, *curve = NULL, *xmss_name = NULL; struct sshkey *k = NULL; size_t pklen = 0, sklen = 0; int type, r = SSH_ERR_INTERNAL_ERROR; u_char *ed25519_pk = NULL, *ed25519_sk = NULL; + u_char *xmss_pk = NULL, *xmss_sk = NULL; #ifdef WITH_OPENSSL BIGNUM *exponent = NULL; #endif /* WITH_OPENSSL */ @@ -2713,6 +2979,53 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) k->ed25519_sk = ed25519_sk; ed25519_pk = ed25519_sk = NULL; break; +#ifdef WITH_XMSS + case KEY_XMSS: + if ((k = sshkey_new_private(type)) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto out; + } + if ((r = sshbuf_get_cstring(buf, &xmss_name, NULL)) != 0 || + (r = sshkey_xmss_init(k, xmss_name)) != 0 || + (r = sshbuf_get_string(buf, &xmss_pk, &pklen)) != 0 || + (r = sshbuf_get_string(buf, &xmss_sk, &sklen)) != 0) + goto out; + if (pklen != sshkey_xmss_pklen(k) || + sklen != sshkey_xmss_sklen(k)) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } + k->xmss_pk = xmss_pk; + k->xmss_sk = xmss_sk; + xmss_pk = xmss_sk = NULL; + /* optional internal state */ + if ((r = sshkey_xmss_deserialize_state_opt(k, buf)) != 0) + goto out; + break; + case KEY_XMSS_CERT: + if ((r = sshkey_froms(buf, &k)) != 0 || + (r = sshkey_add_private(k)) != 0 || + (r = sshbuf_get_cstring(buf, &xmss_name, NULL)) != 0 || + (r = sshbuf_get_string(buf, &xmss_pk, &pklen)) != 0 || + (r = sshbuf_get_string(buf, &xmss_sk, &sklen)) != 0) + goto out; + if (strcmp(xmss_name, k->xmss_name)) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } + if (pklen != sshkey_xmss_pklen(k) || + sklen != sshkey_xmss_sklen(k)) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } + k->xmss_pk = xmss_pk; + k->xmss_sk = xmss_sk; + xmss_pk = xmss_sk = NULL; + /* optional internal state */ + if ((r = sshkey_xmss_deserialize_state_opt(k, buf)) != 0) + goto out; + break; +#endif /* WITH_XMSS */ default: r = SSH_ERR_KEY_TYPE_UNKNOWN; goto out; @@ -2739,18 +3052,14 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) free(tname); free(curve); #ifdef WITH_OPENSSL - if (exponent != NULL) - BN_clear_free(exponent); + BN_clear_free(exponent); #endif /* WITH_OPENSSL */ sshkey_free(k); - if (ed25519_pk != NULL) { - explicit_bzero(ed25519_pk, pklen); - free(ed25519_pk); - } - if (ed25519_sk != NULL) { - explicit_bzero(ed25519_sk, sklen); - free(ed25519_sk); - } + freezero(ed25519_pk, pklen); + freezero(ed25519_sk, sklen); + free(xmss_name); + freezero(xmss_pk, pklen); + freezero(xmss_sk, sklen); return r; } @@ -2828,8 +3137,7 @@ sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) ret = 0; out: BN_CTX_free(bnctx); - if (nq != NULL) - EC_POINT_free(nq); + EC_POINT_free(nq); return ret; } @@ -3006,7 +3314,8 @@ sshkey_private_to_blob2(const struct sshkey *prv, struct sshbuf *blob, goto out; /* append private key and comment*/ - if ((r = sshkey_private_serialize(prv, encrypted)) != 0 || + if ((r = sshkey_private_serialize_opt(prv, encrypted, + SSHKEY_SERIALIZE_FULL)) != 0 || (r = sshbuf_put_cstring(encrypted, comment)) != 0) goto out; @@ -3304,7 +3613,7 @@ sshkey_private_pem_to_blob(struct sshkey *key, struct sshbuf *blob, int blen, len = strlen(_passphrase); u_char *passphrase = (len > 0) ? (u_char *)_passphrase : NULL; const EVP_CIPHER *cipher = (len > 0) ? EVP_aes_128_cbc() : NULL; - const u_char *bptr; + char *bptr; BIO *bio = NULL; if (len > 0 && len <= 4) @@ -3367,6 +3676,9 @@ sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob, passphrase, comment); #endif /* WITH_OPENSSL */ case KEY_ED25519: +#ifdef WITH_XMSS + case KEY_XMSS: +#endif /* WITH_XMSS */ return sshkey_private_to_blob2(key, blob, passphrase, comment, new_format_cipher, new_format_rounds); default: @@ -3524,8 +3836,7 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, } out: BIO_free(bio); - if (pk != NULL) - EVP_PKEY_free(pk); + EVP_PKEY_free(pk); sshkey_free(prv); return r; } @@ -3551,6 +3862,9 @@ sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, passphrase, keyp); #endif /* WITH_OPENSSL */ case KEY_ED25519: +#ifdef WITH_XMSS + case KEY_XMSS: +#endif /* WITH_XMSS */ return sshkey_parse_private2(blob, type, passphrase, keyp, commentp); case KEY_UNSPEC: @@ -3582,3 +3896,90 @@ sshkey_parse_private_fileblob(struct sshbuf *buffer, const char *passphrase, return sshkey_parse_private_fileblob_type(buffer, KEY_UNSPEC, passphrase, keyp, commentp); } + +#ifdef WITH_XMSS +/* + * serialize the key with the current state and forward the state + * maxsign times. + */ +int +sshkey_private_serialize_maxsign(const struct sshkey *k, struct sshbuf *b, + u_int32_t maxsign, sshkey_printfn *pr) +{ + int r, rupdate; + + if (maxsign == 0 || + sshkey_type_plain(k->type) != KEY_XMSS) + return sshkey_private_serialize_opt(k, b, + SSHKEY_SERIALIZE_DEFAULT); + if ((r = sshkey_xmss_get_state(k, pr)) != 0 || + (r = sshkey_private_serialize_opt(k, b, + SSHKEY_SERIALIZE_STATE)) != 0 || + (r = sshkey_xmss_forward_state(k, maxsign)) != 0) + goto out; + r = 0; +out: + if ((rupdate = sshkey_xmss_update_state(k, pr)) != 0) { + if (r == 0) + r = rupdate; + } + return r; +} + +u_int32_t +sshkey_signatures_left(const struct sshkey *k) +{ + if (sshkey_type_plain(k->type) == KEY_XMSS) + return sshkey_xmss_signatures_left(k); + return 0; +} + +int +sshkey_enable_maxsign(struct sshkey *k, u_int32_t maxsign) +{ + if (sshkey_type_plain(k->type) != KEY_XMSS) + return SSH_ERR_INVALID_ARGUMENT; + return sshkey_xmss_enable_maxsign(k, maxsign); +} + +int +sshkey_set_filename(struct sshkey *k, const char *filename) +{ + if (k == NULL) + return SSH_ERR_INVALID_ARGUMENT; + if (sshkey_type_plain(k->type) != KEY_XMSS) + return 0; + if (filename == NULL) + return SSH_ERR_INVALID_ARGUMENT; + if ((k->xmss_filename = strdup(filename)) == NULL) + return SSH_ERR_ALLOC_FAIL; + return 0; +} +#else +int +sshkey_private_serialize_maxsign(const struct sshkey *k, struct sshbuf *b, + u_int32_t maxsign, sshkey_printfn *pr) +{ + return sshkey_private_serialize_opt(k, b, SSHKEY_SERIALIZE_DEFAULT); +} + +u_int32_t +sshkey_signatures_left(const struct sshkey *k) +{ + return 0; +} + +int +sshkey_enable_maxsign(struct sshkey *k, u_int32_t maxsign) +{ + return SSH_ERR_INVALID_ARGUMENT; +} + +int +sshkey_set_filename(struct sshkey *k, const char *filename) +{ + if (k == NULL) + return SSH_ERR_INVALID_ARGUMENT; + return 0; +} +#endif /* WITH_XMSS */ diff --git a/sshkey.h b/sshkey.h index 9093eac517d9..155cd45aea13 100644 --- a/sshkey.h +++ b/sshkey.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.h,v 1.21 2017/07/01 13:50:45 djm Exp $ */ +/* $OpenBSD: sshkey.h,v 1.24 2018/02/23 15:58:38 markus Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -61,6 +61,8 @@ enum sshkey_types { KEY_DSA_CERT, KEY_ECDSA_CERT, KEY_ED25519_CERT, + KEY_XMSS, + KEY_XMSS_CERT, KEY_UNSPEC }; @@ -76,6 +78,14 @@ enum sshkey_fp_rep { SSH_FP_RANDOMART }; +/* Private key serialisation formats, used on the wire */ +enum sshkey_serialize_rep { + SSHKEY_SERIALIZE_DEFAULT = 0, + SSHKEY_SERIALIZE_STATE = 1, + SSHKEY_SERIALIZE_FULL = 2, + SSHKEY_SERIALIZE_INFO = 254, +}; + /* key is stored in external hardware */ #define SSHKEY_FLAG_EXT 0x0001 @@ -104,6 +114,11 @@ struct sshkey { EC_KEY *ecdsa; u_char *ed25519_sk; u_char *ed25519_pk; + char *xmss_name; + char *xmss_filename; /* for state file updates */ + void *xmss_state; /* depends on xmss_name, opaque */ + u_char *xmss_sk; + u_char *xmss_pk; struct sshkey_cert *cert; }; @@ -171,13 +186,16 @@ int sshkey_to_blob(const struct sshkey *, u_char **, size_t *); int sshkey_to_base64(const struct sshkey *, char **); int sshkey_putb(const struct sshkey *, struct sshbuf *); int sshkey_puts(const struct sshkey *, struct sshbuf *); +int sshkey_puts_opts(const struct sshkey *, struct sshbuf *, + enum sshkey_serialize_rep); int sshkey_plain_to_blob(const struct sshkey *, u_char **, size_t *); int sshkey_putb_plain(const struct sshkey *, struct sshbuf *); +int sshkey_sigtype(const u_char *, size_t, char **); int sshkey_sign(const struct sshkey *, u_char **, size_t *, const u_char *, size_t, const char *, u_int); int sshkey_verify(const struct sshkey *, const u_char *, size_t, - const u_char *, size_t, u_int); + const u_char *, size_t, const char *, u_int); /* for debug */ void sshkey_dump_ec_point(const EC_GROUP *, const EC_POINT *); @@ -185,6 +203,8 @@ void sshkey_dump_ec_key(const EC_KEY *); /* private key parsing and serialisation */ int sshkey_private_serialize(const struct sshkey *key, struct sshbuf *buf); +int sshkey_private_serialize_opt(const struct sshkey *key, struct sshbuf *buf, + enum sshkey_serialize_rep); int sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **keyp); /* private key file format parsing and serialisation */ @@ -199,12 +219,26 @@ int sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, /* XXX should be internal, but used by ssh-keygen */ int ssh_rsa_generate_additional_parameters(struct sshkey *); +/* stateful keys (e.g. XMSS) */ +#ifdef NO_ATTRIBUTE_ON_PROTOTYPE_ARGS +typedef void sshkey_printfn(const char *, ...); +#else +typedef void sshkey_printfn(const char *, ...) __attribute__((format(printf, 1, 2))); +#endif +int sshkey_set_filename(struct sshkey *, const char *); +int sshkey_enable_maxsign(struct sshkey *, u_int32_t); +u_int32_t sshkey_signatures_left(const struct sshkey *); +int sshkey_forward_state(const struct sshkey *, u_int32_t, sshkey_printfn *); +int sshkey_private_serialize_maxsign(const struct sshkey *key, struct sshbuf *buf, + u_int32_t maxsign, sshkey_printfn *pr); + #ifdef SSHKEY_INTERNAL int ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, const char *ident); int ssh_rsa_verify(const struct sshkey *key, - const u_char *sig, size_t siglen, const u_char *data, size_t datalen); + const u_char *sig, size_t siglen, const u_char *data, size_t datalen, + const char *alg); int ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, u_int compat); int ssh_dss_verify(const struct sshkey *key, @@ -220,6 +254,11 @@ int ssh_ed25519_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, int ssh_ed25519_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, size_t datalen, u_int compat); +int ssh_xmss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, + const u_char *data, size_t datalen, u_int compat); +int ssh_xmss_verify(const struct sshkey *key, + const u_char *signature, size_t signaturelen, + const u_char *data, size_t datalen, u_int compat); #endif #if !defined(WITH_OPENSSL) diff --git a/sshpty.c b/sshpty.c index fe2fb5aa2f28..4da84d05f7cd 100644 --- a/sshpty.c +++ b/sshpty.c @@ -100,30 +100,6 @@ pty_make_controlling_tty(int *ttyfd, const char *tty) { int fd; -#ifdef _UNICOS - if (setsid() < 0) - error("setsid: %.100s", strerror(errno)); - - fd = open(tty, O_RDWR|O_NOCTTY); - if (fd != -1) { - signal(SIGHUP, SIG_IGN); - ioctl(fd, TCVHUP, (char *)NULL); - signal(SIGHUP, SIG_DFL); - setpgid(0, 0); - close(fd); - } else { - error("Failed to disconnect from controlling tty."); - } - - debug("Setting controlling tty using TCSETCTTY."); - ioctl(*ttyfd, TCSETCTTY, NULL); - fd = open("/dev/tty", O_RDWR); - if (fd < 0) - error("%.100s: %.100s", tty, strerror(errno)); - close(*ttyfd); - *ttyfd = fd; -#else /* _UNICOS */ - /* First disconnect from the old controlling tty. */ #ifdef TIOCNOTTY fd = open(_PATH_TTY, O_RDWR | O_NOCTTY); @@ -167,7 +143,6 @@ pty_make_controlling_tty(int *ttyfd, const char *tty) strerror(errno)); else close(fd); -#endif /* _UNICOS */ } /* Changes the window size associated with the pty. */ diff --git a/ttymodes.c b/ttymodes.c index 8451396353c9..f9fdb92defab 100644 --- a/ttymodes.c +++ b/ttymodes.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ttymodes.c,v 1.32 2017/04/30 23:26:54 djm Exp $ */ +/* $OpenBSD: ttymodes.c,v 1.33 2018/02/16 04:43:11 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -56,6 +56,7 @@ #include "log.h" #include "compat.h" #include "buffer.h" +#include "compat.h" #define TTY_OP_END 0 /* @@ -308,9 +309,15 @@ tty_make_modes(int fd, struct termios *tiop) buffer_put_char(&buf, OP); \ buffer_put_int(&buf, special_char_encode(tio.c_cc[NAME])); +#define SSH_TTYMODE_IUTF8 42 /* for SSH_BUG_UTF8TTYMODE */ + #define TTYMODE(NAME, FIELD, OP) \ - buffer_put_char(&buf, OP); \ - buffer_put_int(&buf, ((tio.FIELD & NAME) != 0)); + if (OP == SSH_TTYMODE_IUTF8 && (datafellows & SSH_BUG_UTF8TTYMODE)) { \ + debug3("%s: SSH_BUG_UTF8TTYMODE", __func__); \ + } else { \ + buffer_put_char(&buf, OP); \ + buffer_put_int(&buf, ((tio.FIELD & NAME) != 0)); \ + } #include "ttymodes.h" diff --git a/umac.c b/umac.c index 9f2187c9af98..eab831072395 100644 --- a/umac.c +++ b/umac.c @@ -1,6 +1,6 @@ -/* $OpenBSD: umac.c,v 1.12 2017/05/31 08:09:45 markus Exp $ */ +/* $OpenBSD: umac.c,v 1.16 2017/12/12 15:06:12 naddy Exp $ */ /* ----------------------------------------------------------------------- - * + * * umac.c -- C Implementation UMAC Message Authentication * * Version 0.93b of rfc4418.txt -- 2006 July 18 @@ -10,7 +10,7 @@ * Please report bugs and suggestions to the UMAC webpage. * * Copyright (c) 1999-2006 Ted Krovetz - * + * * Permission to use, copy, modify, and distribute this software and * its documentation for any purpose and with or without fee, is hereby * granted provided that the above copyright notice appears in all copies @@ -18,10 +18,10 @@ * holder not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior permission. * - * Comments should be directed to Ted Krovetz (tdk@acm.org) - * + * Comments should be directed to Ted Krovetz (tdk@acm.org) + * * ---------------------------------------------------------------------- */ - + /* ////////////////////// IMPORTANT NOTES ///////////////////////////////// * * 1) This version does not work properly on messages larger than 16MB @@ -47,7 +47,7 @@ * produced under gcc with optimizations set -O3 or higher. Dunno why. * /////////////////////////////////////////////////////////////////////// */ - + /* ---------------------------------------------------------------------- */ /* --- User Switches ---------------------------------------------------- */ /* ---------------------------------------------------------------------- */ @@ -187,11 +187,11 @@ static void kdf(void *bufp, aes_int_key key, UINT8 ndx, int nbytes) UINT8 out_buf[AES_BLOCK_LEN]; UINT8 *dst_buf = (UINT8 *)bufp; int i; - + /* Setup the initial value */ in_buf[AES_BLOCK_LEN-9] = ndx; in_buf[AES_BLOCK_LEN-1] = i = 1; - + while (nbytes >= AES_BLOCK_LEN) { aes_encryption(in_buf, out_buf, key); memcpy(dst_buf,out_buf,AES_BLOCK_LEN); @@ -208,7 +208,7 @@ static void kdf(void *bufp, aes_int_key key, UINT8 ndx, int nbytes) } /* The final UHASH result is XOR'd with the output of a pseudorandom - * function. Here, we use AES to generate random output and + * function. Here, we use AES to generate random output and * xor the appropriate bytes depending on the last bits of nonce. * This scheme is optimized for sequential, increasing big-endian nonces. */ @@ -222,10 +222,10 @@ typedef struct { static void pdf_init(pdf_ctx *pc, aes_int_key prf_key) { UINT8 buf[UMAC_KEY_LEN]; - + kdf(buf, prf_key, 0, UMAC_KEY_LEN); aes_key_setup(buf, pc->prf_key); - + /* Initialize pdf and cache */ memset(pc->nonce, 0, sizeof(pc->nonce)); aes_encryption(pc->nonce, pc->cache, pc->prf_key); @@ -238,7 +238,7 @@ static void pdf_gen_xor(pdf_ctx *pc, const UINT8 nonce[8], UINT8 buf[8]) * of the AES output. If last time around we returned the ndx-1st * element, then we may have the result in the cache already. */ - + #if (UMAC_OUTPUT_LEN == 4) #define LOW_BIT_MASK 3 #elif (UMAC_OUTPUT_LEN == 8) @@ -255,7 +255,7 @@ static void pdf_gen_xor(pdf_ctx *pc, const UINT8 nonce[8], UINT8 buf[8]) #endif *(UINT32 *)t.tmp_nonce_lo = ((const UINT32 *)nonce)[1]; t.tmp_nonce_lo[3] &= ~LOW_BIT_MASK; /* zero last bit */ - + if ( (((UINT32 *)t.tmp_nonce_lo)[0] != ((UINT32 *)pc->nonce)[1]) || (((const UINT32 *)nonce)[0] != ((UINT32 *)pc->nonce)[0]) ) { @@ -263,7 +263,7 @@ static void pdf_gen_xor(pdf_ctx *pc, const UINT8 nonce[8], UINT8 buf[8]) ((UINT32 *)pc->nonce)[1] = ((UINT32 *)t.tmp_nonce_lo)[0]; aes_encryption(pc->nonce, pc->cache, pc->prf_key); } - + #if (UMAC_OUTPUT_LEN == 4) *((UINT32 *)buf) ^= ((UINT32 *)pc->cache)[ndx]; #elif (UMAC_OUTPUT_LEN == 8) @@ -284,28 +284,28 @@ static void pdf_gen_xor(pdf_ctx *pc, const UINT8 nonce[8], UINT8 buf[8]) /* ---------------------------------------------------------------------- */ /* The NH-based hash functions used in UMAC are described in the UMAC paper - * and specification, both of which can be found at the UMAC website. - * The interface to this implementation has two + * and specification, both of which can be found at the UMAC website. + * The interface to this implementation has two * versions, one expects the entire message being hashed to be passed * in a single buffer and returns the hash result immediately. The second - * allows the message to be passed in a sequence of buffers. In the - * muliple-buffer interface, the client calls the routine nh_update() as - * many times as necessary. When there is no more data to be fed to the - * hash, the client calls nh_final() which calculates the hash output. - * Before beginning another hash calculation the nh_reset() routine - * must be called. The single-buffer routine, nh(), is equivalent to - * the sequence of calls nh_update() and nh_final(); however it is + * allows the message to be passed in a sequence of buffers. In the + * muliple-buffer interface, the client calls the routine nh_update() as + * many times as necessary. When there is no more data to be fed to the + * hash, the client calls nh_final() which calculates the hash output. + * Before beginning another hash calculation the nh_reset() routine + * must be called. The single-buffer routine, nh(), is equivalent to + * the sequence of calls nh_update() and nh_final(); however it is * optimized and should be prefered whenever the multiple-buffer interface - * is not necessary. When using either interface, it is the client's - * responsability to pass no more than L1_KEY_LEN bytes per hash result. - * - * The routine nh_init() initializes the nh_ctx data structure and - * must be called once, before any other PDF routine. + * is not necessary. When using either interface, it is the client's + * responsability to pass no more than L1_KEY_LEN bytes per hash result. + * + * The routine nh_init() initializes the nh_ctx data structure and + * must be called once, before any other PDF routine. */ - + /* The "nh_aux" routines do the actual NH hashing work. They * expect buffers to be multiples of L1_PAD_BOUNDARY. These routines - * produce output for all STREAMS NH iterations in one call, + * produce output for all STREAMS NH iterations in one call, * allowing the parallel implementation of the streams. */ @@ -328,10 +328,10 @@ typedef struct { #if (UMAC_OUTPUT_LEN == 4) static void nh_aux(void *kp, const void *dp, void *hp, UINT32 dlen) -/* NH hashing primitive. Previous (partial) hash result is loaded and +/* NH hashing primitive. Previous (partial) hash result is loaded and * then stored via hp pointer. The length of the data pointed at by "dp", * "dlen", is guaranteed to be divisible by L1_PAD_BOUNDARY (32). Key -* is expected to be endian compensated in memory at key setup. +* is expected to be endian compensated in memory at key setup. */ { UINT64 h; @@ -340,7 +340,7 @@ static void nh_aux(void *kp, const void *dp, void *hp, UINT32 dlen) const UINT32 *d = (const UINT32 *)dp; UINT32 d0,d1,d2,d3,d4,d5,d6,d7; UINT32 k0,k1,k2,k3,k4,k5,k6,k7; - + h = *((UINT64 *)hp); do { d0 = LOAD_UINT32_LITTLE(d+0); d1 = LOAD_UINT32_LITTLE(d+1); @@ -353,7 +353,7 @@ static void nh_aux(void *kp, const void *dp, void *hp, UINT32 dlen) h += MUL64((k1 + d1), (k5 + d5)); h += MUL64((k2 + d2), (k6 + d6)); h += MUL64((k3 + d3), (k7 + d7)); - + d += 8; k += 8; } while (--c); @@ -421,7 +421,7 @@ static void nh_aux(void *kp, const void *dp, void *hp, UINT32 dlen) UINT32 d0,d1,d2,d3,d4,d5,d6,d7; UINT32 k0,k1,k2,k3,k4,k5,k6,k7, k8,k9,k10,k11,k12,k13,k14,k15; - + h1 = *((UINT64 *)hp); h2 = *((UINT64 *)hp + 1); h3 = *((UINT64 *)hp + 2); @@ -434,26 +434,26 @@ static void nh_aux(void *kp, const void *dp, void *hp, UINT32 dlen) d6 = LOAD_UINT32_LITTLE(d+6); d7 = LOAD_UINT32_LITTLE(d+7); k8 = *(k+8); k9 = *(k+9); k10 = *(k+10); k11 = *(k+11); k12 = *(k+12); k13 = *(k+13); k14 = *(k+14); k15 = *(k+15); - + h1 += MUL64((k0 + d0), (k4 + d4)); h2 += MUL64((k4 + d0), (k8 + d4)); h3 += MUL64((k8 + d0), (k12 + d4)); - + h1 += MUL64((k1 + d1), (k5 + d5)); h2 += MUL64((k5 + d1), (k9 + d5)); h3 += MUL64((k9 + d1), (k13 + d5)); - + h1 += MUL64((k2 + d2), (k6 + d6)); h2 += MUL64((k6 + d2), (k10 + d6)); h3 += MUL64((k10 + d2), (k14 + d6)); - + h1 += MUL64((k3 + d3), (k7 + d7)); h2 += MUL64((k7 + d3), (k11 + d7)); h3 += MUL64((k11 + d3), (k15 + d7)); - + k0 = k8; k1 = k9; k2 = k10; k3 = k11; k4 = k12; k5 = k13; k6 = k14; k7 = k15; - + d += 8; k += 8; } while (--c); @@ -477,7 +477,7 @@ static void nh_aux(void *kp, const void *dp, void *hp, UINT32 dlen) UINT32 k0,k1,k2,k3,k4,k5,k6,k7, k8,k9,k10,k11,k12,k13,k14,k15, k16,k17,k18,k19; - + h1 = *((UINT64 *)hp); h2 = *((UINT64 *)hp + 1); h3 = *((UINT64 *)hp + 2); @@ -492,31 +492,31 @@ static void nh_aux(void *kp, const void *dp, void *hp, UINT32 dlen) k8 = *(k+8); k9 = *(k+9); k10 = *(k+10); k11 = *(k+11); k12 = *(k+12); k13 = *(k+13); k14 = *(k+14); k15 = *(k+15); k16 = *(k+16); k17 = *(k+17); k18 = *(k+18); k19 = *(k+19); - + h1 += MUL64((k0 + d0), (k4 + d4)); h2 += MUL64((k4 + d0), (k8 + d4)); h3 += MUL64((k8 + d0), (k12 + d4)); h4 += MUL64((k12 + d0), (k16 + d4)); - + h1 += MUL64((k1 + d1), (k5 + d5)); h2 += MUL64((k5 + d1), (k9 + d5)); h3 += MUL64((k9 + d1), (k13 + d5)); h4 += MUL64((k13 + d1), (k17 + d5)); - + h1 += MUL64((k2 + d2), (k6 + d6)); h2 += MUL64((k6 + d2), (k10 + d6)); h3 += MUL64((k10 + d2), (k14 + d6)); h4 += MUL64((k14 + d2), (k18 + d6)); - + h1 += MUL64((k3 + d3), (k7 + d7)); h2 += MUL64((k7 + d3), (k11 + d7)); h3 += MUL64((k11 + d3), (k15 + d7)); h4 += MUL64((k15 + d3), (k19 + d7)); - + k0 = k8; k1 = k9; k2 = k10; k3 = k11; k4 = k12; k5 = k13; k6 = k14; k7 = k15; k8 = k16; k9 = k17; k10 = k18; k11 = k19; - + d += 8; k += 8; } while (--c); @@ -541,7 +541,7 @@ static void nh_transform(nh_ctx *hc, const UINT8 *buf, UINT32 nbytes) */ { UINT8 *key; - + key = hc->nh_key + hc->bytes_hashed; nh_aux(key, buf, hc->state, nbytes); } @@ -613,7 +613,7 @@ static void nh_update(nh_ctx *hc, const UINT8 *buf, UINT32 nbytes) /* even multiple of HASH_BUF_BYTES. */ { UINT32 i,j; - + j = hc->next_data_empty; if ((j + nbytes) >= HASH_BUF_BYTES) { if (j) { @@ -677,12 +677,12 @@ static void nh_final(nh_ctx *hc, UINT8 *result) if (hc->next_data_empty != 0) { nh_len = ((hc->next_data_empty + (L1_PAD_BOUNDARY - 1)) & ~(L1_PAD_BOUNDARY - 1)); - zero_pad(hc->data + hc->next_data_empty, + zero_pad(hc->data + hc->next_data_empty, nh_len - hc->next_data_empty); nh_transform(hc, hc->data, nh_len); hc->bytes_hashed += hc->next_data_empty; } else if (hc->bytes_hashed == 0) { - nh_len = L1_PAD_BOUNDARY; + nh_len = L1_PAD_BOUNDARY; zero_pad(hc->data, L1_PAD_BOUNDARY); nh_transform(hc, hc->data, nh_len); } @@ -711,10 +711,10 @@ static void nh(nh_ctx *hc, const UINT8 *buf, UINT32 padded_len, */ { UINT32 nbits; - + /* Initialize the hash state */ nbits = (unpadded_len << 3); - + ((UINT64 *)result)[0] = nbits; #if (UMAC_OUTPUT_LEN >= 8) ((UINT64 *)result)[1] = nbits; @@ -725,7 +725,7 @@ static void nh(nh_ctx *hc, const UINT8 *buf, UINT32 padded_len, #if (UMAC_OUTPUT_LEN == 16) ((UINT64 *)result)[3] = nbits; #endif - + nh_aux(hc->nh_key, buf, result, padded_len); } @@ -744,16 +744,16 @@ static void nh(nh_ctx *hc, const UINT8 *buf, UINT32 padded_len, * buffers are presented sequentially. In the sequential interface, the * UHASH client calls the routine uhash_update() as many times as necessary. * When there is no more data to be fed to UHASH, the client calls - * uhash_final() which - * calculates the UHASH output. Before beginning another UHASH calculation - * the uhash_reset() routine must be called. The all-at-once UHASH routine, - * uhash(), is equivalent to the sequence of calls uhash_update() and - * uhash_final(); however it is optimized and should be - * used whenever the sequential interface is not necessary. - * - * The routine uhash_init() initializes the uhash_ctx data structure and + * uhash_final() which + * calculates the UHASH output. Before beginning another UHASH calculation + * the uhash_reset() routine must be called. The all-at-once UHASH routine, + * uhash(), is equivalent to the sequence of calls uhash_update() and + * uhash_final(); however it is optimized and should be + * used whenever the sequential interface is not necessary. + * + * The routine uhash_init() initializes the uhash_ctx data structure and * must be called once, before any other UHASH routine. - */ + */ /* ---------------------------------------------------------------------- */ /* ----- Constants and uhash_ctx ---------------------------------------- */ @@ -802,13 +802,13 @@ static UINT64 poly64(UINT64 cur, UINT64 key, UINT64 data) x_lo, x_hi; UINT64 X,T,res; - + X = MUL64(key_hi, cur_lo) + MUL64(cur_hi, key_lo); x_lo = (UINT32)X; x_hi = (UINT32)(X >> 32); - + res = (MUL64(key_hi, cur_hi) + x_hi) * 59 + MUL64(key_lo, cur_lo); - + T = ((UINT64)x_lo << 32); res += T; if (res < T) @@ -832,10 +832,10 @@ static void poly_hash(uhash_ctx_t hc, UINT32 data_in[]) { int i; UINT64 *data=(UINT64*)data_in; - + for (i = 0; i < STREAMS; i++) { if ((UINT32)(data[i] >> 32) == 0xfffffffful) { - hc->poly_accum[i] = poly64(hc->poly_accum[i], + hc->poly_accum[i] = poly64(hc->poly_accum[i], hc->poly_key_8[i], p64 - 1); hc->poly_accum[i] = poly64(hc->poly_accum[i], hc->poly_key_8[i], (data[i] - 59)); @@ -862,7 +862,7 @@ static UINT64 ip_aux(UINT64 t, UINT64 *ipkp, UINT64 data) t = t + ipkp[1] * (UINT64)(UINT16)(data >> 32); t = t + ipkp[2] * (UINT64)(UINT16)(data >> 16); t = t + ipkp[3] * (UINT64)(UINT16)(data); - + return t; } @@ -870,7 +870,7 @@ static UINT32 ip_reduce_p36(UINT64 t) { /* Divisionless modular reduction */ UINT64 ret; - + ret = (t & m36) + 5 * (t >> 36); if (ret >= p36) ret -= p36; @@ -888,7 +888,7 @@ static void ip_short(uhash_ctx_t ahc, UINT8 *nh_res, u_char *res) { UINT64 t; UINT64 *nhp = (UINT64 *)nh_res; - + t = ip_aux(0,ahc->ip_keys, nhp[0]); STORE_UINT32_BIG((UINT32 *)res+0, ip_reduce_p36(t) ^ ahc->ip_trans[0]); #if (UMAC_OUTPUT_LEN >= 8) @@ -919,7 +919,7 @@ static void ip_long(uhash_ctx_t ahc, u_char *res) if (ahc->poly_accum[i] >= p64) ahc->poly_accum[i] -= p64; t = ip_aux(0,ahc->ip_keys+(i*4), ahc->poly_accum[i]); - STORE_UINT32_BIG((UINT32 *)res+i, + STORE_UINT32_BIG((UINT32 *)res+i, ip_reduce_p36(t) ^ ahc->ip_trans[i]); } } @@ -958,13 +958,13 @@ static void uhash_init(uhash_ctx_t ahc, aes_int_key prf_key) { int i; UINT8 buf[(8*STREAMS+4)*sizeof(UINT64)]; - + /* Zero the entire uhash context */ memset(ahc, 0, sizeof(uhash_ctx)); /* Initialize the L1 hash */ nh_init(&ahc->hash, prf_key); - + /* Setup L2 hash variables */ kdf(buf, prf_key, 2, sizeof(buf)); /* Fill buffer with index 1 key */ for (i = 0; i < STREAMS; i++) { @@ -978,17 +978,17 @@ static void uhash_init(uhash_ctx_t ahc, aes_int_key prf_key) ahc->poly_key_8[i] &= ((UINT64)0x01ffffffu << 32) + 0x01ffffffu; ahc->poly_accum[i] = 1; /* Our polyhash prepends a non-zero word */ } - + /* Setup L3-1 hash variables */ kdf(buf, prf_key, 3, sizeof(buf)); /* Fill buffer with index 2 key */ for (i = 0; i < STREAMS; i++) memcpy(ahc->ip_keys+4*i, buf+(8*i+4)*sizeof(UINT64), 4*sizeof(UINT64)); - endian_convert_if_le(ahc->ip_keys, sizeof(UINT64), + endian_convert_if_le(ahc->ip_keys, sizeof(UINT64), sizeof(ahc->ip_keys)); for (i = 0; i < STREAMS*4; i++) ahc->ip_keys[i] %= p36; /* Bring into Z_p36 */ - + /* Setup L3-2 hash variables */ /* Fill buffer with index 4 key */ kdf(ahc->ip_trans, prf_key, 4, STREAMS * sizeof(UINT32)); @@ -1006,7 +1006,7 @@ static uhash_ctx_t uhash_alloc(u_char key[]) uhash_ctx_t ctx; u_char bytes_to_add; aes_int_key prf_key; - + ctx = (uhash_ctx_t)malloc(sizeof(uhash_ctx)+ALLOC_BOUNDARY); if (ctx) { if (ALLOC_BOUNDARY) { @@ -1029,7 +1029,7 @@ static int uhash_free(uhash_ctx_t ctx) { /* Free memory allocated by uhash_alloc */ u_char bytes_to_sub; - + if (ctx) { if (ALLOC_BOUNDARY) { bytes_to_sub = *((u_char *)ctx - 1); @@ -1050,12 +1050,12 @@ static int uhash_update(uhash_ctx_t ctx, const u_char *input, long len) UWORD bytes_hashed, bytes_remaining; UINT64 result_buf[STREAMS]; UINT8 *nh_result = (UINT8 *)&result_buf; - + if (ctx->msg_len + len <= L1_KEY_LEN) { nh_update(&ctx->hash, (const UINT8 *)input, len); ctx->msg_len += len; } else { - + bytes_hashed = ctx->msg_len % L1_KEY_LEN; if (ctx->msg_len == L1_KEY_LEN) bytes_hashed = L1_KEY_LEN; @@ -1128,15 +1128,15 @@ static int uhash(uhash_ctx_t ahc, u_char *msg, long len, u_char *res) UINT8 nh_result[STREAMS*sizeof(UINT64)]; UINT32 nh_len; int extra_zeroes_needed; - + /* If the message to be hashed is no longer than L1_HASH_LEN, we skip * the polyhash. */ if (len <= L1_KEY_LEN) { - if (len == 0) /* If zero length messages will not */ - nh_len = L1_PAD_BOUNDARY; /* be seen, comment out this case */ - else - nh_len = ((len + (L1_PAD_BOUNDARY - 1)) & ~(L1_PAD_BOUNDARY - 1)); + if (len == 0) /* If zero length messages will not */ + nh_len = L1_PAD_BOUNDARY; /* be seen, comment out this case */ + else + nh_len = ((len + (L1_PAD_BOUNDARY - 1)) & ~(L1_PAD_BOUNDARY - 1)); extra_zeroes_needed = nh_len - len; zero_pad((UINT8 *)msg + len, extra_zeroes_needed); nh(&ahc->hash, (UINT8 *)msg, nh_len, len, nh_result); @@ -1161,7 +1161,7 @@ static int uhash(uhash_ctx_t ahc, u_char *msg, long len, u_char *res) ip_long(ahc, res); } - + uhash_reset(ahc); return 1; } @@ -1175,9 +1175,9 @@ static int uhash(uhash_ctx_t ahc, u_char *msg, long len, u_char *res) /* The UMAC interface has two interfaces, an all-at-once interface where * the entire message to be authenticated is passed to UMAC in one buffer, - * and a sequential interface where the message is presented a little at a + * and a sequential interface where the message is presented a little at a * time. The all-at-once is more optimaized than the sequential version and - * should be preferred when the sequential interface is not required. + * should be preferred when the sequential interface is not required. */ struct umac_ctx { uhash_ctx hash; /* Hash function for message compression */ @@ -1213,14 +1213,14 @@ int umac_delete(struct umac_ctx *ctx) /* ---------------------------------------------------------------------- */ struct umac_ctx *umac_new(const u_char key[]) -/* Dynamically allocate a umac_ctx struct, initialize variables, +/* Dynamically allocate a umac_ctx struct, initialize variables, * generate subkeys from key. Align to 16-byte boundary. */ { struct umac_ctx *ctx, *octx; size_t bytes_to_add; aes_int_key prf_key; - + octx = ctx = xcalloc(1, sizeof(*ctx) + ALLOC_BOUNDARY); if (ctx) { if (ALLOC_BOUNDARY) { @@ -1234,7 +1234,7 @@ struct umac_ctx *umac_new(const u_char key[]) uhash_init(&ctx->hash, prf_key); explicit_bzero(prf_key, sizeof(prf_key)); } - + return (ctx); } @@ -1245,7 +1245,7 @@ int umac_final(struct umac_ctx *ctx, u_char tag[], const u_char nonce[8]) { uhash_final(&ctx->hash, (u_char *)tag); pdf_gen_xor(&ctx->pdf, (const UINT8 *)nonce, (UINT8 *)tag); - + return (1); } @@ -1263,14 +1263,14 @@ int umac_update(struct umac_ctx *ctx, const u_char *input, long len) /* ---------------------------------------------------------------------- */ #if 0 -int umac(struct umac_ctx *ctx, u_char *input, +int umac(struct umac_ctx *ctx, u_char *input, long len, u_char tag[], u_char nonce[8]) /* All-in-one version simply calls umac_update() and umac_final(). */ { uhash(&ctx->hash, input, len, (u_char *)tag); pdf_gen_xor(&ctx->pdf, (UINT8 *)nonce, (UINT8 *)tag); - + return (1); } #endif diff --git a/umac128.c b/umac128.c new file mode 100644 index 000000000000..f71792506264 --- /dev/null +++ b/umac128.c @@ -0,0 +1,10 @@ +/* $OpenBSD: umac128.c,v 1.2 2018/02/08 04:12:32 dtucker Exp $ */ + +#define UMAC_OUTPUT_LEN 16 +#define umac_new umac128_new +#define umac_update umac128_update +#define umac_final umac128_final +#define umac_delete umac128_delete +#define umac_ctx umac128_ctx + +#include "umac.c" diff --git a/version.h b/version.h index e093f623b227..ea52b26f5e3d 100644 --- a/version.h +++ b/version.h @@ -1,6 +1,6 @@ -/* $OpenBSD: version.h,v 1.80 2017/09/30 22:26:33 djm Exp $ */ +/* $OpenBSD: version.h,v 1.81 2018/03/24 19:29:03 markus Exp $ */ -#define SSH_VERSION "OpenSSH_7.6" +#define SSH_VERSION "OpenSSH_7.7" #define SSH_PORTABLE "p1" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE diff --git a/xmss_commons.c b/xmss_commons.c new file mode 100644 index 000000000000..59486aead708 --- /dev/null +++ b/xmss_commons.c @@ -0,0 +1,36 @@ +/* $OpenBSD: xmss_commons.c,v 1.2 2018/02/26 03:56:44 dtucker Exp $ */ +/* +xmss_commons.c 20160722 +Andreas Hülsing +Joost Rijneveld +Public domain. +*/ + +#include "includes.h" +#ifdef WITH_XMSS + +#include "xmss_commons.h" +#include +#include +#ifdef HAVE_STDINT_H +#include +#endif + +void to_byte(unsigned char *out, unsigned long long in, uint32_t bytes) +{ + int32_t i; + for (i = bytes-1; i >= 0; i--) { + out[i] = in & 0xff; + in = in >> 8; + } +} + +#if 0 +void hexdump(const unsigned char *a, size_t len) +{ + size_t i; + for (i = 0; i < len; i++) + printf("%02x", a[i]); +} +#endif +#endif /* WITH_XMSS */ diff --git a/xmss_commons.h b/xmss_commons.h new file mode 100644 index 000000000000..a98e4799c425 --- /dev/null +++ b/xmss_commons.h @@ -0,0 +1,21 @@ +#ifdef WITH_XMSS +/* $OpenBSD: xmss_commons.h,v 1.3 2018/02/26 03:56:44 dtucker Exp $ */ +/* +xmss_commons.h 20160722 +Andreas Hülsing +Joost Rijneveld +Public domain. +*/ +#ifndef XMSS_COMMONS_H +#define XMSS_COMMONS_H + +#include +#ifdef HAVE_STDINT_H +#include +#endif +#endif +void to_byte(unsigned char *output, unsigned long long in, uint32_t bytes); +#if 0 +void hexdump(const unsigned char *a, size_t len); +#endif +#endif /* WITH_XMSS */ diff --git a/xmss_fast.c b/xmss_fast.c new file mode 100644 index 000000000000..e37447f60d8c --- /dev/null +++ b/xmss_fast.c @@ -0,0 +1,1106 @@ +/* $OpenBSD: xmss_fast.c,v 1.3 2018/03/22 07:06:11 markus Exp $ */ +/* +xmss_fast.c version 20160722 +Andreas Hülsing +Joost Rijneveld +Public domain. +*/ + +#include "includes.h" +#ifdef WITH_XMSS + +#include +#include +#ifdef HAVE_STDINT_H +#include +#endif + +#include "xmss_fast.h" +#include "crypto_api.h" +#include "xmss_wots.h" +#include "xmss_hash.h" + +#include "xmss_commons.h" +#include "xmss_hash_address.h" +// For testing +#include "stdio.h" + + + +/** + * Used for pseudorandom keygeneration, + * generates the seed for the WOTS keypair at address addr + * + * takes n byte sk_seed and returns n byte seed using 32 byte address addr. + */ +static void get_seed(unsigned char *seed, const unsigned char *sk_seed, int n, uint32_t addr[8]) +{ + unsigned char bytes[32]; + // Make sure that chain addr, hash addr, and key bit are 0! + setChainADRS(addr,0); + setHashADRS(addr,0); + setKeyAndMask(addr,0); + // Generate pseudorandom value + addr_to_byte(bytes, addr); + prf(seed, bytes, sk_seed, n); +} + +/** + * Initialize xmss params struct + * parameter names are the same as in the draft + * parameter k is K as used in the BDS algorithm + */ +int xmss_set_params(xmss_params *params, int n, int h, int w, int k) +{ + if (k >= h || k < 2 || (h - k) % 2) { + fprintf(stderr, "For BDS traversal, H - K must be even, with H > K >= 2!\n"); + return 1; + } + params->h = h; + params->n = n; + params->k = k; + wots_params wots_par; + wots_set_params(&wots_par, n, w); + params->wots_par = wots_par; + return 0; +} + +/** + * Initialize BDS state struct + * parameter names are the same as used in the description of the BDS traversal + */ +void xmss_set_bds_state(bds_state *state, unsigned char *stack, int stackoffset, unsigned char *stacklevels, unsigned char *auth, unsigned char *keep, treehash_inst *treehash, unsigned char *retain, int next_leaf) +{ + state->stack = stack; + state->stackoffset = stackoffset; + state->stacklevels = stacklevels; + state->auth = auth; + state->keep = keep; + state->treehash = treehash; + state->retain = retain; + state->next_leaf = next_leaf; +} + +/** + * Initialize xmssmt_params struct + * parameter names are the same as in the draft + * + * Especially h is the total tree height, i.e. the XMSS trees have height h/d + */ +int xmssmt_set_params(xmssmt_params *params, int n, int h, int d, int w, int k) +{ + if (h % d) { + fprintf(stderr, "d must divide h without remainder!\n"); + return 1; + } + params->h = h; + params->d = d; + params->n = n; + params->index_len = (h + 7) / 8; + xmss_params xmss_par; + if (xmss_set_params(&xmss_par, n, (h/d), w, k)) { + return 1; + } + params->xmss_par = xmss_par; + return 0; +} + +/** + * Computes a leaf from a WOTS public key using an L-tree. + */ +static void l_tree(unsigned char *leaf, unsigned char *wots_pk, const xmss_params *params, const unsigned char *pub_seed, uint32_t addr[8]) +{ + unsigned int l = params->wots_par.len; + unsigned int n = params->n; + uint32_t i = 0; + uint32_t height = 0; + uint32_t bound; + + //ADRS.setTreeHeight(0); + setTreeHeight(addr, height); + + while (l > 1) { + bound = l >> 1; //floor(l / 2); + for (i = 0; i < bound; i++) { + //ADRS.setTreeIndex(i); + setTreeIndex(addr, i); + //wots_pk[i] = RAND_HASH(pk[2i], pk[2i + 1], SEED, ADRS); + hash_h(wots_pk+i*n, wots_pk+i*2*n, pub_seed, addr, n); + } + //if ( l % 2 == 1 ) { + if (l & 1) { + //pk[floor(l / 2) + 1] = pk[l]; + memcpy(wots_pk+(l>>1)*n, wots_pk+(l-1)*n, n); + //l = ceil(l / 2); + l=(l>>1)+1; + } + else { + //l = ceil(l / 2); + l=(l>>1); + } + //ADRS.setTreeHeight(ADRS.getTreeHeight() + 1); + height++; + setTreeHeight(addr, height); + } + //return pk[0]; + memcpy(leaf, wots_pk, n); +} + +/** + * Computes the leaf at a given address. First generates the WOTS key pair, then computes leaf using l_tree. As this happens position independent, we only require that addr encodes the right ltree-address. + */ +static void gen_leaf_wots(unsigned char *leaf, const unsigned char *sk_seed, const xmss_params *params, const unsigned char *pub_seed, uint32_t ltree_addr[8], uint32_t ots_addr[8]) +{ + unsigned char seed[params->n]; + unsigned char pk[params->wots_par.keysize]; + + get_seed(seed, sk_seed, params->n, ots_addr); + wots_pkgen(pk, seed, &(params->wots_par), pub_seed, ots_addr); + + l_tree(leaf, pk, params, pub_seed, ltree_addr); +} + +static int treehash_minheight_on_stack(bds_state* state, const xmss_params *params, const treehash_inst *treehash) { + unsigned int r = params->h, i; + for (i = 0; i < treehash->stackusage; i++) { + if (state->stacklevels[state->stackoffset - i - 1] < r) { + r = state->stacklevels[state->stackoffset - i - 1]; + } + } + return r; +} + +/** + * Merkle's TreeHash algorithm. The address only needs to initialize the first 78 bits of addr. Everything else will be set by treehash. + * Currently only used for key generation. + * + */ +static void treehash_setup(unsigned char *node, int height, int index, bds_state *state, const unsigned char *sk_seed, const xmss_params *params, const unsigned char *pub_seed, const uint32_t addr[8]) +{ + unsigned int idx = index; + unsigned int n = params->n; + unsigned int h = params->h; + unsigned int k = params->k; + // use three different addresses because at this point we use all three formats in parallel + uint32_t ots_addr[8]; + uint32_t ltree_addr[8]; + uint32_t node_addr[8]; + // only copy layer and tree address parts + memcpy(ots_addr, addr, 12); + // type = ots + setType(ots_addr, 0); + memcpy(ltree_addr, addr, 12); + setType(ltree_addr, 1); + memcpy(node_addr, addr, 12); + setType(node_addr, 2); + + uint32_t lastnode, i; + unsigned char stack[(height+1)*n]; + unsigned int stacklevels[height+1]; + unsigned int stackoffset=0; + unsigned int nodeh; + + lastnode = idx+(1<treehash[i].h = i; + state->treehash[i].completed = 1; + state->treehash[i].stackusage = 0; + } + + i = 0; + for (; idx < lastnode; idx++) { + setLtreeADRS(ltree_addr, idx); + setOTSADRS(ots_addr, idx); + gen_leaf_wots(stack+stackoffset*n, sk_seed, params, pub_seed, ltree_addr, ots_addr); + stacklevels[stackoffset] = 0; + stackoffset++; + if (h - k > 0 && i == 3) { + memcpy(state->treehash[0].node, stack+stackoffset*n, n); + } + while (stackoffset>1 && stacklevels[stackoffset-1] == stacklevels[stackoffset-2]) + { + nodeh = stacklevels[stackoffset-1]; + if (i >> nodeh == 1) { + memcpy(state->auth + nodeh*n, stack+(stackoffset-1)*n, n); + } + else { + if (nodeh < h - k && i >> nodeh == 3) { + memcpy(state->treehash[nodeh].node, stack+(stackoffset-1)*n, n); + } + else if (nodeh >= h - k) { + memcpy(state->retain + ((1 << (h - 1 - nodeh)) + nodeh - h + (((i >> nodeh) - 3) >> 1)) * n, stack+(stackoffset-1)*n, n); + } + } + setTreeHeight(node_addr, stacklevels[stackoffset-1]); + setTreeIndex(node_addr, (idx >> (stacklevels[stackoffset-1]+1))); + hash_h(stack+(stackoffset-2)*n, stack+(stackoffset-2)*n, pub_seed, + node_addr, n); + stacklevels[stackoffset-2]++; + stackoffset--; + } + i++; + } + + for (i = 0; i < n; i++) + node[i] = stack[i]; +} + +static void treehash_update(treehash_inst *treehash, bds_state *state, const unsigned char *sk_seed, const xmss_params *params, const unsigned char *pub_seed, const uint32_t addr[8]) { + int n = params->n; + + uint32_t ots_addr[8]; + uint32_t ltree_addr[8]; + uint32_t node_addr[8]; + // only copy layer and tree address parts + memcpy(ots_addr, addr, 12); + // type = ots + setType(ots_addr, 0); + memcpy(ltree_addr, addr, 12); + setType(ltree_addr, 1); + memcpy(node_addr, addr, 12); + setType(node_addr, 2); + + setLtreeADRS(ltree_addr, treehash->next_idx); + setOTSADRS(ots_addr, treehash->next_idx); + + unsigned char nodebuffer[2 * n]; + unsigned int nodeheight = 0; + gen_leaf_wots(nodebuffer, sk_seed, params, pub_seed, ltree_addr, ots_addr); + while (treehash->stackusage > 0 && state->stacklevels[state->stackoffset-1] == nodeheight) { + memcpy(nodebuffer + n, nodebuffer, n); + memcpy(nodebuffer, state->stack + (state->stackoffset-1)*n, n); + setTreeHeight(node_addr, nodeheight); + setTreeIndex(node_addr, (treehash->next_idx >> (nodeheight+1))); + hash_h(nodebuffer, nodebuffer, pub_seed, node_addr, n); + nodeheight++; + treehash->stackusage--; + state->stackoffset--; + } + if (nodeheight == treehash->h) { // this also implies stackusage == 0 + memcpy(treehash->node, nodebuffer, n); + treehash->completed = 1; + } + else { + memcpy(state->stack + state->stackoffset*n, nodebuffer, n); + treehash->stackusage++; + state->stacklevels[state->stackoffset] = nodeheight; + state->stackoffset++; + treehash->next_idx++; + } +} + +/** + * Computes a root node given a leaf and an authapth + */ +static void validate_authpath(unsigned char *root, const unsigned char *leaf, unsigned long leafidx, const unsigned char *authpath, const xmss_params *params, const unsigned char *pub_seed, uint32_t addr[8]) +{ + unsigned int n = params->n; + + uint32_t i, j; + unsigned char buffer[2*n]; + + // If leafidx is odd (last bit = 1), current path element is a right child and authpath has to go to the left. + // Otherwise, it is the other way around + if (leafidx & 1) { + for (j = 0; j < n; j++) + buffer[n+j] = leaf[j]; + for (j = 0; j < n; j++) + buffer[j] = authpath[j]; + } + else { + for (j = 0; j < n; j++) + buffer[j] = leaf[j]; + for (j = 0; j < n; j++) + buffer[n+j] = authpath[j]; + } + authpath += n; + + for (i=0; i < params->h-1; i++) { + setTreeHeight(addr, i); + leafidx >>= 1; + setTreeIndex(addr, leafidx); + if (leafidx&1) { + hash_h(buffer+n, buffer, pub_seed, addr, n); + for (j = 0; j < n; j++) + buffer[j] = authpath[j]; + } + else { + hash_h(buffer, buffer, pub_seed, addr, n); + for (j = 0; j < n; j++) + buffer[j+n] = authpath[j]; + } + authpath += n; + } + setTreeHeight(addr, (params->h-1)); + leafidx >>= 1; + setTreeIndex(addr, leafidx); + hash_h(root, buffer, pub_seed, addr, n); +} + +/** + * Performs one treehash update on the instance that needs it the most. + * Returns 1 if such an instance was not found + **/ +static char bds_treehash_update(bds_state *state, unsigned int updates, const unsigned char *sk_seed, const xmss_params *params, unsigned char *pub_seed, const uint32_t addr[8]) { + uint32_t i, j; + unsigned int level, l_min, low; + unsigned int h = params->h; + unsigned int k = params->k; + unsigned int used = 0; + + for (j = 0; j < updates; j++) { + l_min = h; + level = h - k; + for (i = 0; i < h - k; i++) { + if (state->treehash[i].completed) { + low = h; + } + else if (state->treehash[i].stackusage == 0) { + low = i; + } + else { + low = treehash_minheight_on_stack(state, params, &(state->treehash[i])); + } + if (low < l_min) { + level = i; + l_min = low; + } + } + if (level == h - k) { + break; + } + treehash_update(&(state->treehash[level]), state, sk_seed, params, pub_seed, addr); + used++; + } + return updates - used; +} + +/** + * Updates the state (typically NEXT_i) by adding a leaf and updating the stack + * Returns 1 if all leaf nodes have already been processed + **/ +static char bds_state_update(bds_state *state, const unsigned char *sk_seed, const xmss_params *params, unsigned char *pub_seed, const uint32_t addr[8]) { + uint32_t ltree_addr[8]; + uint32_t node_addr[8]; + uint32_t ots_addr[8]; + + int n = params->n; + int h = params->h; + int k = params->k; + + int nodeh; + int idx = state->next_leaf; + if (idx == 1 << h) { + return 1; + } + + // only copy layer and tree address parts + memcpy(ots_addr, addr, 12); + // type = ots + setType(ots_addr, 0); + memcpy(ltree_addr, addr, 12); + setType(ltree_addr, 1); + memcpy(node_addr, addr, 12); + setType(node_addr, 2); + + setOTSADRS(ots_addr, idx); + setLtreeADRS(ltree_addr, idx); + + gen_leaf_wots(state->stack+state->stackoffset*n, sk_seed, params, pub_seed, ltree_addr, ots_addr); + + state->stacklevels[state->stackoffset] = 0; + state->stackoffset++; + if (h - k > 0 && idx == 3) { + memcpy(state->treehash[0].node, state->stack+state->stackoffset*n, n); + } + while (state->stackoffset>1 && state->stacklevels[state->stackoffset-1] == state->stacklevels[state->stackoffset-2]) { + nodeh = state->stacklevels[state->stackoffset-1]; + if (idx >> nodeh == 1) { + memcpy(state->auth + nodeh*n, state->stack+(state->stackoffset-1)*n, n); + } + else { + if (nodeh < h - k && idx >> nodeh == 3) { + memcpy(state->treehash[nodeh].node, state->stack+(state->stackoffset-1)*n, n); + } + else if (nodeh >= h - k) { + memcpy(state->retain + ((1 << (h - 1 - nodeh)) + nodeh - h + (((idx >> nodeh) - 3) >> 1)) * n, state->stack+(state->stackoffset-1)*n, n); + } + } + setTreeHeight(node_addr, state->stacklevels[state->stackoffset-1]); + setTreeIndex(node_addr, (idx >> (state->stacklevels[state->stackoffset-1]+1))); + hash_h(state->stack+(state->stackoffset-2)*n, state->stack+(state->stackoffset-2)*n, pub_seed, node_addr, n); + + state->stacklevels[state->stackoffset-2]++; + state->stackoffset--; + } + state->next_leaf++; + return 0; +} + +/** + * Returns the auth path for node leaf_idx and computes the auth path for the + * next leaf node, using the algorithm described by Buchmann, Dahmen and Szydlo + * in "Post Quantum Cryptography", Springer 2009. + */ +static void bds_round(bds_state *state, const unsigned long leaf_idx, const unsigned char *sk_seed, const xmss_params *params, unsigned char *pub_seed, uint32_t addr[8]) +{ + unsigned int i; + unsigned int n = params->n; + unsigned int h = params->h; + unsigned int k = params->k; + + unsigned int tau = h; + unsigned int startidx; + unsigned int offset, rowidx; + unsigned char buf[2 * n]; + + uint32_t ots_addr[8]; + uint32_t ltree_addr[8]; + uint32_t node_addr[8]; + // only copy layer and tree address parts + memcpy(ots_addr, addr, 12); + // type = ots + setType(ots_addr, 0); + memcpy(ltree_addr, addr, 12); + setType(ltree_addr, 1); + memcpy(node_addr, addr, 12); + setType(node_addr, 2); + + for (i = 0; i < h; i++) { + if (! ((leaf_idx >> i) & 1)) { + tau = i; + break; + } + } + + if (tau > 0) { + memcpy(buf, state->auth + (tau-1) * n, n); + // we need to do this before refreshing state->keep to prevent overwriting + memcpy(buf + n, state->keep + ((tau-1) >> 1) * n, n); + } + if (!((leaf_idx >> (tau + 1)) & 1) && (tau < h - 1)) { + memcpy(state->keep + (tau >> 1)*n, state->auth + tau*n, n); + } + if (tau == 0) { + setLtreeADRS(ltree_addr, leaf_idx); + setOTSADRS(ots_addr, leaf_idx); + gen_leaf_wots(state->auth, sk_seed, params, pub_seed, ltree_addr, ots_addr); + } + else { + setTreeHeight(node_addr, (tau-1)); + setTreeIndex(node_addr, leaf_idx >> tau); + hash_h(state->auth + tau * n, buf, pub_seed, node_addr, n); + for (i = 0; i < tau; i++) { + if (i < h - k) { + memcpy(state->auth + i * n, state->treehash[i].node, n); + } + else { + offset = (1 << (h - 1 - i)) + i - h; + rowidx = ((leaf_idx >> i) - 1) >> 1; + memcpy(state->auth + i * n, state->retain + (offset + rowidx) * n, n); + } + } + + for (i = 0; i < ((tau < h - k) ? tau : (h - k)); i++) { + startidx = leaf_idx + 1 + 3 * (1 << i); + if (startidx < 1U << h) { + state->treehash[i].h = i; + state->treehash[i].next_idx = startidx; + state->treehash[i].completed = 0; + state->treehash[i].stackusage = 0; + } + } + } +} + +/* + * Generates a XMSS key pair for a given parameter set. + * Format sk: [(32bit) idx || SK_SEED || SK_PRF || PUB_SEED || root] + * Format pk: [root || PUB_SEED] omitting algo oid. + */ +int xmss_keypair(unsigned char *pk, unsigned char *sk, bds_state *state, xmss_params *params) +{ + unsigned int n = params->n; + // Set idx = 0 + sk[0] = 0; + sk[1] = 0; + sk[2] = 0; + sk[3] = 0; + // Init SK_SEED (n byte), SK_PRF (n byte), and PUB_SEED (n byte) + randombytes(sk+4, 3*n); + // Copy PUB_SEED to public key + memcpy(pk+n, sk+4+2*n, n); + + uint32_t addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; + + // Compute root + treehash_setup(pk, params->h, 0, state, sk+4, params, sk+4+2*n, addr); + // copy root to sk + memcpy(sk+4+3*n, pk, n); + return 0; +} + +/** + * Signs a message. + * Returns + * 1. an array containing the signature followed by the message AND + * 2. an updated secret key! + * + */ +int xmss_sign(unsigned char *sk, bds_state *state, unsigned char *sig_msg, unsigned long long *sig_msg_len, const unsigned char *msg, unsigned long long msglen, const xmss_params *params) +{ + unsigned int h = params->h; + unsigned int n = params->n; + unsigned int k = params->k; + uint16_t i = 0; + + // Extract SK + unsigned long idx = ((unsigned long)sk[0] << 24) | ((unsigned long)sk[1] << 16) | ((unsigned long)sk[2] << 8) | sk[3]; + unsigned char sk_seed[n]; + memcpy(sk_seed, sk+4, n); + unsigned char sk_prf[n]; + memcpy(sk_prf, sk+4+n, n); + unsigned char pub_seed[n]; + memcpy(pub_seed, sk+4+2*n, n); + + // index as 32 bytes string + unsigned char idx_bytes_32[32]; + to_byte(idx_bytes_32, idx, 32); + + unsigned char hash_key[3*n]; + + // Update SK + sk[0] = ((idx + 1) >> 24) & 255; + sk[1] = ((idx + 1) >> 16) & 255; + sk[2] = ((idx + 1) >> 8) & 255; + sk[3] = (idx + 1) & 255; + // -- Secret key for this non-forward-secure version is now updated. + // -- A productive implementation should use a file handle instead and write the updated secret key at this point! + + // Init working params + unsigned char R[n]; + unsigned char msg_h[n]; + unsigned char ots_seed[n]; + uint32_t ots_addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; + + // --------------------------------- + // Message Hashing + // --------------------------------- + + // Message Hash: + // First compute pseudorandom value + prf(R, idx_bytes_32, sk_prf, n); + // Generate hash key (R || root || idx) + memcpy(hash_key, R, n); + memcpy(hash_key+n, sk+4+3*n, n); + to_byte(hash_key+2*n, idx, n); + // Then use it for message digest + h_msg(msg_h, msg, msglen, hash_key, 3*n, n); + + // Start collecting signature + *sig_msg_len = 0; + + // Copy index to signature + sig_msg[0] = (idx >> 24) & 255; + sig_msg[1] = (idx >> 16) & 255; + sig_msg[2] = (idx >> 8) & 255; + sig_msg[3] = idx & 255; + + sig_msg += 4; + *sig_msg_len += 4; + + // Copy R to signature + for (i = 0; i < n; i++) + sig_msg[i] = R[i]; + + sig_msg += n; + *sig_msg_len += n; + + // ---------------------------------- + // Now we start to "really sign" + // ---------------------------------- + + // Prepare Address + setType(ots_addr, 0); + setOTSADRS(ots_addr, idx); + + // Compute seed for OTS key pair + get_seed(ots_seed, sk_seed, n, ots_addr); + + // Compute WOTS signature + wots_sign(sig_msg, msg_h, ots_seed, &(params->wots_par), pub_seed, ots_addr); + + sig_msg += params->wots_par.keysize; + *sig_msg_len += params->wots_par.keysize; + + // the auth path was already computed during the previous round + memcpy(sig_msg, state->auth, h*n); + + if (idx < (1U << h) - 1) { + bds_round(state, idx, sk_seed, params, pub_seed, ots_addr); + bds_treehash_update(state, (h - k) >> 1, sk_seed, params, pub_seed, ots_addr); + } + +/* TODO: save key/bds state here! */ + + sig_msg += params->h*n; + *sig_msg_len += params->h*n; + + //Whipe secret elements? + //zerobytes(tsk, CRYPTO_SECRETKEYBYTES); + + + memcpy(sig_msg, msg, msglen); + *sig_msg_len += msglen; + + return 0; +} + +/** + * Verifies a given message signature pair under a given public key. + */ +int xmss_sign_open(unsigned char *msg, unsigned long long *msglen, const unsigned char *sig_msg, unsigned long long sig_msg_len, const unsigned char *pk, const xmss_params *params) +{ + unsigned int n = params->n; + + unsigned long long i, m_len; + unsigned long idx=0; + unsigned char wots_pk[params->wots_par.keysize]; + unsigned char pkhash[n]; + unsigned char root[n]; + unsigned char msg_h[n]; + unsigned char hash_key[3*n]; + + unsigned char pub_seed[n]; + memcpy(pub_seed, pk+n, n); + + // Init addresses + uint32_t ots_addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; + uint32_t ltree_addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; + uint32_t node_addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; + + setType(ots_addr, 0); + setType(ltree_addr, 1); + setType(node_addr, 2); + + // Extract index + idx = ((unsigned long)sig_msg[0] << 24) | ((unsigned long)sig_msg[1] << 16) | ((unsigned long)sig_msg[2] << 8) | sig_msg[3]; + printf("verify:: idx = %lu\n", idx); + + // Generate hash key (R || root || idx) + memcpy(hash_key, sig_msg+4,n); + memcpy(hash_key+n, pk, n); + to_byte(hash_key+2*n, idx, n); + + sig_msg += (n+4); + sig_msg_len -= (n+4); + + // hash message + unsigned long long tmp_sig_len = params->wots_par.keysize+params->h*n; + m_len = sig_msg_len - tmp_sig_len; + h_msg(msg_h, sig_msg + tmp_sig_len, m_len, hash_key, 3*n, n); + + //----------------------- + // Verify signature + //----------------------- + + // Prepare Address + setOTSADRS(ots_addr, idx); + // Check WOTS signature + wots_pkFromSig(wots_pk, sig_msg, msg_h, &(params->wots_par), pub_seed, ots_addr); + + sig_msg += params->wots_par.keysize; + sig_msg_len -= params->wots_par.keysize; + + // Compute Ltree + setLtreeADRS(ltree_addr, idx); + l_tree(pkhash, wots_pk, params, pub_seed, ltree_addr); + + // Compute root + validate_authpath(root, pkhash, idx, sig_msg, params, pub_seed, node_addr); + + sig_msg += params->h*n; + sig_msg_len -= params->h*n; + + for (i = 0; i < n; i++) + if (root[i] != pk[i]) + goto fail; + + *msglen = sig_msg_len; + for (i = 0; i < *msglen; i++) + msg[i] = sig_msg[i]; + + return 0; + + +fail: + *msglen = sig_msg_len; + for (i = 0; i < *msglen; i++) + msg[i] = 0; + *msglen = -1; + return -1; +} + +/* + * Generates a XMSSMT key pair for a given parameter set. + * Format sk: [(ceil(h/8) bit) idx || SK_SEED || SK_PRF || PUB_SEED || root] + * Format pk: [root || PUB_SEED] omitting algo oid. + */ +int xmssmt_keypair(unsigned char *pk, unsigned char *sk, bds_state *states, unsigned char *wots_sigs, xmssmt_params *params) +{ + unsigned int n = params->n; + unsigned int i; + unsigned char ots_seed[params->n]; + // Set idx = 0 + for (i = 0; i < params->index_len; i++) { + sk[i] = 0; + } + // Init SK_SEED (n byte), SK_PRF (n byte), and PUB_SEED (n byte) + randombytes(sk+params->index_len, 3*n); + // Copy PUB_SEED to public key + memcpy(pk+n, sk+params->index_len+2*n, n); + + // Set address to point on the single tree on layer d-1 + uint32_t addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; + setLayerADRS(addr, (params->d-1)); + // Set up state and compute wots signatures for all but topmost tree root + for (i = 0; i < params->d - 1; i++) { + // Compute seed for OTS key pair + treehash_setup(pk, params->xmss_par.h, 0, states + i, sk+params->index_len, &(params->xmss_par), pk+n, addr); + setLayerADRS(addr, (i+1)); + get_seed(ots_seed, sk+params->index_len, n, addr); + wots_sign(wots_sigs + i*params->xmss_par.wots_par.keysize, pk, ots_seed, &(params->xmss_par.wots_par), pk+n, addr); + } + treehash_setup(pk, params->xmss_par.h, 0, states + i, sk+params->index_len, &(params->xmss_par), pk+n, addr); + memcpy(sk+params->index_len+3*n, pk, n); + return 0; +} + +/** + * Signs a message. + * Returns + * 1. an array containing the signature followed by the message AND + * 2. an updated secret key! + * + */ +int xmssmt_sign(unsigned char *sk, bds_state *states, unsigned char *wots_sigs, unsigned char *sig_msg, unsigned long long *sig_msg_len, const unsigned char *msg, unsigned long long msglen, const xmssmt_params *params) +{ + unsigned int n = params->n; + + unsigned int tree_h = params->xmss_par.h; + unsigned int h = params->h; + unsigned int k = params->xmss_par.k; + unsigned int idx_len = params->index_len; + uint64_t idx_tree; + uint32_t idx_leaf; + uint64_t i, j; + int needswap_upto = -1; + unsigned int updates; + + unsigned char sk_seed[n]; + unsigned char sk_prf[n]; + unsigned char pub_seed[n]; + // Init working params + unsigned char R[n]; + unsigned char msg_h[n]; + unsigned char hash_key[3*n]; + unsigned char ots_seed[n]; + uint32_t addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; + uint32_t ots_addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; + unsigned char idx_bytes_32[32]; + bds_state tmp; + + // Extract SK + unsigned long long idx = 0; + for (i = 0; i < idx_len; i++) { + idx |= ((unsigned long long)sk[i]) << 8*(idx_len - 1 - i); + } + + memcpy(sk_seed, sk+idx_len, n); + memcpy(sk_prf, sk+idx_len+n, n); + memcpy(pub_seed, sk+idx_len+2*n, n); + + // Update SK + for (i = 0; i < idx_len; i++) { + sk[i] = ((idx + 1) >> 8*(idx_len - 1 - i)) & 255; + } + // -- Secret key for this non-forward-secure version is now updated. + // -- A productive implementation should use a file handle instead and write the updated secret key at this point! + + + // --------------------------------- + // Message Hashing + // --------------------------------- + + // Message Hash: + // First compute pseudorandom value + to_byte(idx_bytes_32, idx, 32); + prf(R, idx_bytes_32, sk_prf, n); + // Generate hash key (R || root || idx) + memcpy(hash_key, R, n); + memcpy(hash_key+n, sk+idx_len+3*n, n); + to_byte(hash_key+2*n, idx, n); + + // Then use it for message digest + h_msg(msg_h, msg, msglen, hash_key, 3*n, n); + + // Start collecting signature + *sig_msg_len = 0; + + // Copy index to signature + for (i = 0; i < idx_len; i++) { + sig_msg[i] = (idx >> 8*(idx_len - 1 - i)) & 255; + } + + sig_msg += idx_len; + *sig_msg_len += idx_len; + + // Copy R to signature + for (i = 0; i < n; i++) + sig_msg[i] = R[i]; + + sig_msg += n; + *sig_msg_len += n; + + // ---------------------------------- + // Now we start to "really sign" + // ---------------------------------- + + // Handle lowest layer separately as it is slightly different... + + // Prepare Address + setType(ots_addr, 0); + idx_tree = idx >> tree_h; + idx_leaf = (idx & ((1 << tree_h)-1)); + setLayerADRS(ots_addr, 0); + setTreeADRS(ots_addr, idx_tree); + setOTSADRS(ots_addr, idx_leaf); + + // Compute seed for OTS key pair + get_seed(ots_seed, sk_seed, n, ots_addr); + + // Compute WOTS signature + wots_sign(sig_msg, msg_h, ots_seed, &(params->xmss_par.wots_par), pub_seed, ots_addr); + + sig_msg += params->xmss_par.wots_par.keysize; + *sig_msg_len += params->xmss_par.wots_par.keysize; + + memcpy(sig_msg, states[0].auth, tree_h*n); + sig_msg += tree_h*n; + *sig_msg_len += tree_h*n; + + // prepare signature of remaining layers + for (i = 1; i < params->d; i++) { + // put WOTS signature in place + memcpy(sig_msg, wots_sigs + (i-1)*params->xmss_par.wots_par.keysize, params->xmss_par.wots_par.keysize); + + sig_msg += params->xmss_par.wots_par.keysize; + *sig_msg_len += params->xmss_par.wots_par.keysize; + + // put AUTH nodes in place + memcpy(sig_msg, states[i].auth, tree_h*n); + sig_msg += tree_h*n; + *sig_msg_len += tree_h*n; + } + + updates = (tree_h - k) >> 1; + + setTreeADRS(addr, (idx_tree + 1)); + // mandatory update for NEXT_0 (does not count towards h-k/2) if NEXT_0 exists + if ((1 + idx_tree) * (1 << tree_h) + idx_leaf < (1ULL << h)) { + bds_state_update(&states[params->d], sk_seed, &(params->xmss_par), pub_seed, addr); + } + + for (i = 0; i < params->d; i++) { + // check if we're not at the end of a tree + if (! (((idx + 1) & ((1ULL << ((i+1)*tree_h)) - 1)) == 0)) { + idx_leaf = (idx >> (tree_h * i)) & ((1 << tree_h)-1); + idx_tree = (idx >> (tree_h * (i+1))); + setLayerADRS(addr, i); + setTreeADRS(addr, idx_tree); + if (i == (unsigned int) (needswap_upto + 1)) { + bds_round(&states[i], idx_leaf, sk_seed, &(params->xmss_par), pub_seed, addr); + } + updates = bds_treehash_update(&states[i], updates, sk_seed, &(params->xmss_par), pub_seed, addr); + setTreeADRS(addr, (idx_tree + 1)); + // if a NEXT-tree exists for this level; + if ((1 + idx_tree) * (1 << tree_h) + idx_leaf < (1ULL << (h - tree_h * i))) { + if (i > 0 && updates > 0 && states[params->d + i].next_leaf < (1ULL << h)) { + bds_state_update(&states[params->d + i], sk_seed, &(params->xmss_par), pub_seed, addr); + updates--; + } + } + } + else if (idx < (1ULL << h) - 1) { + memcpy(&tmp, states+params->d + i, sizeof(bds_state)); + memcpy(states+params->d + i, states + i, sizeof(bds_state)); + memcpy(states + i, &tmp, sizeof(bds_state)); + + setLayerADRS(ots_addr, (i+1)); + setTreeADRS(ots_addr, ((idx + 1) >> ((i+2) * tree_h))); + setOTSADRS(ots_addr, (((idx >> ((i+1) * tree_h)) + 1) & ((1 << tree_h)-1))); + + get_seed(ots_seed, sk+params->index_len, n, ots_addr); + wots_sign(wots_sigs + i*params->xmss_par.wots_par.keysize, states[i].stack, ots_seed, &(params->xmss_par.wots_par), pub_seed, ots_addr); + + states[params->d + i].stackoffset = 0; + states[params->d + i].next_leaf = 0; + + updates--; // WOTS-signing counts as one update + needswap_upto = i; + for (j = 0; j < tree_h-k; j++) { + states[i].treehash[j].completed = 1; + } + } + } + + //Whipe secret elements? + //zerobytes(tsk, CRYPTO_SECRETKEYBYTES); + + memcpy(sig_msg, msg, msglen); + *sig_msg_len += msglen; + + return 0; +} + +/** + * Verifies a given message signature pair under a given public key. + */ +int xmssmt_sign_open(unsigned char *msg, unsigned long long *msglen, const unsigned char *sig_msg, unsigned long long sig_msg_len, const unsigned char *pk, const xmssmt_params *params) +{ + unsigned int n = params->n; + + unsigned int tree_h = params->xmss_par.h; + unsigned int idx_len = params->index_len; + uint64_t idx_tree; + uint32_t idx_leaf; + + unsigned long long i, m_len; + unsigned long long idx=0; + unsigned char wots_pk[params->xmss_par.wots_par.keysize]; + unsigned char pkhash[n]; + unsigned char root[n]; + unsigned char msg_h[n]; + unsigned char hash_key[3*n]; + + unsigned char pub_seed[n]; + memcpy(pub_seed, pk+n, n); + + // Init addresses + uint32_t ots_addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; + uint32_t ltree_addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; + uint32_t node_addr[8] = {0, 0, 0, 0, 0, 0, 0, 0}; + + // Extract index + for (i = 0; i < idx_len; i++) { + idx |= ((unsigned long long)sig_msg[i]) << (8*(idx_len - 1 - i)); + } + printf("verify:: idx = %llu\n", idx); + sig_msg += idx_len; + sig_msg_len -= idx_len; + + // Generate hash key (R || root || idx) + memcpy(hash_key, sig_msg,n); + memcpy(hash_key+n, pk, n); + to_byte(hash_key+2*n, idx, n); + + sig_msg += n; + sig_msg_len -= n; + + + // hash message (recall, R is now on pole position at sig_msg + unsigned long long tmp_sig_len = (params->d * params->xmss_par.wots_par.keysize) + (params->h * n); + m_len = sig_msg_len - tmp_sig_len; + h_msg(msg_h, sig_msg + tmp_sig_len, m_len, hash_key, 3*n, n); + + + //----------------------- + // Verify signature + //----------------------- + + // Prepare Address + idx_tree = idx >> tree_h; + idx_leaf = (idx & ((1 << tree_h)-1)); + setLayerADRS(ots_addr, 0); + setTreeADRS(ots_addr, idx_tree); + setType(ots_addr, 0); + + memcpy(ltree_addr, ots_addr, 12); + setType(ltree_addr, 1); + + memcpy(node_addr, ltree_addr, 12); + setType(node_addr, 2); + + setOTSADRS(ots_addr, idx_leaf); + + // Check WOTS signature + wots_pkFromSig(wots_pk, sig_msg, msg_h, &(params->xmss_par.wots_par), pub_seed, ots_addr); + + sig_msg += params->xmss_par.wots_par.keysize; + sig_msg_len -= params->xmss_par.wots_par.keysize; + + // Compute Ltree + setLtreeADRS(ltree_addr, idx_leaf); + l_tree(pkhash, wots_pk, &(params->xmss_par), pub_seed, ltree_addr); + + // Compute root + validate_authpath(root, pkhash, idx_leaf, sig_msg, &(params->xmss_par), pub_seed, node_addr); + + sig_msg += tree_h*n; + sig_msg_len -= tree_h*n; + + for (i = 1; i < params->d; i++) { + // Prepare Address + idx_leaf = (idx_tree & ((1 << tree_h)-1)); + idx_tree = idx_tree >> tree_h; + + setLayerADRS(ots_addr, i); + setTreeADRS(ots_addr, idx_tree); + setType(ots_addr, 0); + + memcpy(ltree_addr, ots_addr, 12); + setType(ltree_addr, 1); + + memcpy(node_addr, ltree_addr, 12); + setType(node_addr, 2); + + setOTSADRS(ots_addr, idx_leaf); + + // Check WOTS signature + wots_pkFromSig(wots_pk, sig_msg, root, &(params->xmss_par.wots_par), pub_seed, ots_addr); + + sig_msg += params->xmss_par.wots_par.keysize; + sig_msg_len -= params->xmss_par.wots_par.keysize; + + // Compute Ltree + setLtreeADRS(ltree_addr, idx_leaf); + l_tree(pkhash, wots_pk, &(params->xmss_par), pub_seed, ltree_addr); + + // Compute root + validate_authpath(root, pkhash, idx_leaf, sig_msg, &(params->xmss_par), pub_seed, node_addr); + + sig_msg += tree_h*n; + sig_msg_len -= tree_h*n; + + } + + for (i = 0; i < n; i++) + if (root[i] != pk[i]) + goto fail; + + *msglen = sig_msg_len; + for (i = 0; i < *msglen; i++) + msg[i] = sig_msg[i]; + + return 0; + + +fail: + *msglen = sig_msg_len; + for (i = 0; i < *msglen; i++) + msg[i] = 0; + *msglen = -1; + return -1; +} +#endif /* WITH_XMSS */ diff --git a/xmss_fast.h b/xmss_fast.h new file mode 100644 index 000000000000..2ffba7057baf --- /dev/null +++ b/xmss_fast.h @@ -0,0 +1,111 @@ +#ifdef WITH_XMSS +/* $OpenBSD: xmss_fast.h,v 1.2 2018/02/26 03:56:44 dtucker Exp $ */ +/* +xmss_fast.h version 20160722 +Andreas Hülsing +Joost Rijneveld +Public domain. +*/ + +#include "xmss_wots.h" + +#ifndef XMSS_H +#define XMSS_H +typedef struct{ + unsigned int level; + unsigned long long subtree; + unsigned int subleaf; +} leafaddr; + +typedef struct{ + wots_params wots_par; + unsigned int n; + unsigned int h; + unsigned int k; +} xmss_params; + +typedef struct{ + xmss_params xmss_par; + unsigned int n; + unsigned int h; + unsigned int d; + unsigned int index_len; +} xmssmt_params; + +typedef struct{ + unsigned int h; + unsigned int next_idx; + unsigned int stackusage; + unsigned char completed; + unsigned char *node; +} treehash_inst; + +typedef struct { + unsigned char *stack; + unsigned int stackoffset; + unsigned char *stacklevels; + unsigned char *auth; + unsigned char *keep; + treehash_inst *treehash; + unsigned char *retain; + unsigned int next_leaf; +} bds_state; + +/** + * Initialize BDS state struct + * parameter names are the same as used in the description of the BDS traversal + */ +void xmss_set_bds_state(bds_state *state, unsigned char *stack, int stackoffset, unsigned char *stacklevels, unsigned char *auth, unsigned char *keep, treehash_inst *treehash, unsigned char *retain, int next_leaf); +/** + * Initializes parameter set. + * Needed, for any of the other methods. + */ +int xmss_set_params(xmss_params *params, int n, int h, int w, int k); +/** + * Initialize xmssmt_params struct + * parameter names are the same as in the draft + * + * Especially h is the total tree height, i.e. the XMSS trees have height h/d + */ +int xmssmt_set_params(xmssmt_params *params, int n, int h, int d, int w, int k); +/** + * Generates a XMSS key pair for a given parameter set. + * Format sk: [(32bit) idx || SK_SEED || SK_PRF || PUB_SEED || root] + * Format pk: [root || PUB_SEED] omitting algo oid. + */ +int xmss_keypair(unsigned char *pk, unsigned char *sk, bds_state *state, xmss_params *params); +/** + * Signs a message. + * Returns + * 1. an array containing the signature followed by the message AND + * 2. an updated secret key! + * + */ +int xmss_sign(unsigned char *sk, bds_state *state, unsigned char *sig_msg, unsigned long long *sig_msg_len, const unsigned char *msg,unsigned long long msglen, const xmss_params *params); +/** + * Verifies a given message signature pair under a given public key. + * + * Note: msg and msglen are pure outputs which carry the message in case verification succeeds. The (input) message is assumed to be within sig_msg which has the form (sig||msg). + */ +int xmss_sign_open(unsigned char *msg,unsigned long long *msglen, const unsigned char *sig_msg,unsigned long long sig_msg_len, const unsigned char *pk, const xmss_params *params); + +/* + * Generates a XMSSMT key pair for a given parameter set. + * Format sk: [(ceil(h/8) bit) idx || SK_SEED || SK_PRF || PUB_SEED || root] + * Format pk: [root || PUB_SEED] omitting algo oid. + */ +int xmssmt_keypair(unsigned char *pk, unsigned char *sk, bds_state *states, unsigned char *wots_sigs, xmssmt_params *params); +/** + * Signs a message. + * Returns + * 1. an array containing the signature followed by the message AND + * 2. an updated secret key! + * + */ +int xmssmt_sign(unsigned char *sk, bds_state *state, unsigned char *wots_sigs, unsigned char *sig_msg, unsigned long long *sig_msg_len, const unsigned char *msg, unsigned long long msglen, const xmssmt_params *params); +/** + * Verifies a given message signature pair under a given public key. + */ +int xmssmt_sign_open(unsigned char *msg, unsigned long long *msglen, const unsigned char *sig_msg, unsigned long long sig_msg_len, const unsigned char *pk, const xmssmt_params *params); +#endif +#endif /* WITH_XMSS */ diff --git a/xmss_hash.c b/xmss_hash.c new file mode 100644 index 000000000000..b9eee7cff293 --- /dev/null +++ b/xmss_hash.c @@ -0,0 +1,140 @@ +/* $OpenBSD: xmss_hash.c,v 1.2 2018/02/26 03:56:44 dtucker Exp $ */ +/* +hash.c version 20160722 +Andreas Hülsing +Joost Rijneveld +Public domain. +*/ + +#include "includes.h" +#ifdef WITH_XMSS + +#include "xmss_hash_address.h" +#include "xmss_commons.h" +#include "xmss_hash.h" + +#include +#ifdef HAVE_STDINT_H +#include +#endif +#include +#include +#include +#include +#include + +int core_hash_SHA2(unsigned char *, const unsigned int, const unsigned char *, + unsigned int, const unsigned char *, unsigned long long, unsigned int); + +unsigned char* addr_to_byte(unsigned char *bytes, const uint32_t addr[8]){ +#if IS_LITTLE_ENDIAN==1 + int i = 0; + for(i=0;i<8;i++) + to_byte(bytes+i*4, addr[i],4); + return bytes; +#else + memcpy(bytes, addr, 32); + return bytes; +#endif +} + +int core_hash_SHA2(unsigned char *out, const unsigned int type, const unsigned char *key, unsigned int keylen, const unsigned char *in, unsigned long long inlen, unsigned int n){ + unsigned long long i = 0; + unsigned char buf[inlen + n + keylen]; + + // Input is (toByte(X, 32) || KEY || M) + + // set toByte + to_byte(buf, type, n); + + for (i=0; i < keylen; i++) { + buf[i+n] = key[i]; + } + + for (i=0; i < inlen; i++) { + buf[keylen + n + i] = in[i]; + } + + if (n == 32) { + SHA256(buf, inlen + keylen + n, out); + return 0; + } + else { + if (n == 64) { + SHA512(buf, inlen + keylen + n, out); + return 0; + } + } + return 1; +} + +/** + * Implements PRF + */ +int prf(unsigned char *out, const unsigned char *in, const unsigned char *key, unsigned int keylen) +{ + return core_hash_SHA2(out, 3, key, keylen, in, 32, keylen); +} + +/* + * Implemts H_msg + */ +int h_msg(unsigned char *out, const unsigned char *in, unsigned long long inlen, const unsigned char *key, const unsigned int keylen, const unsigned int n) +{ + if (keylen != 3*n){ + // H_msg takes 3n-bit keys, but n does not match the keylength of keylen + return -1; + } + return core_hash_SHA2(out, 2, key, keylen, in, inlen, n); +} + +/** + * We assume the left half is in in[0]...in[n-1] + */ +int hash_h(unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], const unsigned int n) +{ + + unsigned char buf[2*n]; + unsigned char key[n]; + unsigned char bitmask[2*n]; + unsigned char byte_addr[32]; + unsigned int i; + + setKeyAndMask(addr, 0); + addr_to_byte(byte_addr, addr); + prf(key, byte_addr, pub_seed, n); + // Use MSB order + setKeyAndMask(addr, 1); + addr_to_byte(byte_addr, addr); + prf(bitmask, byte_addr, pub_seed, n); + setKeyAndMask(addr, 2); + addr_to_byte(byte_addr, addr); + prf(bitmask+n, byte_addr, pub_seed, n); + for (i = 0; i < 2*n; i++) { + buf[i] = in[i] ^ bitmask[i]; + } + return core_hash_SHA2(out, 1, key, n, buf, 2*n, n); +} + +int hash_f(unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], const unsigned int n) +{ + unsigned char buf[n]; + unsigned char key[n]; + unsigned char bitmask[n]; + unsigned char byte_addr[32]; + unsigned int i; + + setKeyAndMask(addr, 0); + addr_to_byte(byte_addr, addr); + prf(key, byte_addr, pub_seed, n); + + setKeyAndMask(addr, 1); + addr_to_byte(byte_addr, addr); + prf(bitmask, byte_addr, pub_seed, n); + + for (i = 0; i < n; i++) { + buf[i] = in[i] ^ bitmask[i]; + } + return core_hash_SHA2(out, 0, key, n, buf, n, n); +} +#endif /* WITH_XMSS */ diff --git a/xmss_hash.h b/xmss_hash.h new file mode 100644 index 000000000000..d19c62152add --- /dev/null +++ b/xmss_hash.h @@ -0,0 +1,22 @@ +#ifdef WITH_XMSS +/* $OpenBSD: xmss_hash.h,v 1.2 2018/02/26 03:56:44 dtucker Exp $ */ +/* +hash.h version 20160722 +Andreas Hülsing +Joost Rijneveld +Public domain. +*/ + +#ifndef HASH_H +#define HASH_H + +#define IS_LITTLE_ENDIAN 1 + +unsigned char* addr_to_byte(unsigned char *bytes, const uint32_t addr[8]); +int prf(unsigned char *out, const unsigned char *in, const unsigned char *key, unsigned int keylen); +int h_msg(unsigned char *out,const unsigned char *in,unsigned long long inlen, const unsigned char *key, const unsigned int keylen, const unsigned int n); +int hash_h(unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], const unsigned int n); +int hash_f(unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8], const unsigned int n); + +#endif +#endif /* WITH_XMSS */ diff --git a/xmss_hash_address.c b/xmss_hash_address.c new file mode 100644 index 000000000000..c6c1347e9267 --- /dev/null +++ b/xmss_hash_address.c @@ -0,0 +1,66 @@ +/* $OpenBSD: xmss_hash_address.c,v 1.2 2018/02/26 03:56:44 dtucker Exp $ */ +/* +hash_address.c version 20160722 +Andreas Hülsing +Joost Rijneveld +Public domain. +*/ +#include "includes.h" +#ifdef WITH_XMSS + +#ifdef HAVE_STDINT_H +#include +#endif +#include "xmss_hash_address.h" /* prototypes */ + +void setLayerADRS(uint32_t adrs[8], uint32_t layer){ + adrs[0] = layer; +} + +void setTreeADRS(uint32_t adrs[8], uint64_t tree){ + adrs[1] = (uint32_t) (tree >> 32); + adrs[2] = (uint32_t) tree; +} + +void setType(uint32_t adrs[8], uint32_t type){ + adrs[3] = type; + int i; + for(i = 4; i < 8; i++){ + adrs[i] = 0; + } +} + +void setKeyAndMask(uint32_t adrs[8], uint32_t keyAndMask){ + adrs[7] = keyAndMask; +} + +// OTS + +void setOTSADRS(uint32_t adrs[8], uint32_t ots){ + adrs[4] = ots; +} + +void setChainADRS(uint32_t adrs[8], uint32_t chain){ + adrs[5] = chain; +} + +void setHashADRS(uint32_t adrs[8], uint32_t hash){ + adrs[6] = hash; +} + +// L-tree + +void setLtreeADRS(uint32_t adrs[8], uint32_t ltree){ + adrs[4] = ltree; +} + +// Hash Tree & L-tree + +void setTreeHeight(uint32_t adrs[8], uint32_t treeHeight){ + adrs[5] = treeHeight; +} + +void setTreeIndex(uint32_t adrs[8], uint32_t treeIndex){ + adrs[6] = treeIndex; +} +#endif /* WITH_XMSS */ diff --git a/xmss_hash_address.h b/xmss_hash_address.h new file mode 100644 index 000000000000..66bb4cc4d5fa --- /dev/null +++ b/xmss_hash_address.h @@ -0,0 +1,40 @@ +#ifdef WITH_XMSS +/* $OpenBSD: xmss_hash_address.h,v 1.2 2018/02/26 03:56:44 dtucker Exp $ */ +/* +hash_address.h version 20160722 +Andreas Hülsing +Joost Rijneveld +Public domain. +*/ + +#ifdef HAVE_STDINT_H +#include +#endif + +void setLayerADRS(uint32_t adrs[8], uint32_t layer); + +void setTreeADRS(uint32_t adrs[8], uint64_t tree); + +void setType(uint32_t adrs[8], uint32_t type); + +void setKeyAndMask(uint32_t adrs[8], uint32_t keyAndMask); + +// OTS + +void setOTSADRS(uint32_t adrs[8], uint32_t ots); + +void setChainADRS(uint32_t adrs[8], uint32_t chain); + +void setHashADRS(uint32_t adrs[8], uint32_t hash); + +// L-tree + +void setLtreeADRS(uint32_t adrs[8], uint32_t ltree); + +// Hash Tree & L-tree + +void setTreeHeight(uint32_t adrs[8], uint32_t treeHeight); + +void setTreeIndex(uint32_t adrs[8], uint32_t treeIndex); + +#endif /* WITH_XMSS */ diff --git a/xmss_wots.c b/xmss_wots.c new file mode 100644 index 000000000000..b4702ed8d880 --- /dev/null +++ b/xmss_wots.c @@ -0,0 +1,192 @@ +/* $OpenBSD: xmss_wots.c,v 1.2 2018/02/26 03:56:44 dtucker Exp $ */ +/* +wots.c version 20160722 +Andreas Hülsing +Joost Rijneveld +Public domain. +*/ + +#include "includes.h" +#ifdef WITH_XMSS + +#include +#ifdef HAVE_STDINT_H +#include +#endif +#include +#include "xmss_commons.h" +#include "xmss_hash.h" +#include "xmss_wots.h" +#include "xmss_hash_address.h" + + +/* libm-free version of log2() for wots */ +static inline int +wots_log2(uint32_t v) +{ + int b; + + for (b = sizeof (v) * CHAR_BIT - 1; b >= 0; b--) { + if ((1U << b) & v) { + return b; + } + } + return 0; +} + +void +wots_set_params(wots_params *params, int n, int w) +{ + params->n = n; + params->w = w; + params->log_w = wots_log2(params->w); + params->len_1 = (CHAR_BIT * n) / params->log_w; + params->len_2 = (wots_log2(params->len_1 * (w - 1)) / params->log_w) + 1; + params->len = params->len_1 + params->len_2; + params->keysize = params->len * params->n; +} + +/** + * Helper method for pseudorandom key generation + * Expands an n-byte array into a len*n byte array + * this is done using PRF + */ +static void expand_seed(unsigned char *outseeds, const unsigned char *inseed, const wots_params *params) +{ + uint32_t i = 0; + unsigned char ctr[32]; + for(i = 0; i < params->len; i++){ + to_byte(ctr, i, 32); + prf((outseeds + (i*params->n)), ctr, inseed, params->n); + } +} + +/** + * Computes the chaining function. + * out and in have to be n-byte arrays + * + * interpretes in as start-th value of the chain + * addr has to contain the address of the chain + */ +static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const wots_params *params, const unsigned char *pub_seed, uint32_t addr[8]) +{ + uint32_t i, j; + for (j = 0; j < params->n; j++) + out[j] = in[j]; + + for (i = start; i < (start+steps) && i < params->w; i++) { + setHashADRS(addr, i); + hash_f(out, out, pub_seed, addr, params->n); + } +} + +/** + * base_w algorithm as described in draft. + * + * + */ +static void base_w(int *output, const int out_len, const unsigned char *input, const wots_params *params) +{ + int in = 0; + int out = 0; + uint32_t total = 0; + int bits = 0; + int consumed = 0; + + for (consumed = 0; consumed < out_len; consumed++) { + if (bits == 0) { + total = input[in]; + in++; + bits += 8; + } + bits -= params->log_w; + output[out] = (total >> bits) & (params->w - 1); + out++; + } +} + +void wots_pkgen(unsigned char *pk, const unsigned char *sk, const wots_params *params, const unsigned char *pub_seed, uint32_t addr[8]) +{ + uint32_t i; + expand_seed(pk, sk, params); + for (i=0; i < params->len; i++) { + setChainADRS(addr, i); + gen_chain(pk+i*params->n, pk+i*params->n, 0, params->w-1, params, pub_seed, addr); + } +} + + +int wots_sign(unsigned char *sig, const unsigned char *msg, const unsigned char *sk, const wots_params *params, const unsigned char *pub_seed, uint32_t addr[8]) +{ + //int basew[params->len]; + int csum = 0; + uint32_t i = 0; + int *basew = calloc(params->len, sizeof(int)); + if (basew == NULL) + return -1; + + base_w(basew, params->len_1, msg, params); + + for (i=0; i < params->len_1; i++) { + csum += params->w - 1 - basew[i]; + } + + csum = csum << (8 - ((params->len_2 * params->log_w) % 8)); + + int len_2_bytes = ((params->len_2 * params->log_w) + 7) / 8; + + unsigned char csum_bytes[len_2_bytes]; + to_byte(csum_bytes, csum, len_2_bytes); + + int csum_basew[params->len_2]; + base_w(csum_basew, params->len_2, csum_bytes, params); + + for (i = 0; i < params->len_2; i++) { + basew[params->len_1 + i] = csum_basew[i]; + } + + expand_seed(sig, sk, params); + + for (i = 0; i < params->len; i++) { + setChainADRS(addr, i); + gen_chain(sig+i*params->n, sig+i*params->n, 0, basew[i], params, pub_seed, addr); + } + free(basew); + return 0; +} + +int wots_pkFromSig(unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const wots_params *params, const unsigned char *pub_seed, uint32_t addr[8]) +{ + int csum = 0; + uint32_t i = 0; + int *basew = calloc(params->len, sizeof(int)); + if (basew == NULL) + return -1; + + base_w(basew, params->len_1, msg, params); + + for (i=0; i < params->len_1; i++) { + csum += params->w - 1 - basew[i]; + } + + csum = csum << (8 - ((params->len_2 * params->log_w) % 8)); + + int len_2_bytes = ((params->len_2 * params->log_w) + 7) / 8; + + unsigned char csum_bytes[len_2_bytes]; + to_byte(csum_bytes, csum, len_2_bytes); + + int csum_basew[params->len_2]; + base_w(csum_basew, params->len_2, csum_bytes, params); + + for (i = 0; i < params->len_2; i++) { + basew[params->len_1 + i] = csum_basew[i]; + } + for (i=0; i < params->len; i++) { + setChainADRS(addr, i); + gen_chain(pk+i*params->n, sig+i*params->n, basew[i], params->w-1-basew[i], params, pub_seed, addr); + } + free(basew); + return 0; +} +#endif /* WITH_XMSS */ diff --git a/xmss_wots.h b/xmss_wots.h new file mode 100644 index 000000000000..1eebf3b215df --- /dev/null +++ b/xmss_wots.h @@ -0,0 +1,64 @@ +#ifdef WITH_XMSS +/* $OpenBSD: xmss_wots.h,v 1.3 2018/02/26 12:14:53 dtucker Exp $ */ +/* +wots.h version 20160722 +Andreas Hülsing +Joost Rijneveld +Public domain. +*/ + +#ifndef WOTS_H +#define WOTS_H + +#ifdef HAVE_STDINT_H +#include "stdint.h" +#endif + +/** + * WOTS parameter set + * + * Meaning as defined in draft-irtf-cfrg-xmss-hash-based-signatures-02 + */ +typedef struct { + uint32_t len_1; + uint32_t len_2; + uint32_t len; + uint32_t n; + uint32_t w; + uint32_t log_w; + uint32_t keysize; +} wots_params; + +/** + * Set the WOTS parameters, + * only m, n, w are required as inputs, + * len, len_1, and len_2 are computed from those. + * + * Assumes w is a power of 2 + */ +void wots_set_params(wots_params *params, int n, int w); + +/** + * WOTS key generation. Takes a 32byte seed for the secret key, expands it to a full WOTS secret key and computes the corresponding public key. + * For this it takes the seed pub_seed which is used to generate bitmasks and hash keys and the address of this WOTS key pair addr + * + * params, must have been initialized before using wots_set params for params ! This is not done in this function + * + * Places the computed public key at address pk. + */ +void wots_pkgen(unsigned char *pk, const unsigned char *sk, const wots_params *params, const unsigned char *pub_seed, uint32_t addr[8]); + +/** + * Takes a m-byte message and the 32-byte seed for the secret key to compute a signature that is placed at "sig". + * + */ +int wots_sign(unsigned char *sig, const unsigned char *msg, const unsigned char *sk, const wots_params *params, const unsigned char *pub_seed, uint32_t addr[8]); + +/** + * Takes a WOTS signature, a m-byte message and computes a WOTS public key that it places at pk. + * + */ +int wots_pkFromSig(unsigned char *pk, const unsigned char *sig, const unsigned char *msg, const wots_params *params, const unsigned char *pub_seed, uint32_t addr[8]); + +#endif +#endif /* WITH_XMSS */